From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1R3JYH-0002f3-AF for garchives@archives.gentoo.org; Tue, 13 Sep 2011 03:20:49 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 40F3A21C1B7; Tue, 13 Sep 2011 03:20:37 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 13FF621C1B7 for ; Tue, 13 Sep 2011 03:20:37 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8E08E1B4018 for ; Tue, 13 Sep 2011 03:20:36 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id EB31680042 for ; Tue, 13 Sep 2011 03:20:35 +0000 (UTC) From: "Zac Medico" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Zac Medico" Message-ID: <677240f7b3db66bdcd403c214e5d3fa30e31a24a.zmedico@gentoo> Subject: [gentoo-commits] proj/portage:master commit in: bin/ X-VCS-Repository: proj/portage X-VCS-Files: bin/repoman X-VCS-Directories: bin/ X-VCS-Committer: zmedico X-VCS-Committer-Name: Zac Medico X-VCS-Revision: 677240f7b3db66bdcd403c214e5d3fa30e31a24a Date: Tue, 13 Sep 2011 03:20:35 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: 76e8719d161f6ad2aa6ace91247eba88 commit: 677240f7b3db66bdcd403c214e5d3fa30e31a24a Author: Zac Medico gentoo org> AuthorDate: Tue Sep 13 03:20:00 2011 +0000 Commit: Zac Medico gentoo org> CommitDate: Tue Sep 13 03:20:00 2011 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/portage.git;a= =3Dcommit;h=3D677240f7 repoman: don't sign thin manifests Thin manifests imply reliance on the VCS for file integrity, which implies that manifest signatures are not needed. --- bin/repoman | 12 +++++++++--- 1 files changed, 9 insertions(+), 3 deletions(-) diff --git a/bin/repoman b/bin/repoman index 3462f93..38b3273 100755 --- a/bin/repoman +++ b/bin/repoman @@ -592,6 +592,12 @@ repo_info =3D portdb._repo_info[portdir_overlay] portdb.porttrees =3D list(repo_info.eclass_db.porttrees) portdir =3D portdb.porttrees[0] =20 +# Thin manifests imply reliance on the VCS for file integrity, +# which implies that manifest signatures are not needed. +sign_manifests =3D "sign" in repoman_settings.features and not \ + repoman_settings.repositories.get_repo_for_location( + portdir_overlay).thin_manifest + # Generate an appropriate PORTDIR_OVERLAY value for passing into the # profile-specific config constructor calls. env =3D os.environ.copy() @@ -2402,7 +2408,7 @@ else: =20 if vcs in ('cvs', 'svn') and (myupdates or myremoved): myfiles =3D myupdates + myremoved - if not myheaders and "sign" not in repoman_settings.features: + if not myheaders and not sign_manifests: myfiles +=3D mymanifests fd, commitmessagefile =3D tempfile.mkstemp(".repoman.msg") mymsg =3D os.fdopen(fd, "wb") @@ -2548,7 +2554,7 @@ else: sys.exit(1) =20 # Force an unsigned commit when more than one Manifest needs to be sig= ned. - if repolevel < 3 and "sign" in repoman_settings.features: + if repolevel < 3 and sign_manifests: =20 fd, commitmessagefile =3D tempfile.mkstemp(".repoman.msg") mymsg =3D os.fdopen(fd, "wb") @@ -2581,7 +2587,7 @@ else: manifest_commit_required =3D False =20 signed =3D False - if "sign" in repoman_settings.features: + if sign_manifests: signed =3D True myfiles =3D myupdates + myremoved + mymanifests try: