update.sh: Fixes bug#13138 - root/host certificate set fails to be created

- The fix applied in vpnmain.cgi only adds the unique_subject = yes to the index.txt.attr
   file after the first time that the root/host certificates are attempted to be created.
- Without this line in update.sh, the first attempt to create the root/host certificate set
   will still have the original error code. If the creation is attempted again then it will
   work because the unique_subject = yes will have then been added into the file.
- This patch ensures that the first attempt to create a root/host certificate set in CU175
   will work.
- Confirmed on vm testbed with freshly updated CU175.

Fixes: Bug#13138
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/rootfiles/core/175/update.sh b/config/rootfiles/core/175/update.sh
index 82676bc72304667c44e7c41e13852c49ab6d4fb3..f1c6873c1b231eb84e57fcb5966833a1c2f7712c 100644 (file)
--- a/config/rootfiles/core/175/update.sh
+++ b/config/rootfiles/core/175/update.sh
@@ -191,6 +191,9 @@ if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
        done
 fi
 
+## Add unique_subject = yes to vpn index.txt.attr file
+echo "unique_subject = yes" > /var/ipfire/certs/index.txt.attr
+
 # This update needs a reboot...
 touch /var/run/need_reboot