[elbe-devel] [PATCH v3] rfs: add key for local and cdrom repository
Torben Hohn
torben.hohn at linutronix.de
Fri Apr 5 16:09:47 CEST 2019
On Fri, Apr 05, 2019 at 04:02:41PM +0200, Manuel Traut wrote:
> newer apt versions (like in stretch) verify the signature of copy
> repositories.
>
> Error Updating rpcaptcache: W:GPG error: copy:/repo stretch InRelease: The
> following signatures couldn't be verified because the public key is not
> available: NO_PUBKEY DCE4316BFFF45EAD, E:The repository 'copy:/repo stretch
> InRelease' is not signed.
>
> Therefore add the key of the localrepo and cdrom while entering the chroot and
> remove it on exit.
>
> The keys are only added/removed if the cdrom is available or the localrepo
> contains packages.
>
> Signed-off-by: Manuel Traut <manut at linutronix.de>
not using self.rfs.exists()
basically any use of os.path.join() for rfs access is wrong.
anyways. we are under pressure. its just ugly.
Acked-by: Torben Hohn <torben.hohn at linutronix.de>
> ---
>
> changes since v2:
> * conditional copy/removal of key
> * also copy/remove keys of cdrom if available
>
> elbepack/rfs.py | 23 +++++++++++++++++++++++
> 1 file changed, 23 insertions(+)
>
> diff --git a/elbepack/rfs.py b/elbepack/rfs.py
> index cb72aba0..b55919a7 100644
> --- a/elbepack/rfs.py
> +++ b/elbepack/rfs.py
> @@ -59,6 +59,10 @@ class BuildEnv (object):
> if self.xml.prj.has("mirror/cdrom"):
> cdrompath = self.rfs.fname("cdrom")
> self.log.do('umount "%s"' % cdrompath)
> + self.log.do("rm %s/etc/apt/trusted.gpg.d/elbe-cdrepo.gpg" %
> + self.path)
> + self.log.do("rm %s/etc/apt/trusted.gpg.d/elbe-cdtargetrepo.gpg" %
> + self.path)
>
> def cdrom_mount(self):
> if self.xml.has("project/mirror/cdrom"):
> @@ -76,8 +80,25 @@ class BuildEnv (object):
> self.log.do('echo "deb-src copy:///repo %s main" >> '
> '%s/etc/apt/sources.list.d/local.list' % (
> self.xml.text("project/suite"), self.path))
> +
> self.cdrom_mount()
> self.rfs.__enter__()
> +
> + if self.xml.has("project/mirror/cdrom"):
> + self.log.chroot(self.rfs.path,
> + 'apt-key '
> + '--keyring /etc/apt/trusted.gpg.d/elbe-cdrepo.gpg '
> + 'add /cdrom/repo.pub')
> + self.log.chroot(self.rfs.path,
> + 'apt-key '
> + '--keyring /etc/apt/trusted.gpg.d/elbe-cdtargetrepo.gpg '
> + 'add /cdrom/targetrepo/repo.pub')
> +
> + if os.path.exists(os.path.join(self.rfs.path, 'repo/pool')):
> + self.log.chroot(self.rfs.path,
> + 'apt-key '
> + '--keyring /etc/apt/trusted.gpg.d/elbe-localrepo.gpg '
> + 'add /repo/repo.pub')
> return self
>
> def __exit__(self, typ, value, traceback):
> @@ -86,6 +107,8 @@ class BuildEnv (object):
> if os.path.exists(self.path + '/repo'):
> self.log.do("mv %s/repo %s/../" % (self.path, self.path))
> self.log.do("rm %s/etc/apt/sources.list.d/local.list" % self.path)
> + self.log.do("rm %s/etc/apt/trusted.gpg.d/elbe-localrepo.gpg" %
> + self.path)
>
> def debootstrap(self):
>
> --
> 2.20.1
>
--
Torben Hohn
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99
Hinweise zum Datenschutz finden Sie hier (Informations on data privacy
can be found here): https://linutronix.de/kontakt/Datenschutz.php
Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen |
Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700
806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.linutronix.de/pipermail/elbe-devel/attachments/20190405/07afcd27/attachment.sig>
More information about the elbe-devel
mailing list