diff options
author | John Estabrook <jsestabrook@gmail.com> | 2019-10-03 14:38:54 +0000 |
---|---|---|
committer | Raphaƫl Hertzog <raphael@offensive-security.com> | 2019-12-19 18:52:05 +0100 |
commit | b6ad08c2709fbdab0b96852d9bfeb52d753b89bc (patch) | |
tree | 126758030ba728d3df37972fab01de5629935e85 | |
parent | 97e8070b720cbfed95504badcf16a8d85805f39f (diff) | |
download | vyos-live-build-b6ad08c2709fbdab0b96852d9bfeb52d753b89bc.tar.gz vyos-live-build-b6ad08c2709fbdab0b96852d9bfeb52d753b89bc.zip |
Add local archive keys before configuring local package repository
In the binary stage, chroot is restored from cache/bootstrap, which contains
neither custom repo lists, nor keys. If local packages are present,
chroot_archives will call 'Apt chroot update' after adding custom repo lists
without adding keys. apt-get will then fail instead of warn as of apt version
1.5.
Closes: #941691
-rwxr-xr-x | scripts/build/chroot_archives | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/scripts/build/chroot_archives b/scripts/build/chroot_archives index 9ca6a7892..f634a625d 100755 --- a/scripts/build/chroot_archives +++ b/scripts/build/chroot_archives @@ -212,6 +212,25 @@ EOF fi done + # Check local archive keys (chroot) + if Find_files config/archives/*.key || \ + Find_files config/archives/*.key.chroot + then + for FILE in config/archives/*.key \ + config/archives/*.key.chroot + do + if [ -e "${FILE}" ] + then + if grep -q "PGP PUBLIC KEY BLOCK" "${FILE}" + then + cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).asc + else + cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).gpg + fi + fi + done + fi + # Configure local package repository if Find_files config/packages.chroot/*.deb || Find_files config/packages/*.deb then @@ -344,25 +363,6 @@ EOF Chroot chroot "apt-get ${APT_OPTIONS} install aptitude" fi else # Get fresh indices - # Check local archive keys - if Find_files config/archives/*.key || \ - Find_files config/archives/*.key.chroot - then - for FILE in config/archives/*.key \ - config/archives/*.key.chroot - do - if [ -e "${FILE}" ] - then - if grep -q "PGP PUBLIC KEY BLOCK" "${FILE}" - then - cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).asc - else - cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).gpg - fi - fi - done - fi - # Check local keyring packages if Find_files config/archives/*.deb then |