From 4633498a4b3b17be23870e6c3406da4016ed6901 Mon Sep 17 00:00:00 2001
From: jbjohnso <jbjohnso@8638fb3e-16cb-4fca-ae20-7b5d299a9bcd>
Date: Tue, 27 Nov 2012 19:24:48 +0000
Subject: [PATCH] Provide a hook for TLS cert delivery by updates.img.

Note this is of little use in a PXE environment today, as MITM to the initrd or ipxe subverts all of this.
This however is interesting for secure boot environments and remote media boot strap to provide an unbroken trust chain

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/branches/2.7@14442 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
---
 xCAT-server/share/xcat/install/scripts/pre.rh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/xCAT-server/share/xcat/install/scripts/pre.rh b/xCAT-server/share/xcat/install/scripts/pre.rh
index fa1889dac..7ad041b47 100644
--- a/xCAT-server/share/xcat/install/scripts/pre.rh
+++ b/xCAT-server/share/xcat/install/scripts/pre.rh
@@ -9,6 +9,10 @@ do
 done
 chmod 644 /dev/vcs*
 chown root /dev/vcs*
+if [ -r /tmp/updates/etc/pki/tls/certs/ca-bundle.crt ]; then
+        cp -f /tmp/updates/etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/
+fi
+
 
 cat >/tmp/foo.py <<EOF
 #!/usr/bin/python