| Message ID | 20210421011806.614966-1-xnox@ubuntu.com |
|---|---|
| State | New |
| Headers | show |
| Series | [linux-snap,xenial,master] Copy host trusted.gpg keyring into the chroot | expand |
On 21.04.21 03:18, Dimitri John Ledkov wrote: > Launchpad xenial snap builds now have ubuntu-esm repositories > enabled. And now apt-get -y update started to produce error since the > GPG keys of the sources.list from the host, are not available in the > chroot. Fix this by copying the host trusted.gpg keyring into the > chroot. > > Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> > --- > > This patch is for > lp:~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial -b master > > This patch is needed for the upcomming xenial ESM kernel snap builds, > and enables building public ESM kernel snaps using kernels from > ~ubuntu-esm/esm-infra-security in launchpad. > > https://code.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial/+ref/master > > This change & fix has been tested at > https://launchpad.net/~xnox/+snap/xnox-pc-esm > > Makefile | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/Makefile b/Makefile > index 453c027..6f64547 100644 > --- a/Makefile > +++ b/Makefile > @@ -82,6 +82,7 @@ prepare-chroot: > # already added there. This does not matter as long as adding the > # key will not require installing some additional package. > cp /etc/apt/sources.list chroot/etc/apt/sources.list > + cp /etc/apt/trusted.gpg chroot/etc/apt/trusted.gpg.d/host-trusted.gpg > echo "deb http://ppa.launchpad.net/snappy-dev/image/ubuntu $(RELEASE) main" >> chroot/etc/apt/sources.list > > # install all updates >
On 21.04.21 03:18, Dimitri John Ledkov wrote: > Launchpad xenial snap builds now have ubuntu-esm repositories > enabled. And now apt-get -y update started to produce error since the > GPG keys of the sources.list from the host, are not available in the > chroot. Fix this by copying the host trusted.gpg keyring into the > chroot. > > Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> Thanks > --- > > This patch is for > lp:~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial -b master > > This patch is needed for the upcomming xenial ESM kernel snap builds, > and enables building public ESM kernel snaps using kernels from > ~ubuntu-esm/esm-infra-security in launchpad. > > https://code.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial/+ref/master > > This change & fix has been tested at > https://launchpad.net/~xnox/+snap/xnox-pc-esm > > Makefile | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/Makefile b/Makefile > index 453c027..6f64547 100644 > --- a/Makefile > +++ b/Makefile > @@ -82,6 +82,7 @@ prepare-chroot: > # already added there. This does not matter as long as adding the > # key will not require installing some additional package. > cp /etc/apt/sources.list chroot/etc/apt/sources.list > + cp /etc/apt/trusted.gpg chroot/etc/apt/trusted.gpg.d/host-trusted.gpg > echo "deb http://ppa.launchpad.net/snappy-dev/image/ubuntu $(RELEASE) main" >> chroot/etc/apt/sources.list > > # install all updates >
On 21.04.21 03:18, Dimitri John Ledkov wrote: > Launchpad xenial snap builds now have ubuntu-esm repositories > enabled. And now apt-get -y update started to produce error since the > GPG keys of the sources.list from the host, are not available in the > chroot. Fix this by copying the host trusted.gpg keyring into the > chroot. > > Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> > --- Applied to xenial:linux-snap/master. Thanks. -Stefan > > This patch is for > lp:~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial -b master > > This patch is needed for the upcomming xenial ESM kernel snap builds, > and enables building public ESM kernel snaps using kernels from > ~ubuntu-esm/esm-infra-security in launchpad. > > https://code.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial/+ref/master > > This change & fix has been tested at > https://launchpad.net/~xnox/+snap/xnox-pc-esm > > Makefile | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/Makefile b/Makefile > index 453c027..6f64547 100644 > --- a/Makefile > +++ b/Makefile > @@ -82,6 +82,7 @@ prepare-chroot: > # already added there. This does not matter as long as adding the > # key will not require installing some additional package. > cp /etc/apt/sources.list chroot/etc/apt/sources.list > + cp /etc/apt/trusted.gpg chroot/etc/apt/trusted.gpg.d/host-trusted.gpg > echo "deb http://ppa.launchpad.net/snappy-dev/image/ubuntu $(RELEASE) main" >> chroot/etc/apt/sources.list > > # install all updates >
diff --git a/Makefile b/Makefile index 453c027..6f64547 100644 --- a/Makefile +++ b/Makefile @@ -82,6 +82,7 @@ prepare-chroot: # already added there. This does not matter as long as adding the # key will not require installing some additional package. cp /etc/apt/sources.list chroot/etc/apt/sources.list + cp /etc/apt/trusted.gpg chroot/etc/apt/trusted.gpg.d/host-trusted.gpg echo "deb http://ppa.launchpad.net/snappy-dev/image/ubuntu $(RELEASE) main" >> chroot/etc/apt/sources.list # install all updates
Launchpad xenial snap builds now have ubuntu-esm repositories enabled. And now apt-get -y update started to produce error since the GPG keys of the sources.list from the host, are not available in the chroot. Fix this by copying the host trusted.gpg keyring into the chroot. Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> --- This patch is for lp:~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial -b master This patch is needed for the upcomming xenial ESM kernel snap builds, and enables building public ESM kernel snaps using kernels from ~ubuntu-esm/esm-infra-security in launchpad. https://code.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-snap/+git/xenial/+ref/master This change & fix has been tested at https://launchpad.net/~xnox/+snap/xnox-pc-esm Makefile | 1 + 1 file changed, 1 insertion(+)