Message ID | 20230109212200.500890-1-charlie.johnston@ni.com |
---|---|
State | New |
Headers | show |
Series | opkg: ensure opkg uses private gpg.conf when applying keys. | expand |
ACK. We'll ingest this change naturally in the June opkg release, but it is reasonable to pull the .patch now. On 1/9/23 15:22, Charlie Johnston wrote: > Currently, the opkg-key utility calls gpg with --no-options, > which uses /dev/null as the configuration file. This means > any configurations in /etc/opkg/gpg/gpg.conf were being > ignored. This change applies a patch to remove the > --no-options flag. > > Signed-off-by: Charlie Johnston <charlie.johnston@ni.com> > --- > ...emove-no-options-flag-from-gpg-calls.patch | 34 +++++++++++++++++++ > meta/recipes-devtools/opkg/opkg_0.6.1.bb | 1 + > 2 files changed, 35 insertions(+) > create mode 100644 meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch > > diff --git a/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch b/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch > new file mode 100644 > index 0000000000..f216950002 > --- /dev/null > +++ b/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch > @@ -0,0 +1,34 @@ > +From a658e6402382250f0164c5b47b744740e04f3611 Mon Sep 17 00:00:00 2001 > +From: Charlie Johnston <charlie.johnston@ni.com> > +Date: Fri, 30 Dec 2022 15:21:14 -0600 > +Subject: [PATCH] opkg-key: Remove --no-options flag from gpg calls. > + > +The opkg-key script was always passing the --no-options > +flag to gpg, which uses /dev/null as the options file. > +As a result, the opkg gpg.conf file was not getting > +used. This change removes that flag so that gpg.conf > +in the GPGHOMEDIR for opkg (currently /etc/opkg/gpg/) > +will be used if present. > + > +Upstream-Status: Accepted [https://urldefense.com/v3/__https://git.yoctoproject.org/opkg/commit/?id=cee294e72d257417b5e55ef7a76a0fd15313e46b__;!!FbZ0ZwI3Qg!uX10EXcajL9EJS2NNmNl-z9VLeBT_HgjQJ4VJ50BN5lRXJeOM8sdVBZomrkIauJ3ufVPp8ogpBgNKQwCGuVlotE$ ] > +Signed-off-by: Charlie Johnston <charlie.johnston@ni.com> > +--- > + utils/opkg-key | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/utils/opkg-key b/utils/opkg-key > +index e395a59..8645ebc 100755 > +--- a/utils/opkg-key > ++++ b/utils/opkg-key > +@@ -53,7 +53,7 @@ else > + exit 1 > + fi > + > +-GPG="$GPGCMD --no-options --homedir $GPGHOMEDIR" > ++GPG="$GPGCMD --homedir $GPGHOMEDIR" > + > + # Gpg home dir isn't created automatically when --homedir option is used > + if [ ! -e "$GPGHOMEDIR" ]; then > +-- > +2.30.2 > + > diff --git a/meta/recipes-devtools/opkg/opkg_0.6.1.bb b/meta/recipes-devtools/opkg/opkg_0.6.1.bb > index 50c9451a57..712f066f0e 100644 > --- a/meta/recipes-devtools/opkg/opkg_0.6.1.bb > +++ b/meta/recipes-devtools/opkg/opkg_0.6.1.bb > @@ -15,6 +15,7 @@ PE = "1" > SRC_URI = "https://urldefense.com/v3/__http://downloads.yoctoproject.org/releases/$*7BBPN*7D/$*7BBPN*7D-$*7BPV*7D.tar.gz__;JSUlJSUl!!FbZ0ZwI3Qg!uX10EXcajL9EJS2NNmNl-z9VLeBT_HgjQJ4VJ50BN5lRXJeOM8sdVBZomrkIauJ3ufVPp8ogpBgNKQwCyEuKCuY$ \ > file://opkg.conf \ > file://0001-opkg_conf-create-opkg.lock-in-run-instead-of-var-run.patch \ > + file://0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch \ > file://run-ptest \ > " > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#175700): https://urldefense.com/v3/__https://lists.openembedded.org/g/openembedded-core/message/175700__;!!FbZ0ZwI3Qg!uX10EXcajL9EJS2NNmNl-z9VLeBT_HgjQJ4VJ50BN5lRXJeOM8sdVBZomrkIauJ3ufVPp8ogpBgNKQwCJKW8IrE$ > Mute This Topic: https://urldefense.com/v3/__https://lists.openembedded.org/mt/96163153/3616788__;!!FbZ0ZwI3Qg!uX10EXcajL9EJS2NNmNl-z9VLeBT_HgjQJ4VJ50BN5lRXJeOM8sdVBZomrkIauJ3ufVPp8ogpBgNKQwCA2OYbZ8$ > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://urldefense.com/v3/__https://lists.openembedded.org/g/openembedded-core/unsub__;!!FbZ0ZwI3Qg!uX10EXcajL9EJS2NNmNl-z9VLeBT_HgjQJ4VJ50BN5lRXJeOM8sdVBZomrkIauJ3ufVPp8ogpBgNKQwC1cnWJuM$ [alex.stewart@ni.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch b/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch new file mode 100644 index 0000000000..f216950002 --- /dev/null +++ b/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch @@ -0,0 +1,34 @@ +From a658e6402382250f0164c5b47b744740e04f3611 Mon Sep 17 00:00:00 2001 +From: Charlie Johnston <charlie.johnston@ni.com> +Date: Fri, 30 Dec 2022 15:21:14 -0600 +Subject: [PATCH] opkg-key: Remove --no-options flag from gpg calls. + +The opkg-key script was always passing the --no-options +flag to gpg, which uses /dev/null as the options file. +As a result, the opkg gpg.conf file was not getting +used. This change removes that flag so that gpg.conf +in the GPGHOMEDIR for opkg (currently /etc/opkg/gpg/) +will be used if present. + +Upstream-Status: Accepted [https://git.yoctoproject.org/opkg/commit/?id=cee294e72d257417b5e55ef7a76a0fd15313e46b] +Signed-off-by: Charlie Johnston <charlie.johnston@ni.com> +--- + utils/opkg-key | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/utils/opkg-key b/utils/opkg-key +index e395a59..8645ebc 100755 +--- a/utils/opkg-key ++++ b/utils/opkg-key +@@ -53,7 +53,7 @@ else + exit 1 + fi + +-GPG="$GPGCMD --no-options --homedir $GPGHOMEDIR" ++GPG="$GPGCMD --homedir $GPGHOMEDIR" + + # Gpg home dir isn't created automatically when --homedir option is used + if [ ! -e "$GPGHOMEDIR" ]; then +-- +2.30.2 + diff --git a/meta/recipes-devtools/opkg/opkg_0.6.1.bb b/meta/recipes-devtools/opkg/opkg_0.6.1.bb index 50c9451a57..712f066f0e 100644 --- a/meta/recipes-devtools/opkg/opkg_0.6.1.bb +++ b/meta/recipes-devtools/opkg/opkg_0.6.1.bb @@ -15,6 +15,7 @@ PE = "1" SRC_URI = "http://downloads.yoctoproject.org/releases/${BPN}/${BPN}-${PV}.tar.gz \ file://opkg.conf \ file://0001-opkg_conf-create-opkg.lock-in-run-instead-of-var-run.patch \ + file://0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch \ file://run-ptest \ "
Currently, the opkg-key utility calls gpg with --no-options, which uses /dev/null as the configuration file. This means any configurations in /etc/opkg/gpg/gpg.conf were being ignored. This change applies a patch to remove the --no-options flag. Signed-off-by: Charlie Johnston <charlie.johnston@ni.com> --- ...emove-no-options-flag-from-gpg-calls.patch | 34 +++++++++++++++++++ meta/recipes-devtools/opkg/opkg_0.6.1.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch