summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris St. Pierre <chris.a.st.pierre@gmail.com>2012-03-21 16:40:52 -0400
committerChris St. Pierre <chris.a.st.pierre@gmail.com>2012-03-21 16:40:52 -0400
commit1b7462de5d95b8d195866c1bafb9fb8b6957334e (patch)
tree627f01b490d61033aec107721f61332ea6db0770
parentfb556e7675e1c13f8d3fbdce0aeb0d3e30ff9123 (diff)
downloadbcfg2-1b7462de5d95b8d195866c1bafb9fb8b6957334e.tar.gz
bcfg2-1b7462de5d95b8d195866c1bafb9fb8b6957334e.tar.bz2
bcfg2-1b7462de5d95b8d195866c1bafb9fb8b6957334e.zip
fixed automatic handling of GPGKeys
-rw-r--r--doc/server/plugins/generators/packages.txt8
-rw-r--r--src/lib/Server/Plugins/Packages/Yum.py64
2 files changed, 46 insertions, 26 deletions
diff --git a/doc/server/plugins/generators/packages.txt b/doc/server/plugins/generators/packages.txt
index 93b5308be..276b73093 100644
--- a/doc/server/plugins/generators/packages.txt
+++ b/doc/server/plugins/generators/packages.txt
@@ -158,9 +158,11 @@ Handling GPG Keys
.. versionadded:: 1.2.0
-Packages can automatically handle GPG signing keys for Yum and Pulp
-repositories. Simply specify the URL to the GPG key(s) for a
-repository in ``sources.xml``::
+If you have yum libraries installed, Packages can automatically handle
+GPG signing keys for Yum and Pulp repositories. (You do not need to
+use the native yum resolver; if yum libraries are available, GPG
+signing keys can be handled automatically.) Simply specify the URL to
+the GPG key(s) for a repository in ``sources.xml``::
<Source type="yum"
rawurl="http://mirror.example.com/centos6-x86_64/RPMS.os">
diff --git a/src/lib/Server/Plugins/Packages/Yum.py b/src/lib/Server/Plugins/Packages/Yum.py
index 1937dbf83..e13b28251 100644
--- a/src/lib/Server/Plugins/Packages/Yum.py
+++ b/src/lib/Server/Plugins/Packages/Yum.py
@@ -197,8 +197,21 @@ class YumCollection(Collection):
needkeys.add(key)
if len(needkeys):
- keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey",
- type=self.ptype, origin='Packages')
+ if has_yum:
+ # this must be be has_yum, not use_yum, because
+ # regardless of whether the user wants to use the yum
+ # resolver we want to include gpg key data
+ keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey",
+ type=self.ptype, origin='Packages')
+ else:
+ self.logger.warning("GPGKeys were specified for yum sources in "
+ "sources.xml, but no yum libraries were "
+ "found")
+ self.logger.warning("GPG key version/release data cannot be "
+ "determined automatically")
+ self.logger.warning("Install yum libraries, or manage GPG keys "
+ "manually")
+ keypkg = None
for key in needkeys:
# figure out the path of the key on the client
@@ -219,7 +232,8 @@ class YumCollection(Collection):
# hook to add version/release info if possible
self._add_gpg_instances(keypkg, kdata, localkey, remotekey)
independent.append(keypath)
- independent.append(keypkg)
+ if keypkg is not None:
+ independent.append(keypkg)
# see if there are any pulp sources to handle
has_pulp_sources = False
@@ -274,20 +288,25 @@ class YumCollection(Collection):
def _add_gpg_instances(self, keyentry, keydata, localkey, remotekey):
""" add gpg keys to the specification to ensure they get
installed """
- if self.use_yum:
- try:
- kinfo = yum.misc.getgpgkeyinfo(keydata)
- version = yum.misc.keyIdToRPMVer(kinfo['keyid'])
- release = yum.misc.keyIdToRPMVer(kinfo['timestamp'])
-
- lxml.etree.SubElement(keyentry, 'Instance',
- version=version,
- release=release,
- simplefile=remotekey)
- except ValueError:
- err = sys.exc_info()[1]
- self.logger.error("Packages: Could not read GPG key %s: %s" %
- (localkey, err))
+ # this must be be has_yum, not use_yum, because regardless of
+ # whether the user wants to use the yum resolver we want to
+ # include gpg key data
+ if not has_yum:
+ return
+
+ try:
+ kinfo = yum.misc.getgpgkeyinfo(keydata)
+ version = yum.misc.keyIdToRPMVer(kinfo['keyid'])
+ release = yum.misc.keyIdToRPMVer(kinfo['timestamp'])
+
+ lxml.etree.SubElement(keyentry, 'Instance',
+ version=version,
+ release=release,
+ simplefile=remotekey)
+ except ValueError:
+ err = sys.exc_info()[1]
+ self.logger.error("Packages: Could not read GPG key %s: %s" %
+ (localkey, err))
def is_package(self, package):
if not self.use_yum:
@@ -436,19 +455,18 @@ class YumSource(Source):
repoapi = RepositoryAPI()
try:
self.repo = repoapi.repository(self.pulp_id)
- self.gpgkeys = ["%s/%s" % (PULPCONFIG.cds['keyurl'], key)
+ self.gpgkeys = [os.path.join(PULPCONFIG.cds['keyurl'], key)
for key in repoapi.listkeys(self.pulp_id)]
except server.ServerRequestError:
err = sys.exc_info()[1]
if err[0] == 401:
msg = "Packages: Error authenticating to Pulp: %s" % err[1]
elif err[0] == 404:
- msg = "Packages: Pulp repo id %s not found: %s" % (self.pulp_id,
- err[1])
+ msg = "Packages: Pulp repo id %s not found: %s" % \
+ (self.pulp_id, err[1])
else:
- msg = "Packages: Error %d fetching pulp repo %s: %s" % (err[0],
- self.pulp_id,
- err[1])
+ msg = "Packages: Error %d fetching pulp repo %s: %s" % \
+ (err[0], self.pulp_id, err[1])
raise SourceInitError(msg)
except socket.error:
err = sys.exc_info()[1]