[yocto] Failure Inheriting rpm_sign

Chris Trobridge christrobridge at hotmail.com
Fri Jan 6 03:52:22 PST 2017 

I am getting "Exception: OSError: [Errno 7] Argument list too long" for sign_rpm in the do_package_write_rpm tasks for the 
linux-yocto and glibc-locale recipes.

This is building core-image-minimal (and also my own image) with morty (5aa481d) on Fedora 25.

I have enabled the rpm signing with:

INHERIT += " sign_rpm"
RPM_GPG_NAME = "{name}"
RPM_GPG_PASSPHRASE = "{passphrase}"
IMAGE_INSTALL_append = " signing-keys-rpm"

The error message makes some sense in as much as these recipes produce a lot of packages (for example, glibc-locale produces 1791 packages) and the command line in the log is pretty big, although reading around I didn't find a consensus on what the max command line should be.

The code to sign rpms is in meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py and it builds up one command line with all the packages.

I changed the code (patch appended) to sign each rpm in a separate command and the build completed successfully.  The signing operations take a large amount of time so I think this might be a reasonable change but you may have other concerns.

Regards,
Chris

diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 38eb0cb..a386b1f 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -29,17 +29,18 @@ class LocalSigner(object):
     def sign_rpms(self, files, keyid, passphrase):
         """Sign RPM files"""
 
-        cmd = self.rpm_bin + " --addsign --define '_gpg_name %s'  " % keyid
-        cmd += "--define '_gpg_passphrase %s' " % passphrase
-        if self.gpg_bin:
-            cmd += "--define '%%__gpg %s' " % self.gpg_bin
-        if self.gpg_path:
-            cmd += "--define '_gpg_path %s' " % self.gpg_path
-        cmd += ' '.join(files)
-
-        status, output = oe.utils.getstatusoutput(cmd)
-        if status:
-            raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)
+        for file in files:
+            cmd = self.rpm_bin + " --addsign --define '_gpg_name %s'  " % keyid
+            cmd += "--define '_gpg_passphrase %s' " % passphrase
+            if self.gpg_bin:
+                cmd += "--define '%%__gpg %s' " % self.gpg_bin
+            if self.gpg_path:
+                cmd += "--define '_gpg_path %s' " % self.gpg_path
+            cmd += file
+
+            status, output = oe.utils.getstatusoutput(cmd)
+            if status:
+                raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)
 
     def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True):
         """Create a detached signature of a file"""

More information about the yocto mailing list