From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6771003123014041600 X-Received: by 2002:adf:f508:: with SMTP id q8mr30207524wro.334.1580226179887; Tue, 28 Jan 2020 07:42:59 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a5d:65d0:: with SMTP id e16ls9525551wrw.1.gmail; Tue, 28 Jan 2020 07:42:59 -0800 (PST) X-Google-Smtp-Source: APXvYqx2ft7pvjd2SMulrildkKNv1kx1AED+OsjIbfI2QcB8uHeYu4pGC8ASAna1Pv1NL+Pl8HGD X-Received: by 2002:a5d:538e:: with SMTP id d14mr30453367wrv.358.1580226179194; Tue, 28 Jan 2020 07:42:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580226179; cv=none; d=google.com; s=arc-20160816; b=FPdUaOtqPEpYpNoaqReNo4oZ7zx61MlHXwVXkZJCZcj8tBwVmZF0zx+HU9FXGcbGwk p2XxDvOLJxGFgtvoFVuvt1WOAKnPzPB+X5KxEFxhQagOgzqrQTXgCYmFtqzRzyYigBYw lIWSImcvzTmaanBy8UJvG/T7HHp8Mf4aTh6tvTwkfmRVmvUBsIKsw55jRX5cf/ej+BJS eNKJefa4r/aJNhgfnJrkSEdT8Zy+shbv361uEpmkaSEp3RyCDljAjluwXGGISbwWZMp1 vEiivWRBypmt9VvaCFHjNWt5ixnsfd7/DN1XPmZq57Oxu2j3wlWj4HBebPE19MwodREj NiSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oFwtn7MGiho8OZaRk5jLhnZxl/7SU4ipJRGZxGMWoAU=; b=ZwedfI2u3B41CCJ+l6ncfho6FTZlY+3fAbNgfoNkB7rbJY4Q4q0y4MnETwajTFap+G ig7kYAV1TqGxgNz5iV4JDAXUvx3Pv7ABwc6XW/Zi3RkVn+kAjdAl0N2fe9iE4tidioaY jZHBsYIgPjZZkDDMpeqHwHAFxmzNGaE9BPJol2HHwjjhM8GEcmzAhk6nN6CkhgN0U7h1 b1l7Q5OeC5rM/DX9RvpuTCjUTVj5cxpTkS7ooWcxPEObOi/Lx5A3KIO0CayNS4YEExGp rfcOzr7erDgPWSFTeHNgBYHNnNYpuhvD4REs/ZbPpxBovpMizvPpVfpZ6OdMOR/p0UCb qMiw== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=LvZhvapl; spf=pass (google.com: domain of vijaikumar.kanagarajan@gmail.com designates 2a00:1450:4864:20::331 as permitted sender) smtp.mailfrom=vijaikumar.kanagarajan@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com. [2a00:1450:4864:20::331]) by gmr-mx.google.com with ESMTPS id m2si146246wmi.3.2020.01.28.07.42.59 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 28 Jan 2020 07:42:59 -0800 (PST) Received-SPF: pass (google.com: domain of vijaikumar.kanagarajan@gmail.com designates 2a00:1450:4864:20::331 as permitted sender) client-ip=2a00:1450:4864:20::331; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=LvZhvapl; spf=pass (google.com: domain of vijaikumar.kanagarajan@gmail.com designates 2a00:1450:4864:20::331 as permitted sender) smtp.mailfrom=vijaikumar.kanagarajan@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: by mail-wm1-x331.google.com with SMTP id s144so2074503wme.1 for ; Tue, 28 Jan 2020 07:42:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=oFwtn7MGiho8OZaRk5jLhnZxl/7SU4ipJRGZxGMWoAU=; b=LvZhvaplRj0eyIuKPSrgOI7eJLynSokvRZlVg/+BHrck962LIm97T+vEW1zhZkjBQc e8rKSZ0Xp7g11dfM719ElUw8+WucSU4F+OBmt9EuLqYot4FR8rDI5ZlqsmjX+JSIIOwB 2vMyX7ygo8Rlvv4lL/fbtkG/oC2kymE7nLrwdgLqZkf5xhtLxmiJ4IFNvxpwH1sutswX J5Wyz9c7N0TXgWcabIVvfnvxLIpLGUeQDNCsXv+1RXBICet0/MbwSy+AdKsyNkCJNVxf ksOTdGCo7czawp12xXcYa8Pc9iGGZ6iq/Ayko7sLmsQ7kDVCZOw+ArATgDXJ4ZmRDqj7 uIdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=oFwtn7MGiho8OZaRk5jLhnZxl/7SU4ipJRGZxGMWoAU=; b=c38Rf2kNGPTUZS9vBPJvup4MMKyedsBTjteSEb2Fn0om8FNC27Ct0G1VPvdcyv/g6l OVA9m+M/SCJA6y42iIoP4hDg3JtCU9LMBP7ArZ3A3VipL9c5QvLX0VKhrrvbKOyHO3Yb p4byUoRxPXTKkq18WTt5pxGjAB0ziwv4+hG2JU5jggrk2sw2KSFqIPCGLNeB+LBCTy5e VJBSBaQYonLU6gYgKIEBalvHSlAeQWqkm0NN4yc8DGJMYXbZGKnHi1pQNrNtjKEzOCM8 h46ZE0Vw0IUhZ2oVJstnrnNsPfK6+0QbJFkwCxbKWT9GVEpaU9Qn23Tj4bPe8DWWVQOO tuRg== X-Gm-Message-State: APjAAAWOsGul15XLU7PxNP0gyVnOKnQiOXr7a24Ob+eb+ItHtP9Cqm0r N3+Z5utai1u8VRpdPMSkK9ZsThhBRLs= X-Received: by 2002:a05:600c:118a:: with SMTP id i10mr5910996wmf.142.1580226178243; Tue, 28 Jan 2020 07:42:58 -0800 (PST) Return-Path: Received: from oxygen.mgc.mentorg.com (nat-sch.mentorg.com. [139.181.36.34]) by smtp.gmail.com with ESMTPSA id u8sm3601200wmm.15.2020.01.28.07.42.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Jan 2020 07:42:57 -0800 (PST) From: Vijai Kumar K To: isar-users@googlegroups.com Cc: Henning Schild Subject: [PATCH v3 06/26] base-apt: do not skip gpg check when it is signed Date: Tue, 28 Jan 2020 21:11:53 +0530 Message-Id: <20200128154213.22353-7-vijaikumar.kanagarajan@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200128154213.22353-1-vijaikumar.kanagarajan@gmail.com> References: <20200128154312.337e61f6@md1za8fc.ad001.siemens.net> <20200128154213.22353-1-vijaikumar.kanagarajan@gmail.com> X-TUID: wAfvRhJBLRxN From: Henning Schild We used to have "trusted=yes" hardcoded even for a signed base-apt. Make that flag depend on whether it is signed and generate that file with two echos, it is simple enough. Signed-off-by: Henning Schild --- .../isar-bootstrap/files/base-apt-sources | 2 -- .../isar-bootstrap/isar-bootstrap.inc | 16 ++++++++-------- 2 files changed, 8 insertions(+), 10 deletions(-) delete mode 100644 meta/recipes-core/isar-bootstrap/files/base-apt-sources diff --git a/meta/recipes-core/isar-bootstrap/files/base-apt-sources b/meta/recipes-core/isar-bootstrap/files/base-apt-sources deleted file mode 100644 index 2a4ab2c..0000000 --- a/meta/recipes-core/isar-bootstrap/files/base-apt-sources +++ /dev/null @@ -1,2 +0,0 @@ -deb [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main -deb-src [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc index 5dd571e..cfcf7b8 100644 --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc @@ -12,8 +12,7 @@ SRC_URI = " \ file://isar-apt.conf \ file://isar-apt-fallback.conf \ file://locale \ - file://chroot-setup.sh \ - file://base-apt-sources" + file://chroot-setup.sh" PV = "1.0" DEBOOTSTRAP ?= "qemu-debootstrap" @@ -21,7 +20,6 @@ ROOTFSDIR = "${WORKDIR}/rootfs" APTPREFS = "${WORKDIR}/apt-preferences" APTSRCS = "${WORKDIR}/apt-sources" APTSRCS_INIT = "${WORKDIR}/apt-sources-init" -BASEAPTSRCS = "${WORKDIR}/base-apt-sources" DISTRO_BOOTSTRAP_KEYFILES = "" THIRD_PARTY_APT_KEYFILES = "" DEPLOY_ISAR_BOOTSTRAP ?= "" @@ -266,13 +264,15 @@ isar_bootstrap() { "${ROOTFSDIR}/etc/apt/preferences.d/bootstrap" mkdir -p "${ROOTFSDIR}/etc/apt/sources.list.d" if [ "${ISAR_USE_CACHED_BASE_REPO}" = "1" ]; then - sed -e "s#{BASE_DISTRO}#"${BASE_DISTRO}"#g" \ - -e "s#{BASE_DISTRO_CODENAME}#"${BASE_DISTRO_CODENAME}"#g" \ - -i ${BASEAPTSRCS} + line="file:///base-apt/${BASE_DISTRO} ${BASE_DISTRO_CODENAME} main" + if [ -z "${BASE_REPO_KEY}" ]; then + line="[trusted=yes] ${line}" + fi + echo "deb ${line}" > "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list" + echo "deb-src ${line}" >> "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list" + mkdir -p ${ROOTFSDIR}/base-apt sudo mount --bind ${REPO_BASE_DIR} ${ROOTFSDIR}/base-apt - install -v -m644 "${BASEAPTSRCS}" \ - "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list" else install -v -m644 "${APTSRCS}" \ "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list" -- 2.17.1