All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] oeqa/selftest/runtime_test: Ensure we build/use gnupg-native
@ 2018-09-13 13:15 Richard Purdie
  2018-09-16  9:20 ` Burton, Ross
  0 siblings, 1 reply; 3+ messages in thread
From: Richard Purdie @ 2018-09-13 13:15 UTC (permalink / raw)
  To: openembedded-core

Without this, we see errors if gpg is missing from the host system
for "oe-selftest -r runtime_test.TestImage.test_testimage_dnf".

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/lib/oeqa/selftest/cases/runtime_test.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index abd0723146f..906e460d4f8 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -149,10 +149,12 @@ class TestImage(OESelftestTestCase):
         features += 'EXTRA_IMAGE_FEATURES += "package-management"\n'
         features += 'PACKAGE_CLASSES = "package_rpm"\n'
 
+        bitbake('gnupg-native -c addto_recipe_sysroot')
+
         # Enable package feed signing
         self.gpg_home = tempfile.mkdtemp(prefix="oeqa-feed-sign-")
         signing_key_dir = os.path.join(self.testlayer_path, 'files', 'signing')
-        runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home, os.path.join(signing_key_dir, 'key.secret')))
+        runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home, os.path.join(signing_key_dir, 'key.secret')), native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"))
         features += 'INHERIT += "sign_package_feed"\n'
         features += 'PACKAGE_FEED_GPG_NAME = "testuser"\n'
         features += 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "%s"\n' % os.path.join(signing_key_dir, 'key.passphrase')
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] oeqa/selftest/runtime_test: Ensure we build/use gnupg-native
  2018-09-13 13:15 [PATCH] oeqa/selftest/runtime_test: Ensure we build/use gnupg-native Richard Purdie
@ 2018-09-16  9:20 ` Burton, Ross
  2018-09-17 10:54   ` Richard Purdie
  0 siblings, 1 reply; 3+ messages in thread
From: Burton, Ross @ 2018-09-16  9:20 UTC (permalink / raw)
  To: openembedded-core-bounces; +Cc: OE-core

Doesn't quite work:

2018-09-14 23:53:16,527 - oe-selftest - INFO - 7: 13/14 281/332
(10.67s) (runtime_test.TestImage.test_testimage_dnf)
2018-09-14 23:53:16,527 - oe-selftest - INFO -
testtools.testresult.real._StringException: Traceback (most recent
call last):
File "/home/pokybuild/yocto-worker/nightly-oe-selftest/build/meta/lib/oeqa/core/decorator/__init__.py",
line 32, in wrapped_f
return func(*args, **kwargs)
File "/home/pokybuild/yocto-worker/nightly-oe-selftest/build/meta/lib/oeqa/selftest/cases/runtime_test.py",
line 157, in test_testimage_dnf
runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home,
os.path.join(signing_key_dir, 'key.secret')),
native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"))
File "/home/pokybuild/yocto-worker/nightly-oe-selftest/build/meta/lib/oeqa/utils/commands.py",
line 191, in runCmd
raise AssertionError("Command '%s' returned non-zero exit status
%d:\n%s" % (command, result.status, exc_output))
AssertionError: Command 'gpg --batch --homedir
/tmp/oeqa-feed-sign-gqt86zv_ --import
/home/pokybuild/yocto-worker/nightly-oe-selftest/build/build-st-50002/meta-selftest/files/signing/key.secret'
returned non-zero exit status 2:
gpg: keybox '/tmp/oeqa-feed-sign-gqt86zv_/pubring.kbx' created
gpg: /tmp/oeqa-feed-sign-gqt86zv_/trustdb.gpg: trustdb created
gpg: key 7B31316B5D64AD52: public key "testuser (nocomment)
<testuser@testemail.com>" imported
gpg: failed to start agent
'/home/pokybuild/yocto-worker/nightly-oe-selftest/build/build-st-104600/tmp/work/x86_64-linux/gnupg-native/2.2.9-r0/recipe-sysroot-native/usr/bin/gpg-agent':
No such file or directory
gpg: can't connect to the agent: No such file or directory
gpg: error getting the KEK: No agent running
gpg: Total number processed: 1
gpg: imported: 1
gpg: secret keys read: 1

Ross
On Thu, 13 Sep 2018 at 14:16,
<openembedded-core-bounces@lists.openembedded.org> wrote:
>
> Without this, we see errors if gpg is missing from the host system
> for "oe-selftest -r runtime_test.TestImage.test_testimage_dnf".
>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> ---
>  meta/lib/oeqa/selftest/cases/runtime_test.py | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
> index abd0723146f..906e460d4f8 100644
> --- a/meta/lib/oeqa/selftest/cases/runtime_test.py
> +++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
> @@ -149,10 +149,12 @@ class TestImage(OESelftestTestCase):
>          features += 'EXTRA_IMAGE_FEATURES += "package-management"\n'
>          features += 'PACKAGE_CLASSES = "package_rpm"\n'
>
> +        bitbake('gnupg-native -c addto_recipe_sysroot')
> +
>          # Enable package feed signing
>          self.gpg_home = tempfile.mkdtemp(prefix="oeqa-feed-sign-")
>          signing_key_dir = os.path.join(self.testlayer_path, 'files', 'signing')
> -        runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home, os.path.join(signing_key_dir, 'key.secret')))
> +        runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home, os.path.join(signing_key_dir, 'key.secret')), native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"))
>          features += 'INHERIT += "sign_package_feed"\n'
>          features += 'PACKAGE_FEED_GPG_NAME = "testuser"\n'
>          features += 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "%s"\n' % os.path.join(signing_key_dir, 'key.passphrase')
> --
> 2.17.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] oeqa/selftest/runtime_test: Ensure we build/use gnupg-native
  2018-09-16  9:20 ` Burton, Ross
@ 2018-09-17 10:54   ` Richard Purdie
  0 siblings, 0 replies; 3+ messages in thread
From: Richard Purdie @ 2018-09-17 10:54 UTC (permalink / raw)
  To: Burton, Ross, openembedded-core-bounces; +Cc: OE-core

On Sun, 2018-09-16 at 10:20 +0100, Burton, Ross wrote:
> Doesn't quite work:
> 
> 2018-09-14 23:53:16,527 - oe-selftest - INFO - 7: 13/14 281/332
> (10.67s) (runtime_test.TestImage.test_testimage_dnf)
> 2018-09-14 23:53:16,527 - oe-selftest - INFO -
> testtools.testresult.real._StringException: Traceback (most recent
> call last):
> File "/home/pokybuild/yocto-worker/nightly-oe-
> selftest/build/meta/lib/oeqa/core/decorator/__init__.py",
> line 32, in wrapped_f
> return func(*args, **kwargs)
> File "/home/pokybuild/yocto-worker/nightly-oe-
> selftest/build/meta/lib/oeqa/selftest/cases/runtime_test.py",
> line 157, in test_testimage_dnf
> runCmd('gpg --batch --homedir %s --import %s' % (self.gpg_home,
> os.path.join(signing_key_dir, 'key.secret')),
> native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"))
> File "/home/pokybuild/yocto-worker/nightly-oe-
> selftest/build/meta/lib/oeqa/utils/commands.py",
> line 191, in runCmd
> raise AssertionError("Command '%s' returned non-zero exit status
> %d:\n%s" % (command, result.status, exc_output))
> AssertionError: Command 'gpg --batch --homedir
> /tmp/oeqa-feed-sign-gqt86zv_ --import
> /home/pokybuild/yocto-worker/nightly-oe-selftest/build/build-st-
> 50002/meta-selftest/files/signing/key.secret'
> returned non-zero exit status 2:
> gpg: keybox '/tmp/oeqa-feed-sign-gqt86zv_/pubring.kbx' created
> gpg: /tmp/oeqa-feed-sign-gqt86zv_/trustdb.gpg: trustdb created
> gpg: key 7B31316B5D64AD52: public key "testuser (nocomment)
> <testuser@testemail.com>" imported
> gpg: failed to start agent
> '/home/pokybuild/yocto-worker/nightly-oe-selftest/build/build-st-
> 104600/tmp/work/x86_64-linux/gnupg-native/2.2.9-r0/recipe-sysroot-
> native/usr/bin/gpg-agent':
> No such file or directory
> gpg: can't connect to the agent: No such file or directory
> gpg: error getting the KEK: No agent running
> gpg: Total number processed: 1
> gpg: imported: 1
> gpg: secret keys read: 1

A quick poke at this on a plane confirmed its an sstate relocation
issue. gnupg-native does not relocate safely. common/homedir.c has
gnupg_bindir() which isn't configurable and hardcodes the binary
locations. There are other functions in there which probably have the
same issue. Options:

a) Revert my selftest fix and require gpg on the machine running the
selftests (opens us up to gpg version issues). Clearly not all YP
autobuilder workers have it.
b) Patch gnupg to relocate properly

Cheers,

Richard


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-09-17 10:54 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-13 13:15 [PATCH] oeqa/selftest/runtime_test: Ensure we build/use gnupg-native Richard Purdie
2018-09-16  9:20 ` Burton, Ross
2018-09-17 10:54   ` Richard Purdie

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.