Skip to content

Commit a2ed98c

Browse files
author
“sahmad154”
committed
Harden certs.sh: Add pre-check for update-ca-certificates
- Verify /usr/sbin/update-ca-certificates exists and is executable - Fail fast with clear error message if missing - Addresses TODO-4: Harden certs.sh with runtime validation
1 parent 5b552ff commit a2ed98c

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

native-platform/certs.sh

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,13 @@ set -e
2424
# Certificate setup for native-platform container
2525
##########################################################################
2626

27+
# Verify update-ca-certificates command is available
28+
if [ ! -x "/usr/sbin/update-ca-certificates" ]; then
29+
echo "[certs] ERROR: /usr/sbin/update-ca-certificates not found or not executable"
30+
echo "[certs] ca-certificates package may not be installed properly"
31+
exit 1
32+
fi
33+
2734
# Shared certificates base directory
2835
SHARED_CERTS_DIR="/mnt/L2_CONTAINER_SHARED_VOLUME/shared_certs"
2936
mkdir -p "$SHARED_CERTS_DIR"

0 commit comments

Comments
 (0)