[yocto] Native curl and SSL CA certificates

Iván Castell icastell at nayarsystems.com
Thu May 10 07:21:56 PDT 2018 

Ok that's already fixed. I could manage it executing this in host machine
after building the image:

    $ bitbake package-index


2018-05-10 16:01 GMT+02:00 Iván Castell <icastell at nayarsystems.com>:

> Once the image was build and cloned into the target device, this error
> appears when trying to update dnf database from target device:
>
>     $ dnf clean all
>     $ dnf update
>     DNF version: 2.7.5
>     cachedir: /var/cache/dnf
>     repo oe-remote-repo: 0x6235C65BD7C1F0D8 already imported
>     Cannot download 'https://storage.googleapis.com/my_repo': GPG
> verification is enabled, but GPG signature repomd.xml.asc is not available:
> Status code: 403 for https://storage.googleapis.com/my_repo/repodata/
>     Failed to synchronize cache for repo 'oe-remote-repo', disabling.
>
> The "repodata" directory does not appear inside the package feed
> directory. I managed to generate that "repodata" directory executing this
> commands in my host machine:
>
>     $ bitbake createrepo-c-native -caddto_recipe_sysroot
>     $ oe-run-native createrepo-c-native createrepo_c
> /home/yocto/yocto/build/tmp/deploy/rpm
>
> After that, "repodata" directory appears in the package feed and
> "repomd.xml" file is inside available, but "repomd.xml.asc" is still not
> found.
>
> Do I am missing something?
>
> Thank you in advance!
>
>
> 2018-05-09 13:44 GMT+02:00 Iván Castell <icastell at nayarsystems.com>:
>
>> Thank you very much for your explanation Mr. Alexander, it was really
>> helpfull to understand my issue.
>>
>> I fixed it removing completely my dnf bbappend recipe from my custom
>> layer and adding this variable to my distro.conf file:
>>
>>     PACKAGE_FEED_URIS = "https://storage.googleapis.com/my_repo/"
>>
>> After that, at the end of the build process the image contains a valid
>> /etc/yum.d/oe-remote-repo file and all the necesary stuff to manage it.
>> There is no need to copy "ca-certificates.crt" manually at all.
>>
>> Now its working as expected! :-)
>>
>>
>> 2018-05-09 8:56 GMT+02:00 Alexander Kanavin <
>> alexander.kanavin at linux.intel.com>:
>>
>>> On 05/09/2018 09:29 AM, Iván Castell wrote:
>>>
>>>> But I am not fetching nor installing packages over the network during
>>>> image creation. I just build an image using local recipes (standard
>>>> procedure). One of those local recipes sets up a remote repository for rpm
>>>> packages (adding /etc/yum.repos.d/yocto-adv-rpm.repo to the final
>>>> image). The purpose of that remote repository is using it to update rpm
>>>> packages on target devices when they are running in production.
>>>>
>>>> In fact, I don't understand why yocto needs to synchronize that cache
>>>> for 'yocto-adv-rpm' repo during build time. It doesn't have any sense for
>>>> me. But the fact is that when the ca-certificates.crt is properly
>>>> installed, the build process ends fine. If that file is not properly
>>>> installed, the build process fails with the error reported in my previous
>>>> message.
>>>>
>>>
>>> During image creation dnf is run several times, and it picks up its own
>>> configuration from the target rootfs. It is definitely not recommended to
>>> change that configuration behind dnf's back via installed recipes.
>>>
>>> The supported way to configure remote repositories is via
>>> PACKAGE_FEED_URIS:
>>> https://www.yoctoproject.org/docs/latest/dev-manual/dev-manu
>>> al.html#using-runtime-package-management
>>>
>>> Alex
>>>
>>
>>
>>
>>
>
>
> --
>
>
>
>
> *NOTA LEGAL*
> Este correo electrónico y, en su caso, cualquier fichero anexo al mismo,
> contiene información de carácter confidencial exclusivamente dirigida a su
> destinatario y se encuentra protegido por Ley. Cualquier persona distinta
> de su destinataria tiene prohibida su reproducción, uso, divulgación, copia
> o impresión total o parcial. Si ha recibido este correo electrónico por
> error, se ruega lo notifique de inmediato al remitente borrando el mensaje
> original juntamente con sus ficheros anexos. Gracias.
>
> De conformidad con lo establecido en la LOPD, NAYAR SYSTEMS SL garantiza
> la adopción de las medidas necesarias para asegurar el tratamiento
> confidencial de los datos de carácter personal. Así mismo le informamos de
> la inclusión de sus datos en un fichero bajo la responsabilidad de NAYAR
> SYSTEMS SL, con la finalidad de poder atender los compromisos derivados de
> la relación que mantenemos con usted. Si lo desea, puede ejercer sus
> derechos de acceso, rectificación, cancelación y oposición mediante un
> escrito a la siguiente dirección: info at nayarsystems.com
>
> *LEGAL NOTE*
> This email and any attachments to it contains is confidential information
> exclusively intended for the recipients. Any divulgation, copy or
> distribution to third parties is prohibited without written permission of
> NAYAR SYSTEMS SL. If you have received this e-mail in error, please notify
> the sender immediately. In accordance with Law 15/1999 of 13 December on
> the Protection of Personal Data, the NAYAR SYSTEMS SL guarantees that it
> has adopted the necessary measures to ensure the confidential treatment of
> personal information. We also inform you that you can exercise your access,
> rectification, cancellation and opposition rights by send us a mail to:
> info at nayarsystems.com
>
>


-- 




*NOTA LEGAL*
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo,
contiene información de carácter confidencial exclusivamente dirigida a su
destinatario y se encuentra protegido por Ley. Cualquier persona distinta
de su destinataria tiene prohibida su reproducción, uso, divulgación, copia
o impresión total o parcial. Si ha recibido este correo electrónico por
error, se ruega lo notifique de inmediato al remitente borrando el mensaje
original juntamente con sus ficheros anexos. Gracias.

De conformidad con lo establecido en la LOPD, NAYAR SYSTEMS SL garantiza la
adopción de las medidas necesarias para asegurar el tratamiento
confidencial de los datos de carácter personal. Así mismo le informamos de
la inclusión de sus datos en un fichero bajo la responsabilidad de NAYAR
SYSTEMS SL, con la finalidad de poder atender los compromisos derivados de
la relación que mantenemos con usted. Si lo desea, puede ejercer sus
derechos de acceso, rectificación, cancelación y oposición mediante un
escrito a la siguiente dirección: info at nayarsystems.com

*LEGAL NOTE*
This email and any attachments to it contains is confidential information
exclusively intended for the recipients. Any divulgation, copy or
distribution to third parties is prohibited without written permission of
NAYAR SYSTEMS SL. If you have received this e-mail in error, please notify
the sender immediately. In accordance with Law 15/1999 of 13 December on
the Protection of Personal Data, the NAYAR SYSTEMS SL guarantees that it
has adopted the necessary measures to ensure the confidential treatment of
personal information. We also inform you that you can exercise your access,
rectification, cancellation and opposition rights by send us a mail to:
info at nayarsystems.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20180510/0763f908/attachment-0001.html>

More information about the yocto mailing list