From patchwork Wed Dec 16 05:53:30 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Baurzhan Ismagulov <ibr@radix50.net>
X-Patchwork-Id: 263
Return-Path: <isar-users+bncBDUZ3AGJYYHBB7G25D7AKGQEPZZISEQ@googlegroups.com>
Delivered-To: ilbers.mnt@gmail.com
Received: by 2002:a4a:b386:0:0:0:0:0 with SMTP id p6csp395151ooo;
	Wed, 16 Dec 2020 07:53:33 -0800 (PST)
X-Received: by 2002:a5d:4d4f:: with SMTP id
	a15mr38857126wru.315.1608134013130;
	Wed, 16 Dec 2020 07:53:33 -0800 (PST)
ARC-Seal: i=3; a=rsa-sha256; t=1608134013; cv=pass;
	d=google.com; s=arc-20160816;
	b=tJBk4Ef9RYL2KB2gpI/gd8RTi3A909mJ6Y5PGcy/UtGVZHykC/ZtLiQsQO46hXNGaa
	hFjnXo/dgbDhm89E9E6b5/MUCd2GbbPW+CeBO5gqsrcI7xmR0UUcG1L9eLPjVkjmHf4B
	SMAd6W8Kd9VmB7n/Q5DkKEoC+4+ozhgw2wmUvL8GyE17zvvPH8ySgqR7BDSIS1h2ErZb
	t7/uWULv0Y3DFj9o327sZP0D2E84a/V4PEfPyeVZqKu6xtV5wKSPFbDbH8MbxiLv+q+n
	iBFW79N+2eihwG+/4KaGdz0ngyv9uq46rEC2ShfgC1Yrzz44e8SJQo21awzF5WhKgOly
	ImcQ==
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:mime-version:references:in-reply-to
	:message-id:date:subject:to:from:sender:dkim-signature;
	bh=vLnxvhOI806gNYQHqzh8Rrs6VzED52EaiPi0midvwgg=;
	b=qEw5NJ/aHXscJUCYyG8F00SxDr198YUwThGDih3BBo+5mi40XnI+TBCicdvrDYcEVE
	bhz56xuXG6Vv1c3/Rd6j8J91yiUI30CH53BtTMdkHyRAdWTlo6DCz09WwLsxizLTi4kN
	f78RH/NP1Y1QWoLOdUympUeNsQOpNAGHr3+Wi9JQJl65h4DsTuQF9/8fUId0jAZqpAOc
	BX/HG1qwUCqzw8xkoDXSGtbceggIrHREs63Vqt33HXZpy1TP6WRjZ28oAcsmTySsh3aQ
	257ni/FfusNc/0Ut56dqtiVKSZqz+LJQXI9h7INHMNvX9LFddEO+iEaaUj0tPY/E7qjM
	O2/A==
ARC-Authentication-Results: i=3; mx.google.com;
	dkim=pass header.i=@googlegroups.com header.s=20161025
	header.b=il90xrXI; arc=pass (i=2);
	spf=pass (google.com: domain of
	isar-users+bncbduz3agjyyhbb7g25d7akgqepzziseq@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	smtp.mailfrom=isar-users+bncBDUZ3AGJYYHBB7G25D7AKGQEPZZISEQ@googlegroups.com
Received: from mail-sor-f55.google.com (mail-sor-f55.google.com.
	[209.85.220.55]) by mx.google.com with SMTPS id
	203sor1338480wme.25.2020.12.16.07.53.32
	(Google Transport Security); Wed, 16 Dec 2020 07:53:33 -0800 (PST)
Received-SPF: pass (google.com: domain of
	isar-users+bncbduz3agjyyhbb7g25d7akgqepzziseq@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	client-ip=209.85.220.55;
Authentication-Results: mx.google.com;
	dkim=pass header.i=@googlegroups.com header.s=20161025
	header.b=il90xrXI; arc=pass (i=2);
	spf=pass (google.com: domain of
	isar-users+bncbduz3agjyyhbb7g25d7akgqepzziseq@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	smtp.mailfrom=isar-users+bncBDUZ3AGJYYHBB7G25D7AKGQEPZZISEQ@googlegroups.com
ARC-Seal: i=2; a=rsa-sha256; t=1608134012; cv=pass;
	d=google.com; s=arc-20160816;
	b=xnsF+W5rXAw2PpU88nGOewXFOViYSLgCLfyYT3d240T0Is5IdwBwx4wVGuqYFglK7k
	7A1HXmCL3rbQTpIEVM5HLNsBLYydX9+VKKcp3YW5/FQ41h19OPXRp/1XI3xQJVVJC+wB
	9IFRIzSSeYHtKKh5gasN3ujpLZ9LP4BXlX0cf72gW5K0C1MlTOry1HabSXXNcD2F0bjs
	vx8qxTRLr9Bm6u7D0un6l12wDvjwhY8NkI8a8IsqKJAh+w+L94mWPKhipsmmbfglxg0D
	UuwymvzJbnv/hfQvKGJGMvlQ41FC/xJEOQ39y8s2H6B0ZA5jeS8SrZy6VhLaz5MgTRhi
	TLrQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:mime-version:references:in-reply-to
	:message-id:date:subject:to:from:sender:dkim-signature;
	bh=vLnxvhOI806gNYQHqzh8Rrs6VzED52EaiPi0midvwgg=;
	b=JM8ZmCteWqKA0MTQeo7RpBjc7P9Cd1utF6paYvoQu8eB8oqD8MVJPjsGUA+ufbkbpP
	A5lMbkRBZz6dwCN/w95AuZTLeu8ZM1qR/yx1DcUrw7OmAdXMbBhdBMkAwMe4uGnyi8rw
	+vPS2qm5zwUdRfDqtaXBwH79y9ANrojnWtDJJJsiKLauaoSyPBkNwFgVJdyJ2n+BWPZz
	ZKfZ2kXIIVPtL8+nKqIf2ZDO2Ddg9XBJ3TajNf+5Bmts1StxuXhivgxDJFksPatkNmY2
	Nz5CObljkgsukf18/kXGwZgCw638/h7gmoYyfdMaO3dZqW5/RxArPwqK5VTZcbXDh8zG
	xJSw==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
	spf=neutral (google.com: 85.214.156.166 is neither permitted nor
	denied by best guess record for domain of ibr@radix50.net)
	smtp.mailfrom=ibr@radix50.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlegroups.com; s=20161025;
	h=sender:from:to:subject:date:message-id:in-reply-to:references
	:mime-version:x-original-sender:x-original-authentication-results
	:precedence:mailing-list:list-id:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=vLnxvhOI806gNYQHqzh8Rrs6VzED52EaiPi0midvwgg=;
	b=il90xrXIzNMNaNTS39NM2kYKDa4Kv9nDbgq7GpTox4sGcpuJQ/LIhds9Z9dXgBjaSy
	Jkar11NNICkz66gNYM8V4zKaxRaoAh3qXuxOUdqy5TfcWNS5mL8E/haIjVrLKCwyVUnc
	BIcnUxvYTkfEs4WbWyrIkEpFuTz0bCOMXM37664vHinYgqVIzSMnO0VYH289t/hwu2rC
	NfWRf77g1y5AsG/V7Z6ezMkTzbf4HVahJHknJEaTm6GQX3OkGlOr03OhaQ4b04AZix2/
	fuk4s3+hHZIpi4ZUVsuIONsG/2nk798RlHrpqsux+8XkgwkuJHpS+lCFg+EAhZYQKeX/
	7BhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=sender:x-gm-message-state:from:to:subject:date:message-id
	:in-reply-to:references:mime-version:x-original-sender
	:x-original-authentication-results:precedence:mailing-list:list-id
	:x-spam-checked-in-group:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=vLnxvhOI806gNYQHqzh8Rrs6VzED52EaiPi0midvwgg=;
	b=Ip6lgNSYO6bPTcV0dtDf3l1F9yxX9yY61ge3VaVoTLd75qPdCs8GZx1f3YzmWalqEA
	AP3o5GYRdunmEheC30QdWfUVqKzuIaNsnhiTTuhJpSHCJoXZzHBAG9kVFaB9l2GMSu2o
	Mlvz3EvhsfAf8u8T/6HcjQkqiGBExSx0S29l2kJRG5WpvcOaHmFl1SWec2ZQCeKbQR5x
	krxmd/CAO2t67SRHWCUDgIEM1LL3kDvI8XIadOZ8itpABXWHsgn1DyU8N1ovuH+6VpkA
	TC6WY8e0jriURSwP52p5ODZizgmKnOKHql23FOyyTJZTeecem0qyWftWCzEtAX5Z//nJ
	T+mg==
Sender: isar-users@googlegroups.com
X-Gm-Message-State: AOAM53005hS9QGvRWq8BfopFSgR26cKp/XMf0p3va+M4n7yWx6bKCMaK
	Yu3j6PnNWdHnqm25jPhuW00=
X-Google-Smtp-Source: 
 ABdhPJwLSx6FzlNbQb1UZzQ6wociewNqd3FPOoBpOLWhi8doYHGStv93FADl3iONRGPlGXML6EHo8g==
X-Received: by 2002:a1c:3b85:: with SMTP id
	i127mr4159204wma.150.1608134012423;
	Wed, 16 Dec 2020 07:53:32 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:adf:eb0e:: with SMTP id s14ls11425130wrn.2.gmail; Wed, 16
	Dec 2020 07:53:31 -0800 (PST)
X-Received: by 2002:a05:6000:124e:: with SMTP id
	j14mr33115189wrx.310.1608134011575;
	Wed, 16 Dec 2020 07:53:31 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1608134011; cv=none;
	d=google.com; s=arc-20160816;
	b=AHUUrV2S6AWr1b+fL2DwgaydsGKLQQc0onrHKFhB8xOQRu6Pk0ce2guLibFKBhn3aL
	472ulP6zP8rdRx0XnZ99XKjTXaI5pvfEnXsmlAT7jfN7bKZP0ZdrLvhlyzDN6jSBst7M
	WbQjJB8MKs38aCiiUSRrRx9Vpfgd+Q7J4DWwdeBKXZJ0zrVZhUOHZD5zViSdZlVRoj8R
	QHQLSl2EbMPrpPkq3Dxnsp/TFl62YD0zaWY/XPkE57/kKZmKkfJLl+PX4zfsq0LMb0R1
	HHvizKPVkehgGZTaMyhalx+N7ifU5JKY+JXItE7IEjobNYXZ5doKxDQx11b408Px1AVU
	5weg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=content-transfer-encoding:mime-version:references:in-reply-to
	:message-id:date:subject:to:from;
	bh=k/mJKxECter8Clj5OYZ09NrBbp5BR01bu+VNo+6pVqs=;
	b=NQ76SfEivG6QGpZhwSzz6IdODIMTifPu1S7Iw4DD4bum7VSAb0hlXpybr1jCbTtLtA
	hVugRiltsa1rNfRYlOnMFejxqecIvgK1JPmHs4/5LyQvip310i6GEAYLy91Kf1vN59GW
	L8XDPCt0VLyIH/8KN6LBNS55HdW0kDF+1UO+pVge7RWv2mB4SG0/xRYJHeLu2Yr7Okxs
	r/O2IWGeePbwXS543548vDXkvEDQdvxWn+TzHkhx2mgyGjJTlkkXRmwpFgaEVfgEXtZ/
	7sOzmF5UnyItlTQR9jcTUOiOwMJbbyyY8hPJpIzjB7OFClziNcMDqHY1JX1wCOdLgYe7
	njAg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
	spf=neutral (google.com: 85.214.156.166 is neither permitted nor
	denied by best guess record for domain of ibr@radix50.net)
	smtp.mailfrom=ibr@radix50.net
Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166])
	by gmr-mx.google.com with ESMTPS id
	x12si228454wmk.1.2020.12.16.07.53.31
	for <isar-users@googlegroups.com>
	(version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
	Wed, 16 Dec 2020 07:53:31 -0800 (PST)
Received-SPF: neutral (google.com: 85.214.156.166 is neither permitted nor
	denied by best guess record for domain of ibr@radix50.net)
	client-ip=85.214.156.166;
Received: from yssyq.m.ilbers.de
	(host-80-81-17-52.static.customer.m-online.net [80.81.17.52])
	(authenticated bits=0)
	by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPSA id
	0BGFrU1V022103
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
	verify=NOT)
	for <isar-users@googlegroups.com>; Wed, 16 Dec 2020 16:53:30 +0100
Received: from yssyq.m.ilbers.de (localhost [127.0.0.1])
	by yssyq.m.ilbers.de (8.15.2/8.15.2/Debian-14~deb10u1) with ESMTPS id
	0BGFrUmn028391
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT)
	for <isar-users@googlegroups.com>; Wed, 16 Dec 2020 16:53:30 +0100
Received: (from ibr@localhost)
	by yssyq.m.ilbers.de (8.15.2/8.15.2/Submit) id 0BGFrUCo028390
	for isar-users@googlegroups.com; Wed, 16 Dec 2020 16:53:30 +0100
From: Baurzhan Ismagulov <ibr@radix50.net>
To: isar-users@googlegroups.com
Subject: [PATCH v1] isar-bootstrap: Run gpg-agent before starting apt-key
Date: Wed, 16 Dec 2020 16:53:30 +0100
Message-Id: <20201216155330.28348-1-ibr@radix50.net>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <72ce3a90-0772-c8a4-f233-1b887c636a9d@siemens.com>
References: <72ce3a90-0772-c8a4-f233-1b887c636a9d@siemens.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
	autolearn=unavailable autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de
X-Original-Sender: ibr@radix50.net
X-Original-Authentication-Results: gmr-mx.google.com;       spf=neutral
	(google.com: 85.214.156.166 is neither permitted nor denied by best
	guess
	record for domain of ibr@radix50.net) smtp.mailfrom=ibr@radix50.net
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
	contact isar-users+owners@googlegroups.com
List-ID: <isar-users.googlegroups.com>
X-Spam-Checked-In-Group: isar-users@googlegroups.com
X-Google-Group-Id: 914930254986
List-Post: <https://groups.google.com/group/isar-users/post>,
	<mailto:isar-users@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
	<mailto:isar-users+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/isar-users
List-Subscribe: <https://groups.google.com/group/isar-users/subscribe>,
	<mailto:isar-users+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+914930254986+unsubscribe@googlegroups.com>,
	<https://groups.google.com/group/isar-users/subscribe>
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1686250731152260557?=
X-GMAIL-MSGID: =?utf-8?q?1686250731152260557?=

From: Yuri Adamov <yadamov@ilbers.de>

Building rpi-stretch natively (under qemu) sometimes fails with:

gpg: can't connect to the agent: IPC connect call failed

gpg starts gpg-agent and times out after 5 s. This value is hard-coded.

Besides, leaving running gpg-agent processes is not clean and prevents
unmounting of filesystems.

This patch starts and stops the agent manually.

Signed-off-by: Yuri Adamov <yadamov@ilbers.de>
---

Notes:
    * Submitting WIP for preview, as cleaning up will require testing time.
    * Remove sleeping.
    * Remove -9 in kill.
    * Maybe check if starting the agent is necessary.
    * Remove OVERRIDES_append and get_distro_needs_gpg_support() if unused.

 .../recipes-core/isar-bootstrap/isar-bootstrap.inc | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index 4925a45d..74569e5d 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -24,7 +24,7 @@ DISTRO_BOOTSTRAP_KEYFILES = ""
 THIRD_PARTY_APT_KEYFILES = ""
 DEPLOY_ISAR_BOOTSTRAP ?= ""
 DISTRO_BOOTSTRAP_BASE_PACKAGES = "locales"
-DISTRO_BOOTSTRAP_BASE_PACKAGES_append_gnupg = ",gnupg"
+DISTRO_BOOTSTRAP_BASE_PACKAGES_append = ",gnupg"
 DISTRO_BOOTSTRAP_BASE_PACKAGES_append_https-support = "${@https_support(d)}"
 
 inherit deb-dl-dir
@@ -307,14 +307,24 @@ isar_bootstrap() {
             mkdir -p "${ROOTFSDIR}/etc/apt/apt.conf.d"
             install -v -m644 "${WORKDIR}/isar-apt.conf" \
                              "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf"
+            MY_GPGHOME=$(chroot "${ROOTFSDIR}" mktemp -d /tmp/gpghomeXXXXXXXXXX)
+            echo "Created temporary directory ${MY_GPGHOME} for gpg-agent"
+            chroot "${ROOTFSDIR}" gpg-agent --homedir "${MY_GPGHOME}" --daemon
             find ${APT_KEYS_DIR}/ -type f | while read keyfile
             do
                 kfn="$(basename $keyfile)"
                 cp $keyfile "${ROOTFSDIR}/tmp/$kfn"
                 chroot "${ROOTFSDIR}" /usr/bin/apt-key \
-                   --keyring ${THIRD_PARTY_APT_KEYRING} add "/tmp/$kfn"
+                    --keyring ${THIRD_PARTY_APT_KEYRING} \
+                    --homedir ${MY_GPGHOME} add "/tmp/$kfn"
                 rm "${ROOTFSDIR}/tmp/$kfn"
             done
+            sleep 4
+            GPG_AGENT_PID=$(ps -aux | grep "gpg-agent.*${MY_GPGHOME}" | grep -v grep | awk  '{print $2}')
+            echo "Killing gpg-agent with pid $GPG_AGENT_PID"
+            /bin/kill -9 ${GPG_AGENT_PID}
+            sleep 4
+            chroot "${ROOTFSDIR}" /bin/rm -rf "${MY_GPGHOME}"
 
             if [ "${@get_distro_suite(d, True)}" = "stretch" ] && [ "${@get_host_release().split('.')[0]}" -lt "4" ]; then
                 install -v -m644 "${WORKDIR}/isar-apt-fallback.conf" \