From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6662700470316826624 X-Received: by 2002:a1c:7910:: with SMTP id l16mr304381wme.8.1551280838301; Wed, 27 Feb 2019 07:20:38 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a1c:6503:: with SMTP id z3ls257021wmb.2.canary-gmail; Wed, 27 Feb 2019 07:20:37 -0800 (PST) X-Google-Smtp-Source: APXvYqxj8WBVKo3rrWI0gZCwEzjW6EOcmV04RI6bTPV1xybURvT7JdZ3JgbU9/+NqTR73+t9wIwy X-Received: by 2002:a1c:c00d:: with SMTP id q13mr313443wmf.5.1551280837896; Wed, 27 Feb 2019 07:20:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551280837; cv=none; d=google.com; s=arc-20160816; b=xsOZMqCzpPE09GARk+SUw7Kp4Nl8GujgqBHWMc2ZhivTspO1NZQOuh6Zhu4h04HMUk 9vDYbVCk+fz189/j41SFXk6HZ1KsxpmckJ7i1G73RE5kYygm0I1ms3hIlRtJOyphf/Sv xnPs7DXTfrTI1LthxhUpK/S/o5u/B5Cl1aSrs9oP6Y1cjJcvuVBH/TjMxCrDAMnzsX7y 2Y+eanzkGc7xtOG+znbe53iwqsPZ3bKpUhuwWg8+2rwWPtEeddVFSneoJswPMaFICnZQ 0LNMA/QjoWQTblBKIJAvfdGVYFK8Z8tVXMp1HDfJb6e3XbJg+Ha5j123bwBEwAGSOcT9 lw7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=c7nyWJdIzIX1smvDB8mlGSlZsmii+snE1mQSkMTJgS8=; b=ySUiVtS8FF8PDgZ5kcY4FgtDoV9QlQKxMk/hXc61xRiqhzWNANNjokTUi8q0DjL61I Fr1dtK+cCbopPONTpss3RXLkRgsEVFJDZwnjRg1E1PZf7SZSjMhuj55yeXCmaMnBFRG1 waFC5eyk+lc5TD6oY9gvj/mgu2XUgZIPeEnfU9724Jhd2V5ZVqcAyxxQN5Yv+jHU1Mh6 znrNgPQv1mu+jN/7HIV/KQZmJxsW8F0pjJArDCOohvYp3PR3NF25cdFhOyp9pAteNUKy 1FMkZERwjO1v/AhWzDEiWANFNZLUpnS+ZJC139u9Og273U3jz4dDYGVNbDZt9KtjTxSG 8e6A== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=andreas.reichel.ext@siemens.com Return-Path: Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id c24si116177wml.0.2019.02.27.07.20.37 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Feb 2019 07:20:37 -0800 (PST) Received-SPF: pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=andreas.reichel.ext@siemens.com Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id x1RFKbmq010114 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 27 Feb 2019 16:20:37 +0100 Received: from localhost.localdomain (golem.ppmd.siemens.net [139.25.69.17]) by mail1.siemens.de (8.15.2/8.15.2) with ESMTP id x1RFKbHH000863; Wed, 27 Feb 2019 16:20:37 +0100 From: "Andreas J. Reichel" To: isar-users@googlegroups.com Cc: Andreas Reichel Subject: [PATCH v2 0/3] Fixes usage of additional apt keys Date: Wed, 27 Feb 2019 16:18:53 +0100 Message-Id: <20190227151856.11594-1-andreas.reichel.ext@siemens.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUID: HniIQv4k7AH2 From: Andreas Reichel If the user does not want to replace the bootstrap source together with the key, additional keys did not work. This is solved by not replacing the keyring but to add keys to /ect/apt/trusted.gpg.d/isar.gpg, where debootstrap and any apt call can find it. Furthermore, the code to add keys is simplified a lot by not manually parsing URIs and guessing about download locations as well as not manually handling gpg and giving apt config overrides. It is much simpler by using `apt-key` and default apt keyring paths. Furthermore, apt-get must not use a given single source list which was used from debootstrapping. Otherwise, additional packages are always unauthenticated, which is a quite misleading error. Instead, apt-get should use all source lists available in the built root. Signed-off-by: Andreas Reichel Andreas Reichel (3): Fix and simplify apt keyring generation Use all source lists in target root apt Separate apt-key entries from default keyring meta/classes/isar-bootstrap-helper.bbclass | 17 ++++++-- meta/classes/isar-image.bbclass | 1 + .../isar-bootstrap/isar-bootstrap-host.bb | 2 +- .../isar-bootstrap/isar-bootstrap.inc | 39 +++++++++---------- 4 files changed, 33 insertions(+), 26 deletions(-) -- 2.21.0