[yocto] Native curl and SSL CA certificates

Iván Castell icastell at nayarsystems.com
Wed May 9 04:44:59 PDT 2018 

Thank you very much for your explanation Mr. Alexander, it was really
helpfull to understand my issue.

I fixed it removing completely my dnf bbappend recipe from my custom layer
and adding this variable to my distro.conf file:

    PACKAGE_FEED_URIS = "https://storage.googleapis.com/my_repo/"

After that, at the end of the build process the image contains a valid
/etc/yum.d/oe-remote-repo file and all the necesary stuff to manage it.
There is no need to copy "ca-certificates.crt" manually at all.

Now its working as expected! :-)


2018-05-09 8:56 GMT+02:00 Alexander Kanavin <
alexander.kanavin at linux.intel.com>:

> On 05/09/2018 09:29 AM, Iván Castell wrote:
>
>> But I am not fetching nor installing packages over the network during
>> image creation. I just build an image using local recipes (standard
>> procedure). One of those local recipes sets up a remote repository for rpm
>> packages (adding /etc/yum.repos.d/yocto-adv-rpm.repo to the final
>> image). The purpose of that remote repository is using it to update rpm
>> packages on target devices when they are running in production.
>>
>> In fact, I don't understand why yocto needs to synchronize that cache for
>> 'yocto-adv-rpm' repo during build time. It doesn't have any sense for me.
>> But the fact is that when the ca-certificates.crt is properly installed,
>> the build process ends fine. If that file is not properly installed, the
>> build process fails with the error reported in my previous message.
>>
>
> During image creation dnf is run several times, and it picks up its own
> configuration from the target rootfs. It is definitely not recommended to
> change that configuration behind dnf's back via installed recipes.
>
> The supported way to configure remote repositories is via
> PACKAGE_FEED_URIS:
> https://www.yoctoproject.org/docs/latest/dev-manual/dev-manu
> al.html#using-runtime-package-management
>
> Alex
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20180509/1b8d511f/attachment.html>

More information about the yocto mailing list