[elbe-devel] [PATCH v2] rfs: add key for local repository

Torben Hohn torben.hohn at linutronix.de
Fri Apr 5 10:15:14 CEST 2019



On Thu, Apr 04, 2019 at 05:12:14PM +0200, Torben Hohn wrote:
> On Thu, Apr 04, 2019 at 04:16:49PM +0200, Manuel Traut wrote:
> > 
> > there's still a bug in..
> > 
> > On 10:09 Thu 04 Apr     , Torben Hohn wrote:
> > > On Thu, Apr 04, 2019 at 09:33:49AM +0200, Manuel Traut wrote:
> > > > newer apt versions (like in stretch) verify the signature of copy
> > > > repositories.
> > > > 
> > > > Error Updating rpcaptcache: W:GPG error: copy:/repo stretch InRelease: The
> > > > following signatures couldn't be verified because the public key is not
> > > > available: NO_PUBKEY DCE4316BFFF45EAD, E:The repository 'copy:/repo stretch
> > > > InRelease' is not signed.
> > > > 
> > > > Therefore add the key while entering the chroot and remove it on exit.
> > > > 
> > > > Signed-off-by: Manuel Traut <manut at linutronix.de>
> > > 
> > > Reviewed-by: Torben Hohn <torben.hohn at linutronix.de>
> > > 
> > > > ---
> > > >  elbepack/rfs.py | 6 ++++++
> > > >  1 file changed, 6 insertions(+)
> > > > 
> > > > diff --git a/elbepack/rfs.py b/elbepack/rfs.py
> > > > index cb72aba0..cbe43c01 100644
> > > > --- a/elbepack/rfs.py
> > > > +++ b/elbepack/rfs.py
> > > > @@ -78,6 +78,10 @@ class BuildEnv (object):
> > > >                              self.xml.text("project/suite"), self.path))
> > > >          self.cdrom_mount()
> > > >          self.rfs.__enter__()
> > 
> > the repo is only moved if the pool directory exists. this only exists if there
> > are packages in the repo. so the following fails sometimes.
> > 
> > This should work
> > 
> > +        if os.path.exists(self.path + '/../repo/pool'):
> > +            self.log.chroot(self.rfs.path,
> > +                            'apt-key '
> > +                            '--keyring /etc/apt/trusted.gpg.d/elbe-localrepo.gpg '
> > +                            'add /repo/repo.pub')
> > 
> > can i keep your reviewed-by?
> 
> yup.

just a quick update... i have this diff here now:

---------------------------------------------------------------------------------
diff --git a/elbepack/rfs.py b/elbepack/rfs.py
index 942c3e45..6e7b7bc2 100644
--- a/elbepack/rfs.py
+++ b/elbepack/rfs.py
@@ -79,10 +79,11 @@ class BuildEnv (object):
                             self.xml.text("project/suite"), self.path))
         self.cdrom_mount()
         self.rfs.__enter__()
-        self.log.chroot(self.rfs.path,
-                        'apt-key '
-                        '--keyring /etc/apt/trusted.gpg.d/elbe-localrepo.gpg '
-                        'add /repo/repo.pub')
+        if self.rfs.exists('/repo/repo.pub'):
+            self.log.chroot(self.rfs.path,
+                            'apt-key '
+                            '--keyring /etc/apt/trusted.gpg.d/elbe-localrepo.gpg '
+                            'add /repo/repo.pub')
         return self

     def __exit__(self, typ, value, traceback):
@@ -91,7 +92,7 @@ class BuildEnv (object):
         if os.path.exists(self.path + '/repo'):
             self.log.do("mv %s/repo %s/../" % (self.path, self.path))
             self.log.do("rm %s/etc/apt/sources.list.d/local.list" % self.path)
-        self.log.do("rm %s/etc/apt/trusted.gpg.d/elbe-localrepo.gpg" %
+        self.log.do("rm -f %s/etc/apt/trusted.gpg.d/elbe-localrepo.gpg" %
                     self.path)

     def debootstrap(self, arch="default"):
-
---------------------------------------------------------------------------------
> 
> > 
> > > > +        self.log.chroot(self.rfs.path,
> > > > +                        'apt-key '
> > > > +                        '--keyring /etc/apt/trusted.gpg.d/elbe-localrepo.gpg '
> > > > +                        'add /repo/repo.pub')
> > > >          return self
> > > >  
> > > >      def __exit__(self, typ, value, traceback):
> > > > @@ -86,6 +90,8 @@ class BuildEnv (object):
> > > >          if os.path.exists(self.path + '/repo'):
> > > >              self.log.do("mv %s/repo %s/../" % (self.path, self.path))
> > > >              self.log.do("rm %s/etc/apt/sources.list.d/local.list" % self.path)
> > > > +        self.log.do("rm %s/etc/apt/trusted.gpg.d/elbe-localrepo.gpg" %
> > > > +                    self.path)

have you added the -f ?
otherwise it fails upon exit.

> > > >  
> > > >      def debootstrap(self):
> > > >  
> > > > -- 
> > > > 2.20.1
> > > > 
> > > 
> > > -- 
> > > Torben Hohn
> > > Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
> > > Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99
> > > 
> > > Hinweise zum Datenschutz finden Sie hier (Informations on data privacy 
> > > can be found here): https://linutronix.de/kontakt/Datenschutz.php
> > > 
> > > Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen | 
> > > Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700 
> > > 806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner
> > 
> > 
> 
> -- 
> Torben Hohn
> Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
> Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99
> 
> Hinweise zum Datenschutz finden Sie hier (Informations on data privacy 
> can be found here): https://linutronix.de/kontakt/Datenschutz.php
> 
> Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen | 
> Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700 
> 806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner



-- 
Torben Hohn
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99

Hinweise zum Datenschutz finden Sie hier (Informations on data privacy 
can be found here): https://linutronix.de/kontakt/Datenschutz.php

Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen | 
Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700 
806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.linutronix.de/pipermail/elbe-devel/attachments/20190405/ca9b38b8/attachment-0001.sig>


More information about the elbe-devel mailing list