From 1840a4fa017c839d5d2b41442965f193493d0ad4 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Tue, 19 May 2020 15:19:39 +0000 Subject: [PATCH] bsdinstall: do a `certctl rehash` upon installation of configuration If certctl is installed on the system we're configuring, do a certctl rehash. Note that certctl may not be present if the world we've installed was built either WITHOUT_OPENSSL or WITHOUT_CAROOT. In this scenario, we don't currently see if the host has a certctl as this may be an indication that the system *shouldn't* have certs installed into /etc/ssl. Reviewed by: allanjude, dteske MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D24640 --- usr.sbin/bsdinstall/scripts/config | 3 +++ 1 file changed, 3 insertions(+) diff --git a/usr.sbin/bsdinstall/scripts/config b/usr.sbin/bsdinstall/scripts/config index cdc307176ea3..5b3ef996251a 100755 --- a/usr.sbin/bsdinstall/scripts/config +++ b/usr.sbin/bsdinstall/scripts/config @@ -55,6 +55,9 @@ cp $BSDINSTALL_TMPBOOT/* $BSDINSTALL_CHROOT/boot # Set up other things from installed config chroot $BSDINSTALL_CHROOT /usr/bin/newaliases > /dev/null 2>&1 +if [ -x $BSDINSTALL_CHROOT/usr/sbin/certctl ]; then + chroot $BSDINSTALL_CHROOT /usr/sbin/certctl rehash +fi exit 0