[elbe-devel] [PATCH v3 1/1] repomanager: add fallback, when reprepro fails to add dsc
Torben Hohn
torben.hohn at linutronix.de
Wed Nov 28 16:46:11 CET 2018
When a dsc is inserted into a repository the signature is verified.
The recently added gnupg2_2.1.18-8~deb9u3.dsc has a signature made
with EdDSA instead of RSA. This Algorithm is not supported by the
gnupg version used in jessie. This yields an error.
running cmd +reprepro --keepunreferencedfiles --export=never --basedir "/var/cache/elbe/7591259d-7f60-4318-867f-12cd4a6d164f/srcrepo" -C main -P normal -S misc includedsc stretch /var/cache/elbe/7591259d-7f60-4318-867f-12cd4a6d164f/chroot/var/cache/elbe/sources/gnupg2_2.1.18-8~deb9u3.dsc+
------------------------------------------------------------------------------
gpgme returned an general error verifing signature with '6C1F1EDECC50FA53' in '/var/cache/elbe/7591259d-7f60-4318-867f-12cd4a6d164f/chroot/var/cache/elbe/sources/gnupg2_2.1.18-8~deb9u3.dsc'!
Try running gpg --verify '/var/cache/elbe/7591259d-7f60-4318-867f-12cd4a6d164f/chroot/var/cache/elbe/sources/gnupg2_2.1.18-8~deb9u3.dsc' manually for hints what is happening.
If this does not print any errors, retry the command causing this message.
There have been errors!
------------------------------------------------------------------------------
Command failed with errorcode 251
Build failed
Traceback (most recent call last):
File "/var/cache/elbe/devel/elbepack/asyncworker.py", line 158, in execute
skip_pbuild=self.skip_pbuilder)
File "/var/cache/elbe/devel/elbepack/elbeproject.py", line 572, in build
self.build_cdroms(build_bin, build_sources, cdrom_size)
File "/var/cache/elbe/devel/elbepack/elbeproject.py", line 406, in build_cdroms
xml=self.xml)
File "/var/cache/elbe/devel/elbepack/cdroms.py", line 72, in mk_source_cdrom
repo.includedsc(dsc, force=True)
File "/var/cache/elbe/devel/elbepack/repomanager.py", line 282, in includedsc
self._includedsc(path, self.repo_attr.codename, component)
File "/var/cache/elbe/devel/elbepack/repomanager.py", line 269, in _includedsc
path)
File "/var/cache/elbe/devel/elbepack/asciidoclog.py", line 62, in do
raise CommandError(cmd, ret)
CommandError
This error results in a failure to build src-cdrom.iso.
Add fallback code, that at least copies the dsc file onto the cdrom.
Note that we check for the returncode 251 which is RET_ERROR_GPGME
in reprepro source.
This patch needs to be dropped again, once the initvm is upgraded
to stretch (or buster).
Signed-off-by: Torben Hohn <torben.hohn at linutronix.de>
Acked-by: Holger Dengler <dengler at linutronix.de>
---
elbepack/repomanager.py | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/elbepack/repomanager.py b/elbepack/repomanager.py
index da62259b..08c9fee5 100644
--- a/elbepack/repomanager.py
+++ b/elbepack/repomanager.py
@@ -272,7 +272,19 @@ class RepoBase(object):
try:
self._includedsc(path, self.repo_attr.codename, component)
except CommandError as ce:
- if force:
+ if ce.returncode == 251:
+ # 251 is -5 (RET_ERROR_GPGME in reprepro source)
+ #
+ # gnupg2_2.1.18-8~deb9u3.dsc is signed using EdDSA
+ # jessies gpg version does not support this.
+ # expect more packages signed with EdDSA soon.
+ #
+ # copy the dsc into the cdrom root,
+ # when reprepro fails to insert it.
+ self.log.printo('Unable to verify dsc "%s":' % path)
+ self.log.printo('unsupported signature algorithm')
+ self.log.do('cp -av "%s" "%s"' % (path, self.fs.path))
+ elif force:
# Including dsc did not work.
# Maybe we have the same Version with a
# different md5 already.
--
2.11.0
More information about the elbe-devel
mailing list