mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-05 20:27:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

lib/oe/package_manager: import rpm signing key to rpmdb

Browse Source 
Import the gpg key used in rpm signing into rpmdb. This makes it
possible again to create images when rpm signing is enabled.

Also, instruct dnf to enforce signature check if rpm signing is enabled.

(From OE-Core rev: f30c1653cc5ef9daf594cbd3faad329b9fa08ab7)

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Markus Lehtonen
2017-03-16 15:19:05 +02:00
committed by Richard Purdie
parent 2b77735c72
commit 9a548edb0f
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
meta/lib/oe/package_manager.py
View File

@@ -520,7 +520,14 @@ class RpmPM(PackageManager):
open(platformconfdir + "macros", 'a').write("%_prefer_color 7")
if self.d.getVar('RPM_SIGN_PACKAGES') == '1':
raise NotImplementedError("Signature verification with rpm not yet supported.")
pubkey_path = self.d.getVar('RPM_GPG_PUBKEY')
rpm_bin = bb.utils.which(os.getenv('PATH'), "rpmkeys")
cmd = [rpm_bin, '--root=%s' % self.target_rootfs, '--import', pubkey_path]
try:
subprocess.check_output(cmd, stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as e:
bb.fatal("Importing GPG key failed. Command '%s' "
"returned %d:\n%s" % (' '.join(cmd), e.returncode, e.output.decode("utf-8")))
def create_configs(self):
self._configure_dnf()
@@ -570,7 +577,8 @@ class RpmPM(PackageManager):
output = self._invoke_dnf((["--skip-broken"] if attempt_only else []) +
(["-x", ",".join(exclude_pkgs)] if len(exclude_pkgs) > 0 else []) +
(["--setopt=install_weak_deps=False"] if self.d.getVar('NO_RECOMMENDATIONS') == 1 else []) +
["--nogpgcheck", "install"] +
(["--nogpgcheck"] if self.d.getVar('RPM_SIGN_PACKAGES') != '1' else ["--setopt=gpgcheck=True"]) +
["install"] +
pkgs)
failed_scriptlets_pkgnames = collections.OrderedDict()