From patchwork Tue Jan 19 01:20:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Mikanovich X-Patchwork-Id: 275 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:b386:0:0:0:0:0 with SMTP id p6csp3152260ooo; Tue, 19 Jan 2021 03:20:13 -0800 (PST) X-Received: by 2002:a1c:23c9:: with SMTP id j192mr3561142wmj.176.1611055213071; Tue, 19 Jan 2021 03:20:13 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1611055213; cv=pass; d=google.com; s=arc-20160816; b=r18FLg2j3Exg1D77qXbgMRsroKlgh4jG/sB/U4wRGhnbwBsBwCdrrI618lXGCLeJu+ 7vHVgLu+XmHxgn4v1eHNeDVFObsM8s3DDEubxnzN+Z9La7VGVlBbDiMtUxMFoH8AnuNx KNUKuVDY9/cVkk/MSelOQpCUoyzVrFwkcJ6378DLjOsNpBldUvBF1x1gcuF2sAfPSfnh sikPqsk/gEc5JvtFeSRv3AqstU65y1VLa81zMV/41CHJQ/8axrSiLZXFZhF6Dql3nW+H AF9pJpYHFqqvDxN1duTE+hEq/dD5G5Yvu7lXkKvR/m00+vr3aPy0PCSWXuEQl4JasMlD D5mA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:message-id:date :subject:cc:to:from:sender:dkim-signature; bh=0WXwk3Ghf++p7Z22KJ+6xUBNJiB1k+CxLfpwNrQHI2g=; b=nDQYUdwewm+OtcbavxTNeh7bPUECXiMoTR/VP95lgCf4zjCHyeHixYDidGuFqCMLgc /o8i4IGCW29N38ID2iXmoZ8eBfkrCtpcr9HrCITRda/nwBz/Q2jW8vLXm+oUP2mR3e+A cUZvMPnnK5xSltGNCkxYsQJN1LOcsuSGDSxVe0hQFnbkt0/FyxT6yN9+Wr35fdHLszJg PWqyGAZKxwIhOtaRU1FpufG/qU7uBh/K7IE0pz69/OYgnI14f2CGp0t1x+Ofuygz4irl SWk6mrAFgHru2MT4XLsW0idYRJDz7bLf3zwGm0oxmLYstLLUBua1WNerC/flqFk2aXC8 ipRw== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b="b54nK5/u"; arc=pass (i=2 spf=pass spfdomain=ilbers.de); spf=pass (google.com: domain of isar-users+bncbchiponzwecrb24atoaamgqeivyxgby@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCHIPONZWECRB24ATOAAMGQEIVYXGBY@googlegroups.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id x10sor9364394wrr.33.2021.01.19.03.20.12 (Google Transport Security); Tue, 19 Jan 2021 03:20:13 -0800 (PST) Received-SPF: pass (google.com: domain of isar-users+bncbchiponzwecrb24atoaamgqeivyxgby@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b="b54nK5/u"; arc=pass (i=2 spf=pass spfdomain=ilbers.de); spf=pass (google.com: domain of isar-users+bncbchiponzwecrb24atoaamgqeivyxgby@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCHIPONZWECRB24ATOAAMGQEIVYXGBY@googlegroups.com ARC-Seal: i=2; a=rsa-sha256; t=1611055212; cv=pass; d=google.com; s=arc-20160816; b=oFLEVZb19ggQQF3exIjBMd9SklG2g314VqZnaJ72/FwxRVqCTarUO0kHjVnzIQF+Ju ABDJfvFioxQ82L8grN7fsbI2w+moEYyAG4HWQe3Z+kpT7SP3aaegkDUYbYbo+Of1LGWg RxJP+zjI4IwHFFVKNNfcXZNiSqDMi0yFqi5OHSdqg+o1HhdqRpUg5ahlObqtdeklfl5P l6bkuTDsG60plYWzlSAiB9eFQlnwCXIPQflveHLtNuKcL0m5zx4RmBkHXdzn9dNHVItA 7RoitVGeNUHtmJBPwOm6CcyaJeGkyA6gundGucL01t4elrIpwTYcb7IlHXtBZfXq9fMM 9AEg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:message-id:date :subject:cc:to:from:sender:dkim-signature; bh=0WXwk3Ghf++p7Z22KJ+6xUBNJiB1k+CxLfpwNrQHI2g=; b=xx8WbW2Xc3AnLUbzJJiHak7NYMJasktSd+U0hdy10K+b90sS/9tyjkRDk5WDUZNETj rx72CkyucWJVg9oWGZJ8jrL3uzGcP+jKKmtY7lqfifynAbiobkZXPFmb9HkcbutFrkHV eOcSuAzwD2SiBmmUrV8DMM6ySKoj39L5J4Os4FU8WZkk/gPnOOVYbTBDuA/VWZW5U8Mr UiJqWxRb6P3UyzwVUv9lCL0api6suceALWjGixjN06otxb1q7lQAEyZ7qPAH8M+BR7Sh HeulBiAS0nbI6LT3kYdrc2GT7LQ9EOL07yDS1F/gR0CBNjH8rLbHajddDf1QRNf781I8 bx+Q== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:mime-version :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=0WXwk3Ghf++p7Z22KJ+6xUBNJiB1k+CxLfpwNrQHI2g=; b=b54nK5/uepyfFb3mWHKLc+xbEoKn6xifLFIvmloHYuNJdQ+iZLMN1blRr6ArwXLnGE GMLcIve+zOnaxY8AFmDWv2ZUnu2UpbGNQfQ9xd8CedHSnbdQwBCNeBb7ZOSjRufaC+/C kVlXqO/7lqJbelbEAxJT1URG8m57yjNNrfbpQpDEn5gDyLq944rYUFJowSRnjH7ME3p7 OKpNX179p8uQsp7mDC0iGgaa7EFZK4kCh+PsUmBkua1IkZo8zuu3ZL7Sm9i9cKrQcAIx 6FoEpsdTx/wQ9LylvXMLrhYvhXCqPL6KV8txLQjgjub12mqyYk9cNrtpcANAlYYy8FMv EpDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:cc:subject:date:message-id :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:x-spam-checked-in-group:list-post :list-help:list-archive:list-subscribe:list-unsubscribe; bh=0WXwk3Ghf++p7Z22KJ+6xUBNJiB1k+CxLfpwNrQHI2g=; b=M2MOBugu47ml0WX9oE/Qp/JergV1AloIIJbuBvb9eeLvWdQK3fTQlQzE9AFxbDMzD/ dkE3ktLQv1yeZiRWLb2L+01dy+I73QNA0IyTeHa3FDwGtVlxbZj63LTuSlsW/sdDPEOE j2Nyp3WWJWtb8L8ERSF8ZeVZet+e+Uh6ot5yIPnw9v7yJJrtd+M6jQr5VaLvg5fQULdv HEvcPBjD3z7XFO8s5Vh344TukzdgBB3/i6w/H4xi3oUMT7Wr5JNZoGPMjncmJ13LwxUJ Yil/UyqHGBI37m8xmNEslmLeb/mTSm2jav9NGdAL0yd/5KsEw+WAd2sPNgNKGVP7iKgW JmGQ== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM530svBmMPJgrD7WE0LS1f5GSmzLnJdr2OjFTeWQ4mjc7OLJGJKu+ O5tbpDEMJgeMYE0Dv93JksI= X-Google-Smtp-Source: ABdhPJxx6X017vL14fWd0ZjMY7+mZoqonUQLOlbmU621I5ldPl0Xl30miActZDEgPfy375SyANxjiw== X-Received: by 2002:adf:ba8b:: with SMTP id p11mr3863772wrg.328.1611055212143; Tue, 19 Jan 2021 03:20:12 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:e608:: with SMTP id p8ls12645627wrm.2.gmail; Tue, 19 Jan 2021 03:20:11 -0800 (PST) X-Received: by 2002:a5d:4d03:: with SMTP id z3mr3851596wrt.280.1611055211270; Tue, 19 Jan 2021 03:20:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611055211; cv=none; d=google.com; s=arc-20160816; b=Q+MTrWJHcqUVCqPtPDw9lYPY7jefFRjM1K8GMlUJBV+vw6ShpJs5xga6u1DUDZJn63 qS4koC0dsISNX+6K659UjQDm6tSiKeJgSk8cv1PRpPFE4KI45q4LesksSYJ+zBOYEbXh 1x4te67BoRT1o9Q31TicvCmS1NnE9GXUFlX//9whI1KSbmCoaS7dGQ8USKLaU+eXLhmZ HEK6w48f62mBa+sLTFmhuoPpS5Dsp0FPi16PUJT6+cQ0PNN+Vo4mFreQZJCFZ3ztAIxP olpmZj0XNRzbohw3db+wihEu+CzGeWEgXB4wQPj7Muff1xPst74fuRcZShDYOCBV8U+p LfpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=li+96ruyzoOEgpeY2qIxEo+tvUqGoinoviYlfmnyVDY=; b=yC/zNoRQuSYmrq+0Z8njo/1BtMGQpPPfXOaFZqNAunXgaZwgDakARXPXx4h5pXkE3Z ry6YYCih2DJteiRB7YyB16QdTKFjj9bQ+0YGw5sOO23P80jwfAW95d5ePyiBgcV5WfMf +MroEhBl/2W10JDVzQlNQjjF24LlOr8XZGfEvZhf0Omiml+1ESpZP+rz3ZFanGc/2dZC lF5NAWZyytzAs8qgHV8NGMfYXkBrS89CG+K3PRQ3DJye6hPkyuKPtrGKa1WngUT5fTx3 tkGoR4XdBUjklV+bGF5iNvB5TSdjHCupZyj9qhUHA7raxnTx0sF/6HjnUFwNjFtMIG8/ +sDw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id 7si796417wrp.3.2021.01.19.03.20.11 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 19 Jan 2021 03:20:11 -0800 (PST) Received-SPF: pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Received: from localhost.localdomain (mm-235-54-214-37.mgts.dynamic.pppoe.byfly.by [37.214.54.235] (may be forged)) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPSA id 10JBKA1L014140 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 19 Jan 2021 12:20:10 +0100 From: Anton Mikanovich To: isar-users@googlegroups.com Cc: Yuri Adamov , Anton Mikanovich Subject: [PATCH v2] isar-bootstrap: Run gpg-agent before starting apt-key Date: Tue, 19 Jan 2021 14:20:01 +0300 Message-Id: <20210119112001.11651-1-amikan@ilbers.de> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-Original-Sender: amikan@ilbers.de X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1689313831447432330?= X-GMAIL-MSGID: =?utf-8?q?1689313831447432330?= From: Yuri Adamov Building rpi-stretch natively (under qemu) sometimes fails with: gpg: can't connect to the agent: IPC connect call failed gpg starts gpg-agent and times out after 5 s. This value is hard-coded. Besides, leaving running gpg-agent processes is not clean and prevents unmounting of filesystems. This patch starts and stops the agent manually. gnupg now appended to package list unconditionally because gpg-agent is used in every isar_bootstrap run. Signed-off-by: Yuri Adamov Signed-off-by: Anton Mikanovich --- Changes since v1: - Removed unnecessary sleeping. - Removed -9 in kill. - Commented unconditionally gnupg package append. - Removed unused OVERRIDES_append and get_distro_needs_gpg_support(). --- .../isar-bootstrap/isar-bootstrap.inc | 22 +++++++++---------- 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc index 8f5f727..751980f 100644 --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc @@ -24,7 +24,7 @@ DISTRO_BOOTSTRAP_KEYFILES = "" THIRD_PARTY_APT_KEYFILES = "" DEPLOY_ISAR_BOOTSTRAP ?= "" DISTRO_BOOTSTRAP_BASE_PACKAGES = "locales" -DISTRO_BOOTSTRAP_BASE_PACKAGES_append_gnupg = ",gnupg" +DISTRO_BOOTSTRAP_BASE_PACKAGES_append = ",gnupg" DISTRO_BOOTSTRAP_BASE_PACKAGES_append_https-support = "${@https_support(d)}" inherit deb-dl-dir @@ -175,16 +175,6 @@ def get_distro_needs_https_support(d, is_host=False): else: return "" -def get_distro_needs_gpg_support(d): - apt_keys = d.getVar("DISTRO_BOOTSTRAP_KEYS") or "" - apt_keys += " " + (d.getVar("THIRD_PARTY_APT_KEYS") or "") - apt_keys += " " + (d.getVar("BASE_REPO_KEY") or "") - if apt_keys != " ": - return "gnupg" - return "" - -OVERRIDES_append = ":${@get_distro_needs_gpg_support(d)}" - def get_distro_source(d, is_host): return get_distro_primary_source_entry(d, is_host)[0] @@ -309,14 +299,22 @@ isar_bootstrap() { mkdir -p "${ROOTFSDIR}/etc/apt/apt.conf.d" install -v -m644 "${WORKDIR}/isar-apt.conf" \ "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf" + MY_GPGHOME=$(chroot "${ROOTFSDIR}" mktemp -d /tmp/gpghomeXXXXXXXXXX) + echo "Created temporary directory ${MY_GPGHOME} for gpg-agent" + chroot "${ROOTFSDIR}" gpg-agent --homedir "${MY_GPGHOME}" --daemon find ${APT_KEYS_DIR}/ -type f | while read keyfile do kfn="$(basename $keyfile)" cp $keyfile "${ROOTFSDIR}/tmp/$kfn" chroot "${ROOTFSDIR}" /usr/bin/apt-key \ - --keyring ${THIRD_PARTY_APT_KEYRING} add "/tmp/$kfn" + --keyring ${THIRD_PARTY_APT_KEYRING} \ + --homedir ${MY_GPGHOME} add "/tmp/$kfn" rm "${ROOTFSDIR}/tmp/$kfn" done + GPG_AGENT_PID=$(ps -aux | grep "gpg-agent.*${MY_GPGHOME}" | grep -v grep | awk '{print $2}') + echo "Killing gpg-agent with pid $GPG_AGENT_PID" + /bin/kill ${GPG_AGENT_PID} + chroot "${ROOTFSDIR}" /bin/rm -rf "${MY_GPGHOME}" if [ "${@get_distro_suite(d, True)}" = "stretch" ] && [ "${@get_host_release().split('.')[0]}" -lt "4" ]; then install -v -m644 "${WORKDIR}/isar-apt-fallback.conf" \