Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apt-key add runs when /apt-key is empty #23

Open
cgmcintyr opened this issue Feb 23, 2018 · 3 comments
Open

Apt-key add runs when /apt-key is empty #23

cgmcintyr opened this issue Feb 23, 2018 · 3 comments

Comments

@cgmcintyr
Copy link

cgmcintyr commented Feb 23, 2018
edited
Loading

When running sudo make DIST=testing REPO=Debian RPI=2 with 645f78d checked out, the following lines of the postinstall script fail:

rpi-img-builder/postinstall

Lines 64 to 69 in 728790f

# Make sure all apt keys are installed
cd /apt-keys > /dev/null
for i in *.asc; do
apt-key --keyring /etc/apt/trusted.gpg.d/${i%.*}.gpg add ${i}
done
cd - > /dev/null

Specifically line 67 apt-key --keyring /etc/apt/trusted.gpg.d/${i%.*}.gpg add ${i} is running despite the contents of /apt-keys being empty.

This results in the command being run as follows: apt-key --keyring /etc/apt/trusted.gpg.d/*.gpg add *.asc.

The error message in full:

Usage: apt-key [--keyring file] [command] [arguments]

Manage apt's list of trusted keys

  apt-key add <file>          - add the key contained in <file> ('-' for stdin)
  apt-key del <keyid>         - remove the key <keyid>
  apt-key export <keyid>      - output the key <keyid>
  apt-key exportall           - output all trusted keys
  apt-key update              - update keys using the keyring package
  apt-key net-update          - update keys using the network
  apt-key list                - list keys
  apt-key finger              - list fingerprints
  apt-key adv                 - pass advanced options to gpg (download key)

If no specific keyring file is given the command applies to all keyring files.
rootfs.mak:112: recipe for target '/home/cgmcintyre/devel/router/rpi-img-builder/rootfs' failed
make[1]: *** [/home/cgmcintyre/devel/router/rpi-img-builder/rootfs] Error 1
Makefile:21: recipe for target 'build-rootfs' failed
make: *** [build-rootfs] Error 2
@TheSin-
Copy link
Owner

TheSin- commented Feb 23, 2018

thanks for reporting this, are you sure there wasn't an error before this during the download of the asc? It looks like I need to put a verification the file exists, I'll look into this as soon as I have time.

@cgmcintyr
Copy link
Author

cgmcintyr commented Feb 23, 2018
edited
Loading

No worries, thanks for creating this tool ^^

I haven't checked - there is no asc in the directory so there probably was a problem downloading it.

A quick 2 line fix I'm using is to check if the /apt-keys is empty.

# Make sure all apt keys are installed
cd /apt-keys > /dev/null
if [ -e *.asc ]; then
  for i in *.asc; do
    apt-key --keyring /etc/apt/trusted.gpg.d/${i%.*}.gpg add ${i}
  done
fi
cd - > /dev/null

@TheSin-
Copy link
Owner

TheSin- commented Feb 23, 2018

yeah that's what I was planning, but I assume the asc was moved and it's now int eh keyring but I need to check this so that apt verifications doesn't fail later once the system is built and it's enforced. Don't like when things just change on me ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TheSin- @cgmcintyr