Fix post certificate command to be really executed

2025-06-13 10:22:28 +00:00
parent d3b372cbe6
commit 6f62b01886
1 changed files with 2 additions and 0 deletions
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -11,6 +11,8 @@ else
        chmod 700 /var/lib/certmonger/local
        eval "$RUN_CMD -n -c 'getcert add-scep-ca -c MyCA -u $SCEP_URL'"
        eval "$RUN_CMD -n -c 'getcert request -I Task -c MyCA -f \"$CONTAINER_CERT_FILE\" -k \"$CONTAINER_KEY_FILE\" -g $CERT_KEY_BITS -N $CERT_NAME $CERT_KEY_USAGE $CERT_ALT_NAMES -C \"/createCertChain.sh $CONTAINER_CERT_FILE $SCEP_URL $CONTAINER_CA_FILE $CONTAINER_FULLCHAIN_FILE \"'"
+        # Some bogus non-existen uid gets saved to execute the task command so fix it to root
+        sed -i s/^post_certsave_uid=.*$/post_certsave_uid=0/g /var/lib/certmonger/requests/*
 fi

 exec /usr/sbin/certmonger -L -P /var/run/certmonger.sock -n