From c5d8ed538a68f79e1adc11030e64da5ecdd64def Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Thu, 21 Mar 2019 10:45:37 +0200 Subject: [PATCH] haproxy/certmonger: use container_cli to trigger HUP signal We were using pkill, which would fail due to SELinux. Using the container cli would be a better option. It's also more portable. Change-Id: I6bf92bc1e74797d9132ae595af8929e67d439f43 Closes-Bug: #1821149 --- files/certmonger-haproxy-refresh.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/certmonger-haproxy-refresh.sh b/files/certmonger-haproxy-refresh.sh index d1d8e693d..34e3a4e97 100644 --- a/files/certmonger-haproxy-refresh.sh +++ b/files/certmonger-haproxy-refresh.sh @@ -43,7 +43,7 @@ if [ "$ACTION" == "reload" ]; then $container_cli exec "$haproxy_container_name" chown haproxy:haproxy "$service_pem" # Trigger a reload for HAProxy to read the new certificates - pkill -f -HUP haproxy-systemd-wrapper + $container_cli kill --signal HUP "$haproxy_container_name" elif [ "$ACTION" == "restart" ]; then # Copying the certificate and permissions will be handled by kolla's start # script.