From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 17CFE1382C5 for ; Sat, 27 Jan 2018 14:27:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 85DE0E0999; Sat, 27 Jan 2018 14:27:30 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3AF27E0921 for ; Sat, 27 Jan 2018 14:27:30 +0000 (UTC) Received: from pomiot (d202-252.icpnet.pl [109.173.202.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 485C7335C2F; Sat, 27 Jan 2018 14:27:28 +0000 (UTC) Message-ID: <1517063245.3816.13.camel@gentoo.org> Subject: Re: [gentoo-dev] [News item review] Portage rsync tree verification (v2) From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Date: Sat, 27 Jan 2018 15:27:25 +0100 In-Reply-To: References: <1516874667.1833.4.camel@gentoo.org> <1516883717.1833.10.camel@gentoo.org> <1516916746.30594.3.camel@gentoo.org> Organization: Gentoo Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.24.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: 4a2c8abb-10e9-40ad-a622-dafc51692844 X-Archives-Hash: f51fa342351daf50faae57da2414add8 W dniu czw, 25.01.2018 o godzinie 15∶55 -0600, użytkownik R0b0t1 napisał: > On Thu, Jan 25, 2018 at 3:45 PM, Michał Górny wrote: > > W dniu czw, 25.01.2018 o godzinie 21∶37 +0000, użytkownik Robin H. > > Johnson napisał: > > > On Thu, Jan 25, 2018 at 01:35:17PM +0100, Michał Górny wrote: > > > > Title: Portage rsync tree verification > > > > Author: Michał Górny > > > > Posted: 2018-01-xx > > > > Revision: 1 > > > > News-Item-Format: 2.0 > > > > Display-If-Installed: > > > > > Drop Display-If-Installed, they need to always see this until they know > > > it was bootstrapped. > > > > Well, the idea was that if someone starts with stage that has >2.3.21, > > then he has bootstrapped via verifying the stage signature. > > > > > > Starting with sys-apps/portage-2.3.22, Portage enables cryptographic > > > > verification of the Gentoo rsync repository distributed over rsync > > > > by default. > > > > > > Seems very wordy, suggested cleanup: > > > > > Starting with sys-apps/portage-2.3.22, Portage will verify the Gentoo > > > > > repository after rsync by default. > > > > > > > > This aims to prevent malicious third parties from altering > > > > the contents of the ebuild repository received by our users. > > > > > > > > This does not affect users syncing using git and other methods. > > > > Appropriate verification mechanisms for them will be provided > > > > in the future. > > > > > > Note that emerge-webrsync has verification via FEATURES=webrsync-gpg? > > > > I'm sorry, I have never used that. Does it cover full key maintenance > > or rely on user to do the gpg work? > > > > It used to be necessary to set up a GnuPG home for portage and pull > the keys in, but now users can emerge app-crypt/gentoo-keys and set > PORTAGE_GPG_DIR="/var/lib/gentoo/gkeys/keyrings/gentoo/release". > In that case I'd rather not announce it until it is integrated properly. -- Best regards, Michał Górny