From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 33860138350 for ; Tue, 14 Jan 2020 08:25:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2807CE0922; Tue, 14 Jan 2020 08:25:09 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id ECDD5E0922 for ; Tue, 14 Jan 2020 08:25:08 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C6FE434E082 for ; Tue, 14 Jan 2020 08:25:07 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id B841D2A for ; Tue, 14 Jan 2020 08:25:05 +0000 (UTC) From: "Ulrich Müller" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Ulrich Müller" Message-ID: <1578990196.85cd37e0956f4e8275032ae948042e547a54f3aa.ulm@gentoo> Subject: [gentoo-commits] proj/devmanual:master commit in: general-concepts/manifest/ X-VCS-Repository: proj/devmanual X-VCS-Files: general-concepts/manifest/text.xml X-VCS-Directories: general-concepts/manifest/ X-VCS-Committer: ulm X-VCS-Committer-Name: Ulrich Müller X-VCS-Revision: 85cd37e0956f4e8275032ae948042e547a54f3aa X-VCS-Branch: master Date: Tue, 14 Jan 2020 08:25:05 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 7f294f64-3cd8-46b6-b55f-4d0c9aff3d7f X-Archives-Hash: c80676277b0757109642bc030ab40f48 commit: 85cd37e0956f4e8275032ae948042e547a54f3aa Author: Michał Górny gentoo org> AuthorDate: Sun Jan 5 11:39:01 2020 +0000 Commit: Ulrich Müller gentoo org> CommitDate: Tue Jan 14 08:23:16 2020 +0000 URL: https://gitweb.gentoo.org/proj/devmanual.git/commit/?id=85cd37e0 general-concepts/manifest: Remove obsolete information Remove all the obsolete text found in the Manifest section. This includes Manifest signing (now replaced by commit signing which belongs in the git section), obsolete hash list (refer to layout.conf instead), and CVS-specific 'repoman commit' usage. Also reword the description to fit thin Manifests. Signed-off-by: Michał Górny gentoo.org> Signed-off-by: Ulrich Müller gentoo.org> general-concepts/manifest/text.xml | 65 ++++---------------------------------- 1 file changed, 6 insertions(+), 59 deletions(-) diff --git a/general-concepts/manifest/text.xml b/general-concepts/manifest/text.xml index ace785d..fb54384 100644 --- a/general-concepts/manifest/text.xml +++ b/general-concepts/manifest/text.xml @@ -7,68 +7,15 @@ Generating the Manifest

-In the tree, every package has a Manifest file. This file lives in the same -directory as the ebuilds for the package. The Manifest file contains digests -(currently RMD160, SHA1, SHA256, SHA512 and WHIRLPOOL) and file size data for every -file in the directory and any subdirectories. This is used to verify integrity. -The Manifest may also be digitally signed. +In the tree, every package has a Manifest file. This file lives +in the same directory as the ebuilds for the package. The Manifest file +contains digests (the current list can be found in metadata/layout.conf +as manifest-hashes) and file size data for every distfile used +by the package. This is used to verify integrity upon fetching them.

-To generate the Manifest, use ebuild foo.ebuild manifest. When -committing, the Manifest file must be regenerated to handle any -changes repoman will do this automatically. -

- - - -
-Signing the Manifest using your GPG key - -

-Requirements: -

- -
    -
  • >=sys-apps/portage-2.0.51_pre10
    • -
  • >=app-crypt/gnupg-1.2.4
    • -
- -

-Key Setup: -

- -
    -
  • - Create - a new DSA GnuPG key with at least a 1024 bit keylength, an expiration - period no longer than 6 months and a good passphrase. -
    • -
  • - Upload - the key to a keyserver. -
    • -
- -

-Portage Configuration: -

- -
    -
  • - Set PORTAGE_GPG_DIR to your ~/.gnupg/ directory - (or the directory where the keyring with your new key is). -
    • -
  • Set PORTAGE_GPG_KEY to the key id of your new key.
    • -
  • Set FEATURES="sign".
    • -
- -

-Now you should be able to sign your Manifests on repoman commit. Repoman will -ask you for your passphrase before committing the Manifest. This step is -after it has committed the other files. At the moment repoman doesn't -check if the Manifest is already signed, so others are able to "unsign" your -package later. This will change before signing is made mandatory. +To generate the Manifest, use ebuild foo.ebuild manifest.