Univention Bugzilla – Bug 42016
Docker Apps should gain access to the host's certificate
Last modified: 2016-09-22 07:24:22 CEST
HostCertificateAccess=True should give a Docker App read-only access to /etc/univention/ssl/$dockerhost/.
Done via --volume parameter for the Docker container in univention-appcenter 5.0.22-4.209.201608170040 While installing, I get Join Computer Account: done mv: cannot move `/etc/univention/ssl/master50.dirk.singlemaster.intranet' to `/etc/univention/ssl_1608170031/master50.dirk.singlemaster.intranet': Device or resource busy mkdir: cannot create directory `/etc/univention/ssl': File exists Check TLS connection: done But this seems to be harmless.
OK - -> more meta-inf/4.1/dudle/dudle_20160201.ini | grep Ho HostCertificateAccess=True -> docker inspect $(ucr get appcenter/apps/dudle/container) "Volumes": { "/etc/univention/ssl/master.four.test": "/etc/univention/ssl/master.four.test", "/var/lib/univention-appcenter/apps/dudle/conf": "/var/lib/univention-appcenter/apps/dudle/conf", "/var/lib/univention-appcenter/apps/dudle/data": "/var/lib/univention-appcenter/apps/dudle/data" }, "VolumesRW": { "/etc/univention/ssl/master.four.test": false, "/var/lib/univention-appcenter/apps/dudle/conf": true, "/var/lib/univention-appcenter/apps/dudle/data": true } -> univention-app shell dudle openssl x509 -in /etc/univention/ssl/master.four.test/cert.pem -subject subject= /C=US/ST=DE/L=DE/O=home/OU=Univention Corporate Server/CN=master.four.test/emailAddress=ssl@four.test OK - YAML OK - merged to 4.2-0
<http://errata.software-univention.de/ucs/4.1/247.html>