Re: [PATCH v4 1/5] implement isar-bootstrap using debootstrap

public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed

From: Claudius Heine <ch@denx.de>
To: Alexander Smirnov <asmirnov@ilbers.de>,
	claudius.heine.ext@siemens.com,  isar-users@googlegroups.com
Subject: Re: [PATCH v4 1/5] implement isar-bootstrap using debootstrap
Date: Wed, 14 Mar 2018 17:13:08 +0100	[thread overview]
Message-ID: <1521043988.16621.158.camel@denx.de> (raw)
In-Reply-To: <a3049335-55c1-d1cf-ef2f-c9ed5afc4cd7@ilbers.de>

[-- Attachment #1: Type: text/plain, Size: 4519 bytes --]

On Wed, 2018-03-14 at 17:35 +0300, Alexander Smirnov wrote:
> On 03/14/2018 05:26 PM, Claudius Heine wrote:
> > > > +
> > > > +do_generate_keyring[stamp-extra-info] = "${DISTRO}-
> > > > ${DISTRO_ARCH}"
> > > > +do_generate_keyring[dirs] = "${WORKDIR}"
> > > > +do_generate_keyring[vardeps] += "DISTRO_APT_KEYS"
> > > > +do_generate_keyring() {
> > > > +    if [ -n "${@d.getVar("APTKEYFILES", True) or ""}" ]; then
> > > > +        for keyfile in ${@d.getVar("APTKEYFILES", True)}; do
> > > > +           gpg --no-default-keyring --keyring "${APTKEYRING}"
> > > > --
> > > > import "$keyfile"
> > > 
> > > This code touches my private "~/.gnupg" folder's content, what is
> > > not
> > > desirable behavior. Isar should touch files *only* in "build/tmp"
> > > folder.
> > 
> > Are you sure?
> > 
> > $ find .gnupg -type f | sort | xargs b2sum > gpgsums.a
> > $ gpg --no-default-keyring --keyring  ./test1.db --import
> > raspbian.public.key
> > gpg: enabled debug flags: memstat
> > gpg: keybox './test1.db' created
> > gpg: key 9165938D90FDDD2E: public key "Mike Thompson (Raspberry Pi
> > Debian armhf ARMv6+VFP) <mpthompson@gmail.com>" imported
> > gpg: Total number processed: 1
> > gpg:               imported: 1
> > gpg: keydb: handles=3 locks=2 parse=2 get=2
> > gpg:        build=1 update=0 insert=1 delete=0
> > gpg:        reset=1 found=2 not=2 cache=0 not=0
> > gpg: kid_not_found_cache: count=0 peak=0 flushes=0
> > gpg: sig_cache: total=6 cached=4 good=4 bad=0
> > gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
> >                outmix=0 getlvl1=0/0 getlvl2=0/0
> > gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
> > gpg: secmem usage: 0/32768 bytes in 0 blocks
> > $ find .gnupg -type f | sort | xargs b2sum > gpgsums.b
> > $ diff -u gpgsums.a gpgsums.b
> > [no output]
> > 
> > I could add the '--homedir' parameter, but normally it shouldn't
> > use it
> > because I manually select a different keyring.
> 
> For now I have two facts:
> 
> 1. Our Jenkins server has no home folder for build user, and I have
> the 
> following error message:
> 
> NOTE: Running task 46 of 424 
> (multiconfig:rpi-
> jessie:/workspace/git/isar_asmirnov_devel/meta/recipes-core/isar-
> bootstrap/isar-bootstrap.bb:do_generate_keyring)
> NOTE: recipe isar-bootstrap-1.0-r0: task do_generate_keyring: Started
> ERROR: mc:rpi-jessie:isar-bootstrap-1.0-r0 do_generate_keyring:
> Function 
> failed: do_generate_keyring (log file is located at 
> /workspace/build/isar_asmirnov_devel/21/aa2f5faf35816611d0320ec1b615d
> dfc06886ea5/tmp/work/raspbian-jessie-armhf/isar-
> bootstrap/temp/log.do_generate_keyring.25480)
> ERROR: Logfile of failure stored in: 
> /workspace/build/isar_asmirnov_devel/21/aa2f5faf35816611d0320ec1b615d
> dfc06886ea5/tmp/work/raspbian-jessie-armhf/isar-
> bootstrap/temp/log.do_generate_keyring.25480
> Log data follows:
> > DEBUG: Executing shell function do_generate_keyring
> > gpg: fatal: can't create directory `/root/.gnupg': Permission
> > denied
> > secmem usage: 0/0 bytes in 0/0 blocks of pool 0/65536
> > WARNING: exit code 2 from a shell command.
> > ERROR: Function failed: do_generate_keyring (log file is located
> > at 
> 
> /workspace/build/isar_asmirnov_devel/21/aa2f5faf35816611d0320ec1b615d
> dfc06886ea5/tmp/work/raspbian-jessie-armhf/isar-
> bootstrap/temp/log.do_generate_keyring.25480)
> NOTE: recipe isar-bootstrap-1.0-r0: task do_generate_keyring: Failed
> ERROR: Task 
> (multiconfig:rpi-
> jessie:/workspace/git/isar_asmirnov_devel/meta/recipes-core/isar-
> bootstrap/isar-bootstrap.bb:do_generate_keyring) 
> failed with exit code '1'
> 
> So the default HOMEDIR is /root and it tries to create something in
> it.
> 
> 2. After building on my local machine, timestamp of files in
> ~/.gnugpg 
> folder are updated.
> 
> I could be wrong, but with --homedir, the second problem was gone.

Ok, then it looks like gpg modifies the metadata of the directory. If
that is easy to fix with the additional parameter, then I will do it on
the next version of this patchset.

Claudius

-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-54 Fax: (+49)-8142-66989-80 Email: ch@denx.de

            PGP key: 6FF2 E59F 00C6 BC28 31D8 64C1 1173 CB19 9808 B153
                              Keyserver: hkp://pool.sks-keyservers.net

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next prev parent reply	other threads:[~2018-03-14 16:13 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-07 16:44 [PATCH v4 0/5] Debootstrap integration claudius.heine.ext
2018-03-07 16:44 ` [PATCH v4 1/5] implement isar-bootstrap using debootstrap claudius.heine.ext
2018-03-08  7:53   ` Claudius Heine
2018-03-14  8:56   ` Alexander Smirnov
2018-03-14  9:52     ` Claudius Heine
2018-03-14 10:38       ` Alexander Smirnov
2018-03-14 14:14         ` Claudius Heine
2018-03-14 14:25           ` Alexander Smirnov
2018-03-14 18:53             ` Jan Kiszka
2018-03-15  8:05               ` Claudius Heine
2018-03-15  8:58                 ` Alexander Smirnov
2018-03-15 22:07                   ` Claudius Heine
2018-03-16  5:49                     ` Alexander Smirnov
2018-03-28  6:00                       ` Jan Kiszka
2018-03-14 14:04   ` Alexander Smirnov
2018-03-14 14:26     ` Claudius Heine
2018-03-14 14:35       ` Alexander Smirnov
2018-03-14 16:13         ` Claudius Heine [this message]
2018-03-07 16:44 ` [PATCH v4 2/5] meta/isar-bootstrap-helper.bbclass: handle rfs customization centrally claudius.heine.ext
2018-03-07 16:44 ` [PATCH v4 3/5] meta/buildchroot: switch to using isar-bootstrap claudius.heine.ext
2018-03-08  8:18   ` Claudius Heine
2018-03-07 16:44 ` [PATCH v4 4/5] meta-isar/isar-image-base: " claudius.heine.ext
2018-03-07 16:44 ` [PATCH v4 5/5] meta-isar/multiconfig: remove multistrap references claudius.heine.ext
2018-03-07 19:51 ` [PATCH v4 0/5] Debootstrap integration Jan Kiszka
2018-03-08  6:06   ` Jan Kiszka
2018-03-08  8:14     ` Claudius Heine
2018-03-09 14:22       ` Jan Kiszka

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1521043988.16621.158.camel@denx.de \
    --to=ch@denx.de \
    --cc=asmirnov@ilbers.de \
    --cc=claudius.heine.ext@siemens.com \
    --cc=isar-users@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox