2

I am building a docker image and i am trying to sign the packages that are generated during the build using gpg signature. here is my env variables:

yocto@edef5a9c44a0:~/build$ gpg --list-keys
/home/yocto/.gnupg/pubring.kbx
------------------------------
pub   rsa3072 2020-12-14 [SC] [expires: 2025-12-13]
      1A5EE69728AEC73E061665949FFC6A5AD2F1126C
uid           [ultimate] xxxxxxxx (yyyyyyyy) <zzzzzzzz@zzzzzzzz>
sub   rsa3072 2020-12-14 [E] [expires: 2025-12-13]

Here my key ID <9FFC6A5AD2F1126C> and here are the lines I am adding to my machine conf

# Package manager configs 
PACKAGE_CLASSES = "package_ipk"
EXTRA_IMAGE_FEATURES = "package-management"
IMAGE_INSTALL_append = " opkg "

# Package manager signature 
INHERIT += "sign_ipk" 
#OPKG_KEYRING_KEYS ?= "9FFC6A5AD2F1126C"
IPK_GPG_NAME = "9FFC6A5AD2F1126C"
IPK_GPG_PASSPHRASE_FILE = "/home/yocto/passphrase.txt"
INHERIT += "sign_package_feed"
PACKAGE_FEED_GPG_NAME = "9FFC6A5AD2F1126C"
PACKAGE_FEED_GPG_PASSPHRASE_FILE = "/home/yocto/passphrase.txt"

In the "/home/yocto/passphrase.txt" I included my secret passphrase. I did export my key in the yocto env with the following:

$ gpg --output rpm-feed.gpg --export <id>

I keep having this error: gpg: signing failed: Cannot allocate memory

log file:

yocto@edef5a9c44a0:~/build$ cat /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/temp/log.do_package_write_ipk.51190 
DEBUG: Executing python function sstate_task_prefunc
DEBUG: Python function sstate_task_prefunc finished
DEBUG: Executing python function extend_recipe_sysroot
NOTE: Direct dependencies are ['virtual:native:/home/yocto/poky/meta/recipes-devtools/pseudo/pseudo_1.8.2.bb:do_populate_sysroot', 'virtual:native:/home/yocto/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.3.5.bb:do_populate_sysroot']
NOTE: Installed into sysroot: []
NOTE: Skipping as already exists in sysroot: ['pseudo-native', 'opkg-utils-native', 'quilt-native']
DEBUG: Python function extend_recipe_sysroot finished
DEBUG: Executing python function do_package_write_ipk
DEBUG: Executing python function read_subpackage_metadata
DEBUG: Python function read_subpackage_metadata finished
DEBUG: Executing python function do_package_ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-man_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-xmlrpc_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-xml_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-typing_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-unixadmin_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-modules_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-unittest_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Signing ipk: /home/yocto/build/tmp/work/cortexa9hf-neon-poky-linux-gnueabi/python3/3.5.3-r1.0/deploy-ipks/cortexa9hf-neon/python3-misc_3.5.3-r1.0_cortexa9hf-neon.ipk
DEBUG: Python function do_package_ipk finished
DEBUG: Python function do_package_write_ipk finished
ERROR: Function failed: GPG exited with code 2: gpg: signing failed: Cannot allocate memory
gpg: signing failed: Cannot allocate memory

Here is the output concerning the memory and I don't understand on what memory it couldn't allocated !

yocto@edef5a9c44a0:~/build$ df -h 
Bestandssysteem Grootte Gebruikt Besch Geb% Aangekoppeld op
overlay            297G      83G  200G  30% /
tmpfs               64M        0   64M   0% /dev
tmpfs              7,7G        0  7,7G   0% /sys/fs/cgroup
shm                 64M        0   64M   0% /dev/shm
/dev/nvme0n1p5     297G      83G  200G  30% /home/yocto
tmpfs              7,7G        0  7,7G   0% /proc/asound
tmpfs              7,7G        0  7,7G   0% /proc/acpi
tmpfs              7,7G        0  7,7G   0% /proc/scsi
tmpfs              7,7G        0  7,7G   0% /sys/firmware
amine.lannister
  • 31
  • 2
  • `df -kh` gives you information on disk usage, not memory. When these programs say "memory", they're talking about RAM. – thelr Dec 21 '20 at 16:44
  • _yocto@edef5a9c44a0:~/build$ df -kh Bestandssysteem Grootte Gebruikt Besch Geb% Aangekoppeld op overlay 297G 83G 200G 30% / tmpfs 64M 0 64M 0% /dev tmpfs 7,7G 0 7,7G 0% /sys/fs/cgroup shm 64M 0 64M 0% /dev/shm /dev/nvme0n1p5 297G 83G 200G 30% /home/yocto tmpfs 7,7G 0 7,7G 0% /proc/asound tmpfs 7,7G 0 7,7G 0% /proc/acpi tmpfs 7,7G 0 7,7G 0% /proc/scsi tmpfs 7,7G 0 7,7G 0% /sys/firmware_ – amine.lannister Dec 21 '20 at 20:26

1 Answers1

1

I managed to avoid the running out of memory issue by the following: I added this option auto-expand-secmem 0x30000 to my .gnupg/gpg-agent.conf file. I didn't have it in the first place!so I created: vim .gnupg/gpg-agent.conf and I added that option. from what I understood is that this gpg agent is allocating some sort of ram memory in order for him to begin signing the files, this memory allocation will depend on the number of the cores your environment is running with. I hope I am not mistaking here!. I am still learning about this! Hence I am facing a new error: | gpg: skipped "9FFC6A5AD2F1126C": No secret key | gpg: signing failed: No secret key

amine.lannister
  • 31
  • 2