Closed wadimklincov closed 2 years ago
Thanks for reporting.
This was happening because the first gpg-agent process was actually finished after the second supposed to be started.
Fixed in [PATCH] isar-bootstrap: Remove GNUPGHOME sharing
by making every gpg-agent working in separate dir:
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index b8af6760..08b1486b 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -331,23 +331,22 @@ do_bootstrap() {
mkdir -p "${ROOTFSDIR}/etc/apt/apt.conf.d"
install -v -m644 "${WORKDIR}/isar-apt.conf" \
"${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf"
- if [ -n "${@get_distro_needs_gpg_support(d)}" ]; then
+ find ${APT_KEYS_DIR}/ -type f | while read keyfile
+ do
MY_GPGHOME="$(chroot "${ROOTFSDIR}" mktemp -d /tmp/gpghomeXXXXXXXXXX)"
echo "Created temporary directory ${MY_GPGHOME} for gpg-agent"
export GNUPGHOME="${MY_GPGHOME}"
APT_KEY_APPEND="--homedir ${MY_GPGHOME}"
- fi
- find ${APT_KEYS_DIR}/ -type f | while read keyfile
- do
+
kfn="$(basename $keyfile)"
cp $keyfile "${ROOTFSDIR}/tmp/$kfn"
chroot "${ROOTFSDIR}" /usr/bin/gpg-agent --daemon -- /usr/bin/apt-key \
--keyring ${THIRD_PARTY_APT_KEYRING} ${APT_KEY_APPEND} add "/tmp/$kfn"
rm "${ROOTFSDIR}/tmp/$kfn"
- done
- if [ -n "${MY_GPGHOME}" ]; then
+
+ echo "Removing ${MY_GPGHOME}"
rm -rf "${ROOTFSDIR}${MY_GPGHOME}"
- fi
+ done
if [ "${@get_distro_suite(d)}" = "stretch" ] && [ "${@get_host_release().split('.')[0]}" -lt "4" ]; then
install -v -m644 "${WORKDIR}/isar-apt-fallback.conf" \
The fix was sent to isar-users maillist and will be merged after passing review.
Thanks a lot for the quick fix, it works!
Hi,
with the gpg-agent changes on
next
I'm unable complete thedo_bootstarp
function in theisar-bootstrap-target
task. With multiple keys defined inTHIRD_PARTY_APT_KEYS
, it fails because gpg-agent keeps running when adding multiple keys:It works only on one machine, but I assume it's because all apt-key operations are running quite slowly there.