git: e5ef12ccd01f - main - nuageinit: install certs in /usr/share/certs/trusted

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Baptiste Daroussin <bapt_at_FreeBSD.org>
Date: Sat, 06 Jun 2026 19:31:38 UTC
The branch main has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=e5ef12ccd01f8ec6c519bf2a56cac2808f78c51a

commit e5ef12ccd01f8ec6c519bf2a56cac2808f78c51a
Author:     Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2026-06-06 19:30:53 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2026-06-06 19:31:21 +0000

    nuageinit: install certs in /usr/share/certs/trusted
    
    Suggested by:   kevans
---
 libexec/nuageinit/nuageinit          | 2 +-
 libexec/nuageinit/nuageinit.7        | 2 +-
 libexec/nuageinit/tests/nuageinit.sh | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit
index 8e207cae0a15..9a0399ad4862 100755
--- a/libexec/nuageinit/nuageinit
+++ b/libexec/nuageinit/nuageinit
@@ -572,7 +572,7 @@ local function ca_certs(obj)
 	if obj.ca_certs == nil then return end
 	local trusted = obj.ca_certs.trusted
 	if trusted == nil or #trusted == 0 then return end
-	local certdir = root .. "/etc/ssl/certs"
+	local certdir = root .. "/usr/share/certs/trusted"
 	nuage.mkdir_p(certdir)
 	for i, cert in ipairs(trusted) do
 		local certpath = certdir .. "/nuageinit-" .. i .. ".pem"
diff --git a/libexec/nuageinit/nuageinit.7 b/libexec/nuageinit/nuageinit.7
index 0bd652ae4fd5..e1c4b9d61382 100644
--- a/libexec/nuageinit/nuageinit.7
+++ b/libexec/nuageinit/nuageinit.7
@@ -276,7 +276,7 @@ The following keys are recognized:
 .It trusted
 A list of PEM-encoded CA certificates to add to the system trust store.
 Certificates are written to
-.Pa /etc/ssl/certs/
+.Pa /usr/share/certs/trusted/
 and
 .Xr certctl 8
 rehash is executed.
diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh
index b225289718e6..798ac235e122 100644
--- a/libexec/nuageinit/tests/nuageinit.sh
+++ b/libexec/nuageinit/tests/nuageinit.sh
@@ -1275,8 +1275,8 @@ ca_certs:
       -----END CERTIFICATE-----
 EOF
 	atf_check -o empty /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2
-	atf_check -o match:"dGVzdGNlcnQx" cat etc/ssl/certs/nuageinit-1.pem
-	atf_check -o match:"dGVzdGNlcnQy" cat etc/ssl/certs/nuageinit-2.pem
+	atf_check -o match:"dGVzdGNlcnQx" cat usr/share/certs/trusted/nuageinit-1.pem
+	atf_check -o match:"dGVzdGNlcnQy" cat usr/share/certs/trusted/nuageinit-2.pem
 	true
 }