Stop gpg-agent at

toolkit/tools/imagegen/installutils/installutils.go

@@ -262,6 +262,8 @@ func PopulateInstallRoot(installChroot *safechroot.Chroot, packagesToInstall []s
 		filesystemPkg = "filesystem"
 	)
 
+	defer stopGPGAgent(installChroot)
+
 	ReportAction("Initializing RPM Database")
 
 	installRoot := filepath.Join(rootMountPoint, installChroot.RootDir())
@@ -1476,3 +1478,20 @@ func KernelPackages(config configuration.Config) []*pkgjson.PackageVer {
 	}
 	return packageList
 }
+
+// stopGPGAgent stops gpg-agent if it is running inside the installChroot.
+//
+// It is possible that one of the packages or post-install scripts started a GPG agent.
+// e.g. when installing the mariner-repos SPEC, a GPG import occurs. This starts the gpg-agent process inside the chroot.
+// To be able to cleanly exit the setup chroot, we must stop it.
+func stopGPGAgent(installChroot *safechroot.Chroot) {
+	installChroot.UnsafeRun(func() error {
+		err := shell.ExecuteLiveWithCallback(logger.Log.Debug, logger.Log.Warn, "gpgconf", "--kill", "gpg-agent")
+		if err != nil {
+			// This is non-fatal, as there is no guarentee the image has gpg agent started.
+			logger.Log.Warnf("Failed to stop gpg-agent. This is expected if it is not installed: %s", err)
+		}
+
+		return nil
+	})
+}