From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6665315485307895808 X-Received: by 2002:adf:a390:: with SMTP id l16mr652806wrb.11.1551968710626; Thu, 07 Mar 2019 06:25:10 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:b458:: with SMTP id v24ls1230405wrd.2.gmail; Thu, 07 Mar 2019 06:25:10 -0800 (PST) X-Google-Smtp-Source: APXvYqxCcKCrGV1lP1fMBSXvNeqqyhB9f2gM63yu5ZMhvx7+8OFWT8Qm9Zjqe9JTJNntx+psK1h/ X-Received: by 2002:adf:8182:: with SMTP id 2mr628990wra.14.1551968710260; Thu, 07 Mar 2019 06:25:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551968710; cv=none; d=google.com; s=arc-20160816; b=n1ibqir6gygTmkzMznxI4a9mVSzQNLAIxp7mIbmItNcr6ooCBFHZ0uI4o2V47mxyNO p98Jduqk4dP9ccE+9+UB6EoJrA+qBGzvBJY3NyrDPaKHiBdcSO88eg7C8zdzDrpNOwlt 3NZQaPltXz0eHavPCQo/rC+9pGsyRpF1zbd0U7ooaBGDvMO/bBXp/O3bAxczk9RGVVgh J0GZ24QfD4XY5QtnbX/Q0B+pGJGVaxcOKpqHGoALBsDSbeq3BXCmFqn1TPhokpfsOgJ8 7ipD/fYUSz/BAQOkd8XujD65xYG2mcaVLkA4zR81KW0SWHWzX5Qp1IuO7O/EpzIYXn8w xu7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=vKD0aqJxATOkwDGJvp7mPX27XGMNDIm6kqSpmZvtnc0=; b=WzpqY2+NEmw3ArQWLloqL6uwEMeCKLvxkbO3k9Ue/PAp5agr+qHS32LfaPCRzKPXKI y8g7CTZ9M87pnLBh6WynW9vLKzU9O4x9xcFs0hiXmxojghcxlt2BRAMrJ/mcjcWpsESm KXCoxuhr69kNNX6N5TdF1Xj2m0ukPFKVpOnhUPE0v3p7WOPP6g++REjtXqBwI0lEBX9u CQJxRZ60J9A58vskjA1hTAivPs4i3TC20UQWxD0/wT9tqm48frjVrARd4/utXOgkhuAp 9oRoHWdEwLWyN6SuZt6tQtrnlLadAINKScl/IvLXCRIxN+FdtoPjLBwuHl5NLB/VBMku izGA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=andreas.reichel.ext@siemens.com Return-Path: Received: from david.siemens.de (david.siemens.de. [192.35.17.14]) by gmr-mx.google.com with ESMTPS id g10si194528wmk.1.2019.03.07.06.25.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Mar 2019 06:25:10 -0800 (PST) Received-SPF: pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.14 as permitted sender) client-ip=192.35.17.14; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of andreas.reichel.ext@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=andreas.reichel.ext@siemens.com Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by david.siemens.de (8.15.2/8.15.2) with ESMTPS id x27EP9r4023576 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 7 Mar 2019 15:25:09 +0100 Received: from localhost.localdomain (golem.ppmd.siemens.net [139.25.69.17]) by mail1.siemens.de (8.15.2/8.15.2) with ESMTP id x27EP9RF020333; Thu, 7 Mar 2019 15:25:09 +0100 From: "Andreas J. Reichel" To: isar-users@googlegroups.com Cc: Andreas Reichel Subject: [PATCH v4 0/6] Fixes usage of additional apt keys and repos Date: Thu, 7 Mar 2019 15:22:58 +0100 Message-Id: <20190307142304.14508-1-andreas.reichel.ext@siemens.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUID: vXYKOeTcHSZE From: Andreas Reichel Diff to v3: * Remove apt-get update in target root file systems, and use the isar-apt again as the only apt source, to support consistent target root file systems without intermediate updates. * Add the keyring in the right place (isar-bootstrap function in isar-bootstrap.inc, which needs Claudius' flock patch to fix the reversed double-ticks usage, which breaks everything * only add gnupg if we add apt-keys * better commit message for revert commit * include Claudius' patch to make it clear that it should be merged before * isar keyring file is specified in bitbake.conf, where it should be to be available to all image generation steps What this series does: Enable the user to really ADD bootstrap repos and keys without replacing existing ones. The existing keyring is not replaced but keys are added to /ect/apt/trusted.gpg.d/isar.gpg instead, where debootstrap and any apt call can find it. Furthermore, the code to add keys is simplified by removing duplicate code and not manually parsing URIs and guessing about download locations as well as not manually handling gpg and giving apt config overrides. It is much simpler by using `apt-key` and default apt keyring paths. The patch of Claudius is included here because it is not yet merged but required (fix of awful flock usage). Signed-off-by: Andreas Reichel Andreas Reichel (5): Revert "isar-bootstrap: Allow to set local keys in DISTRO_APT_KEYS" Remove duplicate code from apt-keyring generation Fix fetched key location in apt-keyring generator Use apt-key to generate apt-keyring If we use a custom keyring debootstrap may fall to https Claudius Heine (1): meta: refactored flock usage .../conf/multiconfig/qemuamd64-buster.conf | 1 - .../conf/multiconfig/qemuamd64-jessie.conf | 1 - meta/classes/buildchroot.bbclass | 6 +- meta/classes/isar-bootstrap-helper.bbclass | 2 + meta/classes/isar-image.bbclass | 1 + meta/classes/wic-img.bbclass | 6 +- meta/conf/bitbake.conf | 1 + .../isar-bootstrap/isar-bootstrap.inc | 76 +++++++++++++------ 8 files changed, 65 insertions(+), 29 deletions(-) -- 2.21.0