diff options
| author | Scott Moser <smoser@ubuntu.com> | 2012-03-09 15:12:10 -0500 |
|---|---|---|
| committer | Scott Moser <smoser@ubuntu.com> | 2012-03-09 15:12:10 -0500 |
| commit | 0d4fedc1f7bccd15e12e5f2a3fc829ed16d22c57 (patch) | |
| tree | b318a81529e9778937064124f0016a30eb1dcabd /cloudinit/CloudConfig | |
| parent | bff1590def00c3f7653ce34267bbe88e645bd9c6 (diff) | |
| parent | 0334e553a80f48362e5f8fd3fd5bb2f43b2ca3ea (diff) | |
| download | vyos-cloud-init-0d4fedc1f7bccd15e12e5f2a3fc829ed16d22c57.tar.gz vyos-cloud-init-0d4fedc1f7bccd15e12e5f2a3fc829ed16d22c57.zip | |
If the user has chosen to remove default ca-certs, prevent package upgrade
of ca-certificates from adding new trusted certs.
Diffstat (limited to 'cloudinit/CloudConfig')
| -rw-r--r-- | cloudinit/CloudConfig/cc_ca_certs.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/cloudinit/CloudConfig/cc_ca_certs.py b/cloudinit/CloudConfig/cc_ca_certs.py index c18821f9..3af6238a 100644 --- a/cloudinit/CloudConfig/cc_ca_certs.py +++ b/cloudinit/CloudConfig/cc_ca_certs.py @@ -16,7 +16,7 @@ import os from subprocess import check_call from cloudinit.util import (write_file, get_cfg_option_list_or_str, - delete_dir_contents) + delete_dir_contents, subp) CA_CERT_PATH = "/usr/share/ca-certificates/" CA_CERT_FILENAME = "cloud-init-ca-certs.crt" @@ -54,6 +54,8 @@ def remove_default_ca_certs(): delete_dir_contents(CA_CERT_PATH) delete_dir_contents(CA_CERT_SYSTEM_PATH) write_file(CA_CERT_CONFIG, "", mode=0644) + debconf_sel = "ca-certificates ca-certificates/trust_new_crts select no" + subp(('debconf-set-selections', '-'), debconf_sel) def handle(_name, cfg, _cloud, log, _args): |