-1

My problem I think is very simple. I would like to have opkg verify signatures before installing packages from my custom opkg repository. The issue I am having is that the keys I added to the opkg-keyrings yocto recipe are all marked as unknown on the target by gpg. They are all installed though. So when i attempt to install a package form my custom repository, It fails because there are no trusted keys. I do not believe that this is a yocto bug, but I am running rocko.

Thank you.

I have gone through the relevant recipes and just don't see anything to change the behavior.

when i attempt to run opkg update i receive the following error.

Collected errors:

opkg_verify_gpg_signature: No sufficently trusted public keys found.

gpg -k result on target(verify fails)
uid           [ unknown]

gpg -k result on pc where verify succeeds. 
uid   
        [ultimate]
Dvyn Resh
  • 980
  • 1
  • 6
  • 14
CKdev
  • 11
  • 2
  • 2
    Does [this manual section](https://www.yoctoproject.org/docs/latest/mega-manual/mega-manual.html#processing-package-feeds) helps? – Nayfe Aug 12 '19 at 11:10
  • 1
    thank you Nayfe but no. I have already done that. My keys are on the target an opkg is aware of them. It just has set them all to unknown rather than a trusted state. – CKdev Aug 12 '19 at 12:03
  • opkg-key adv --list-keys --fingerprint --with-colons |\ sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6/p' |\ opkg-key adv --import-ownertrust \n I wanted to add this for anyone who finds the question. I ended up adding a service at start up that runs a script that enables the key – CKdev Aug 12 '19 at 14:27
  • You can add it as an answer to your question, and mark it as correct answer. – Nayfe Aug 12 '19 at 15:08

1 Answers1

1

opkg-key populate opkg-key adv --list-keys --fingerprint --with-colons |\ sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6/p' |\ opkg-key adv --import-ownertrust

I wanted to add this for anyone who finds the question. I ended up adding a service at start up that runs a script that enables the keys. I have included the key portions of the script above.

CKdev
  • 11
  • 2