From 05a868ccbf33ace394cd2922ce7f040069a50d1e Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Wed, 15 Jun 2022 16:24:41 -0400 Subject: [PATCH] arch: Use gpgdir from host system Instead of setting up the keyring in the image, let's reuse the keyring from the host. If users want to use pacman in the image, they just have to run pacman-key themselves in a postinst script or such. This speeds up building of images and hopefully also gets rid of our CI issues with Arch where there's something keeping files open in the root mount (which I expect is gpg-agent). --- NEWS.md | 6 ++++++ mkosi/__init__.py | 10 ++-------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/NEWS.md b/NEWS.md index 8a96f4383..967473bb9 100644 --- a/NEWS.md +++ b/NEWS.md @@ -19,6 +19,12 @@ - mkosi won't default to the same OS release as the host system anymore when the host system uses the same distribution as the image that's being built. Instead, when no release is specified, mkosi will now always default to the default version embedded in mkosi itself. +- mkosi will now use the pacman keyring from the host when building Arch images. This means that users will, + on top of installing archlinux-keyring, also have to run `pacman-key --init` and + `pacman-key --populate archlinux` on the host system to be able to build Arch images. Also, unless the + package manager is configured to do it automatically, the host keyring will have to be updated after + archlinux-keyring updates by running `pacman-key --populate archlinux` and `pacman-key --updatedb`. + ## v12 diff --git a/mkosi/__init__.py b/mkosi/__init__.py index 7c2fc3d23..071e2daee 100644 --- a/mkosi/__init__.py +++ b/mkosi/__init__.py @@ -2959,13 +2959,7 @@ def install_ubuntu(args: MkosiArgs, root: Path, do_run_build_script: bool) -> No def run_pacman(root: Path, pacman_conf: Path, packages: Set[str]) -> None: - try: - run(["pacman-key", "--config", pacman_conf, "--init"]) - run(["pacman-key", "--config", pacman_conf, "--populate"]) - run(["pacman", "--config", pacman_conf, "--noconfirm", "-Sy", *sort_packages(packages)]) - finally: - # Kill the gpg-agent started by pacman and pacman-key. - run(["gpgconf", "--homedir", root / "etc/pacman.d/gnupg", "--kill", "all"]) + run(["pacman", "--config", pacman_conf, "--noconfirm", "-Sy", *sort_packages(packages)]) @complete_step("Installing Arch Linux…") @@ -3026,7 +3020,7 @@ def install_arch(args: MkosiArgs, root: Path, do_run_build_script: bool) -> None RootDir = {root} LogFile = /dev/null CacheDir = {root}/var/cache/pacman/pkg/ - GPGDir = {root}/etc/pacman.d/gnupg/ + GPGDir = /etc/pacman.d/gnupg/ HookDir = {root}/etc/pacman.d/hooks/ HoldPkg = pacman glibc Architecture = auto -- 2.47.2