* [gentoo-commits] proj/portage:master commit in: .github/workflows/, cnf/, man/, lib/portage/package/ebuild/_config/, ...
@ 2023-09-03 18:08 Mike Gilbert
0 siblings, 0 replies; only message in thread
From: Mike Gilbert @ 2023-09-03 18:08 UTC (permalink / raw
To: gentoo-commits
commit: 3e56f8a6498cd90a7d5fe472febf586455c3bad7
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 30 17:57:19 2023 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sun Sep 3 18:07:28 2023 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=3e56f8a6
Run PORTAGE_TRUST_HELPER before remote binary package operations
Right now this is somewhat suboptimal because the helper is only
called if FEATURES="binpkg-request-signature" is set, but existing
signatures are also verified otherwise.
Closes: https://github.com/gentoo/portage/pull/1085
Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org>
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
.github/workflows/ci.yml | 3 +++
NEWS | 2 ++
cnf/make.globals | 3 +++
lib/portage/dbapi/bintree.py | 12 ++++++++++++
lib/portage/package/ebuild/_config/special_env_vars.py | 1 +
man/make.conf.5 | 9 +++++++++
6 files changed, 30 insertions(+)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index bf36ad19d8..fc7ab93a2b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -38,6 +38,9 @@ jobs:
python -m pip install --upgrade pip
# setuptools needed for 3.12+ because of https://github.com/mesonbuild/meson/issues/7702.
python -m pip install pytest setuptools
+
+ # symlink /bin/true to /usr/bin/getuto (or do we want to grab the script from github?)
+ sudo ln -s /bin/true /usr/bin/getuto
- name: Test meson install --destdir /tmp/install-root
run: |
echo -e "[binaries]\npython = '$(command -v python)'" > /tmp/native.ini
diff --git a/NEWS b/NEWS
index 65e75759bf..3e9e36f23f 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,8 @@ Features:
* bintree: Add new API member (invalid_paths) to allow gentoolkit to later
clean up invalid binpkgs (bug #900224).
+* Run PORTAGE_TRUST_HELPER before remote binary package operations.
+
Bug fixes:
* Prevent gpg from removing /dev/null when unlocking signing key (bug #912808).
diff --git a/cnf/make.globals b/cnf/make.globals
index f951bb3172..bfefcc5235 100644
--- a/cnf/make.globals
+++ b/cnf/make.globals
@@ -150,6 +150,9 @@ PORTAGE_ELOG_MAILFROM="portage@localhost"
# Signing command used by egencache
PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key \"\${PORTAGE_GPG_KEY}\" --homedir \"\${PORTAGE_GPG_DIR}\" \"\${FILE}\""
+# Trust helper executable for installing and updating package verification keys
+PORTAGE_TRUST_HELPER="/usr/bin/getuto"
+
# btrfs.* attributes are irrelevant, see bug #527636.
# security.* attributes may be special (see bug 461868), but
# security.capability is specifically not excluded (bug 548516).
diff --git a/lib/portage/dbapi/bintree.py b/lib/portage/dbapi/bintree.py
index af2113bd84..ec31b52d00 100644
--- a/lib/portage/dbapi/bintree.py
+++ b/lib/portage/dbapi/bintree.py
@@ -1234,11 +1234,23 @@ class binarytree:
return pkgindex if update_pkgindex else None
+ def _run_trust_helper(self):
+ portage_trust_helper = self.settings.get("PORTAGE_TRUST_HELPER", "")
+ if portage_trust_helper == "":
+ return
+ ret = subprocess.run(portage_trust_helper)
+ ret.check_returncode()
+
def _populate_remote(self, getbinpkg_refresh=True):
self._remote_has_index = False
self._remotepkgs = {}
if "binpkg-request-signature" in self.settings.features:
+ # This is somewhat broken, we *should* run the trust helper always
+ # when binpackages are involved, not only when we refuse unsigned
+ # ones. (If the keys have expired we end up refusing signed but
+ # technically invalid packages...)
+ self._run_trust_helper()
gpkg_only = True
else:
gpkg_only = False
diff --git a/lib/portage/package/ebuild/_config/special_env_vars.py b/lib/portage/package/ebuild/_config/special_env_vars.py
index ef8f06abe3..6020029e35 100644
--- a/lib/portage/package/ebuild/_config/special_env_vars.py
+++ b/lib/portage/package/ebuild/_config/special_env_vars.py
@@ -315,6 +315,7 @@ environ_filter = frozenset(
"PORTAGE_RSYNC_RETRIES",
"PORTAGE_SSH_OPTS",
"PORTAGE_SYNC_STALE",
+ "PORTAGE_TRUST_HELPER",
"PORTAGE_USE",
"PORTAGE_LOG_FILTER_FILE_CMD",
"PORTAGE_LOGDIR",
diff --git a/man/make.conf.5 b/man/make.conf.5
index a1a433b108..2a28d2b6f7 100644
--- a/man/make.conf.5
+++ b/man/make.conf.5
@@ -1208,6 +1208,15 @@ Defaults to /var/tmp.
This should not be set to point anywhere under location of any repository.
.TP
+\fBPORTAGE_TRUST_HELPER\fR = \fI[path]\fR
+Defines an executable file which initializes and maintains
+/etc/portage/gnupg, installing keys that are trusted for binary package
+signing, and refreshing these keys from a key server. This helper is called
+before all operations involving remote binary packages if and only if
+binpkg-request-signature is in \fBFEATURES\fR.
+.br
+Defaults to "/usr/bin/getuto" (provided by app-portage/getuto).
+.TP
\fBPORTAGE_USERNAME\fR = \fI[user]\fR
Defines the username to use when executing in userpriv/etc... modes (i.e.
non-root).
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2023-09-03 18:08 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-03 18:08 [gentoo-commits] proj/portage:master commit in: .github/workflows/, cnf/, man/, lib/portage/package/ebuild/_config/, Mike Gilbert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox