From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7003745943754375168 X-Received: by 2002:a05:6512:3f08:: with SMTP id y8mr8739243lfa.190.1631543492101; Mon, 13 Sep 2021 07:31:32 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:3b88:: with SMTP id g8ls362154lfv.1.gmail; Mon, 13 Sep 2021 07:31:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwkf85uO1UUjxG2LAamkmH7Gr3i8jnjljR9VjL35PCEeMqNi1q/ZTQwSkmmmxZm5SjSsiEk X-Received: by 2002:a05:6512:1195:: with SMTP id g21mr8978912lfr.213.1631543491014; Mon, 13 Sep 2021 07:31:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631543491; cv=none; d=google.com; s=arc-20160816; b=SGaH/6KFyEXQC9g03AoR7wZMfbzABOil6JODZ1etN/z8NoA7Op6e29Oa/XBH2uQi5b 7R9NnXPux0dcM3CWvtEkXczPe8OBIZJs/ke163e+vsb/zHFJ2xojM2OiD0nSo5+h2bXs 5y/wC4wPQZBns/OzHSAt1dLlsxLFO2vgPjxsjsfs1RJbvuub02IIbi+ZKk6iA9ZN7a14 CerLguYSPO58PciKFzAzF3g8l2zAo1Imx1C5cd43O6klrUDYD6L2S/qLGK+Mosk/2qmq plabhQL8VrjmnfQ+hqk9gXfX0hyjl704UuPdGYGKdEYdxGM2XQAJmjCXDJPF4WQl06FZ K1YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=lUFO/Ff489b+3dtjxMxKNHlYyRnAbX5vYILEF2sNaLc=; b=YEziiUvYESNEXuZ2etRCxnaUpcIIeHP+jowwqnR0ybmZWQxHnvvupjF/eXTHXxVSuh 89QswTgzYaSc3rniAuzZ9ppiCciuxHlEMO4cmVBn82VT8UcqAeD3z/FuBqKut3Vvv1kt dKajgGLBgZqhOkt3Pr95YaJwck82/85Z8uygdjqorgaT+ge7FK8EA1pbtooVfJuchDfZ GcFgHEFukzY6C1xXwesILhAyZVA0S/Xkcbrwb6lJCQwTCVq/JNPrbg96s3fWhL4LNlmX WVxCnJOlriFjWcHdkz/tTWwcPnVCwMJ93vXFLnhNesJfhXghB3aaBsHtElbh+sJtAD5D ghcQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Return-Path: Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id n6si665612lft.8.2021.09.13.07.31.30 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 13 Sep 2021 07:31:31 -0700 (PDT) Received-SPF: pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Received: from localhost.localdomain (mm-240-58-214-37.mgts.dynamic.pppoe.byfly.by [37.214.58.240] (may be forged)) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPSA id 18DEVK9S009501 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 13 Sep 2021 16:31:28 +0200 From: Anton Mikanovich To: isar-users@googlegroups.com Cc: Anton Mikanovich Subject: [PATCH v2 2/2] isar-bootstrap: Do not let gpg-agent to stay running Date: Mon, 13 Sep 2021 17:31:07 +0300 Message-Id: <20210913143107.181118-3-amikan@ilbers.de> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210913143107.181118-1-amikan@ilbers.de> References: <20210913143107.181118-1-amikan@ilbers.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUID: Lf88oIYtijPj If running gpg-agent as a daemon we make it to run apt-key as a child of gpg-agent. After the finish of apt-key parent gpg-agent will be also finished in that mode. This will allow us not to control start-stop of gpg-agent (which was actually broken before this commit) and get rid of any possible issues caused by left gpg-agent processes. Signed-off-by: Anton Mikanovich --- meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc index e87c091..b8af676 100644 --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc @@ -331,24 +331,22 @@ do_bootstrap() { mkdir -p "${ROOTFSDIR}/etc/apt/apt.conf.d" install -v -m644 "${WORKDIR}/isar-apt.conf" \ "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf" - if [ "${@get_distro_needs_gpg_support(d)}" = "gnupg" ]; then + if [ -n "${@get_distro_needs_gpg_support(d)}" ]; then MY_GPGHOME="$(chroot "${ROOTFSDIR}" mktemp -d /tmp/gpghomeXXXXXXXXXX)" echo "Created temporary directory ${MY_GPGHOME} for gpg-agent" export GNUPGHOME="${MY_GPGHOME}" - chroot "${ROOTFSDIR}" gpg-agent --daemon APT_KEY_APPEND="--homedir ${MY_GPGHOME}" fi find ${APT_KEYS_DIR}/ -type f | while read keyfile do kfn="$(basename $keyfile)" cp $keyfile "${ROOTFSDIR}/tmp/$kfn" - chroot "${ROOTFSDIR}" /usr/bin/apt-key \ + chroot "${ROOTFSDIR}" /usr/bin/gpg-agent --daemon -- /usr/bin/apt-key \ --keyring ${THIRD_PARTY_APT_KEYRING} ${APT_KEY_APPEND} add "/tmp/$kfn" rm "${ROOTFSDIR}/tmp/$kfn" done - if [ -d "${MY_GPGHOME}" ]; then - echo "Killing gpg-agent for ${MY_GPGHOME}" - chroot "${ROOTFSDIR}" gpgconf --kill gpg-agent && /bin/rm -rf "${MY_GPGHOME}" + if [ -n "${MY_GPGHOME}" ]; then + rm -rf "${ROOTFSDIR}${MY_GPGHOME}" fi if [ "${@get_distro_suite(d)}" = "stretch" ] && [ "${@get_host_release().split('.')[0]}" -lt "4" ]; then -- 2.25.1