From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 7003745943754375168
X-Received: by 2002:a2e:910f:: with SMTP id m15mr3534150ljg.275.1630686683428;
        Fri, 03 Sep 2021 09:31:23 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:ac2:55b7:: with SMTP id y23ls495570lfg.1.gmail; Fri, 03 Sep
 2021 09:31:22 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxKEBJxNAQ/Gq2V5S73v68Gm5PqHhcXfOdWrcROSGOpuUz1wxTw7BU6122SWL2mYLlCg/WA
X-Received: by 2002:ac2:4e08:: with SMTP id e8mr3387663lfr.244.1630686682415;
        Fri, 03 Sep 2021 09:31:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1630686682; cv=none;
        d=google.com; s=arc-20160816;
        b=AHZeQBFAaxwEvJryVs6rvxnpeq7J8IOsUXNoS2uI8P8TmzGekOBbyVS3xR6NOq8Vta
         i/x5heNPGpVjc7QC7wjX4XLqQxwZTw8XHv8ujDhPVLEroLKYTdEFhgWG23bCE0UAUHVL
         3JK8g1JY8tIxAngb9PMroEyIVX84oRjGm1uBCUqpVeQLb8SyrQFt87lWiEs6JqDyPkvG
         528PpjMM0Ph0/KlyN1Nm7Z8ZqE7s0AWwbWRp/mchTwaLSOtDrsGc4SLT/2R6WeeYnIem
         DscT7N2/QVJiUZudhH1OpE3Sfg1HarM30oBJyilkseaWFd4l0AhOuZLSZ3F7mlbo0g7j
         +AyA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from;
        bh=xSCOyf90YT1jySLwDi4lkT6PX/y/mDbG8YQx8vtXrVg=;
        b=Yh/GIES3ArkCLYx9AczmyXlzaavZF+NyoOFsjeU4RIYfV62wdiPTbTa9053CQ88SXN
         fMgPwmx7fflSWQB1JQN8lrZpZKlo65hlRDAgTk1uN2UBmd2mfA2A9ms0zShASr1IyqF/
         psE1GdyJRk2JSxpr210Fi8Qq3KaK5+rUi1awSSuHQ0sTVAC57HBaU9z7ZFqnuXqJgeLb
         HyJkZvYOx0Nz9/BV8yUuvSBScs2dQ+o5tzu2i+wjZExW7KB8uurvzRlhroS4hvl2FAar
         HTqaFsgAbsSnghYGqf7vOnmYz57TgqskafvQjFzM+8XFOv8ioaAhecGc3tJYVg93dKKq
         wqXg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de
Return-Path: <amikan@ilbers.de>
Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166])
        by gmr-mx.google.com with ESMTPS id z26si200006lfu.6.2021.09.03.09.31.22
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
        Fri, 03 Sep 2021 09:31:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de
Received: from localhost.localdomain (mm-70-70-214-37.mgts.dynamic.pppoe.byfly.by [37.214.70.70] (may be forged))
	(authenticated bits=0)
	by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPSA id 183GVC0t001961
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Fri, 3 Sep 2021 18:31:19 +0200
From: Anton Mikanovich <amikan@ilbers.de>
To: isar-users@googlegroups.com
Cc: Anton Mikanovich <amikan@ilbers.de>
Subject: [PATCH 2/2] isar-bootstrap: Do not let gpg-agent to stay running
Date: Fri,  3 Sep 2021 19:31:05 +0300
Message-Id: <20210903163105.54003-3-amikan@ilbers.de>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20210903163105.54003-1-amikan@ilbers.de>
References: <20210903163105.54003-1-amikan@ilbers.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUID: TdAZ4jUChtmR

If running gpg-agent as a daemon we make it to run apt-key as a child
of gpg-agent. After the finish of apt-key parent gpg-agent will be also
finished in that mode.
This will allow us not to control start-stop of gpg-agent (which was
actually broken before this commit) and get rid of any possible issues
caused by left gpg-agent processes.

Signed-off-by: Anton Mikanovich <amikan@ilbers.de>
---
 meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index e87c091..5f87f10 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -335,20 +335,18 @@ do_bootstrap() {
             MY_GPGHOME="$(chroot "${ROOTFSDIR}" mktemp -d /tmp/gpghomeXXXXXXXXXX)"
             echo "Created temporary directory ${MY_GPGHOME} for gpg-agent"
             export GNUPGHOME="${MY_GPGHOME}"
-            chroot "${ROOTFSDIR}" gpg-agent --daemon
             APT_KEY_APPEND="--homedir ${MY_GPGHOME}"
         fi
         find ${APT_KEYS_DIR}/ -type f | while read keyfile
         do
             kfn="$(basename $keyfile)"
             cp $keyfile "${ROOTFSDIR}/tmp/$kfn"
-            chroot "${ROOTFSDIR}" /usr/bin/apt-key \
+            chroot "${ROOTFSDIR}" /usr/bin/gpg-agent --daemon -- /usr/bin/apt-key \
                 --keyring ${THIRD_PARTY_APT_KEYRING} ${APT_KEY_APPEND} add "/tmp/$kfn"
             rm "${ROOTFSDIR}/tmp/$kfn"
         done
-        if [ -d "${MY_GPGHOME}" ]; then
-            echo "Killing gpg-agent for ${MY_GPGHOME}"
-            chroot "${ROOTFSDIR}" gpgconf --kill gpg-agent && /bin/rm -rf "${MY_GPGHOME}"
+        if [ "${@get_distro_needs_gpg_support(d)}" = "gnupg" -a -d "${ROOTFSDIR}${MY_GPGHOME}" ]; then
+            rm -rf "${ROOTFSDIR}${MY_GPGHOME}"
         fi
 
         if [ "${@get_distro_suite(d)}" = "stretch" ] && [ "${@get_host_release().split('.')[0]}" -lt "4" ]; then
-- 
2.25.1