Date
1 - 3 of 3
gpg: can't connect to the agent: File name too long
|
Damien LEFEVRE
Hi, I'm using this command from a new image type ''' gpg --homedir home --encrypt --sign --default-key "server@..." --pinentry-mode loopback --passphrase-file server.passphrase --recipient "device@..." --output ${IMAGE_LINK_NAME}.fw ${IMGDEPLOYDIR}/${IMAGE_NAME}.img ''' From yocto build I get this error ''' | gpg: can't connect to the agent: File name too long | gpg: Warning: not using 'server@...' as default key: No secret key | gpg: all values passed to '--default-key' ignored ''' I added this img_ota.bbclass ''' inherit image_types image_types_tegra pythonnative create_img_ota_pkg() { rm -rf "${WORKDIR}/my_img" mkdir -p "${WORKDIR}/my_img" oldwd=`pwd` cd "${WORKDIR}/my_img" ln -sf "${STAGING_DATADIR_NATIVE}/gpg-keys/" home ln -sf "${STAGING_DATADIR_NATIVE}/gpg-keys/update.passphrase" update.passphrase ln -sf "${STAGING_DATADIR_NATIVE}/gpg-keys/encrypt.py" encrypt.py ln -sf "${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.img" "${IMAGE_LINK_NAME}.img" #gpg --homedir home --encrypt --sign --default-key "server@..." --pinentry-mode loopback --passphrase-file server.passphrase --recipient "device@..." --output ${IMAGE_LINK_NAME}.fw ${IMGDEPLOYDIR}/${IMAGE_NAME}.img echo $(which python3) python3 encrypt.py blabla.fw ${IMAGE_LINK_NAME}.img cd oldwd } create_my_pkg[vardepsexclude] += "DATETIME" IMAGE_CMD_img_ota = "create_img_ota_pkg" do_image_img_ota[depends] += " \ gpg-keys-native:do_populate_sysroot \ " IMAGE_TYPEDEP_img_ota += "tegraflash" IMAGE_TYPES += "img_ota" ''' I have a native recipe creating the gpg db and install the keys. I did check the gpg and gpg-agent binaries used come from /test-warrior/build-jetson-xavier/tmp/work/jetson_xavier-poky-linux/test-image/1.0-r0/recipe-sysroot-native/usr/bin I tried to wrap the command in a python script but it had no effect. If I open a terminal, add /test-warrior/build-jetson-xavier/tmp/work/jetson_xavier-poky-linux/test-image/1.0-r0/recipe-sysroot-native/usr/bin to PATH and run the commands, they go through successfully and I don't manage to reproduce the error. What is different with bitbake which could make this fail? Thanks -Damien |
|
|
|
Damien LEFEVRE
I think my problem is that the do_image_* are running as fakeroot/pseudo. Is there a way to run this task as a normal local user. I read that I should create the socket when not running under local user with gpgconf --create-socketdir But this fails too although I set permissions for all on the gpg files and directories: ''' | gpgconf: socketdir is '/test-warrior/build-jetson-xavier/tmp/work/jetson_xavier-poky-linux/test-image/1.0-r0/my_img/home' | gpgconf: no /run/user dir | gpgconf: using homedir as fallback | gpgconf: error creating socket directory | gpgconf: fatal error (exit status 1) ''' Basically I need to, as a normal user, run gpg after do_image_tegra. Any hint? |
|
|
|
Diego Santa Cruz
toggle quoted message
Show quoted text
-----Original Message-----The problem is that the path to UNIX sockets are limited in length and you are probably hitting that limit. The base classes take care of avoiding that but I did hit this problem in a custom recipe that was using gpg directly. I solved problem in the task shell function that was calling gpg by using a host temporary directory (/var/tmp/...) as a throw away GPG home directory. gpgdir=`mktemp -td ${PN}-gpg.XXXXXX` install -m 700 -d $gpgdir/home gpg --batch --homedir $gpgdir/home ... ... rm -rf $gpgdir Hope that helps. -- Diego Santa Cruz, PhD Technology Architect spinetix.com |
|
|