From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 54F621381F3 for ; Thu, 20 Jun 2013 03:27:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7ABD4E0A80; Thu, 20 Jun 2013 03:27:24 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 962E8E08ED for ; Thu, 20 Jun 2013 03:27:23 +0000 (UTC) Received: from [192.168.26.7] (ip98-164-195-43.oc.oc.cox.net [98.164.195.43]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: zmedico) by smtp.gentoo.org (Postfix) with ESMTPSA id C04B933E47F for ; Thu, 20 Jun 2013 03:27:22 +0000 (UTC) Message-ID: <51C27699.8090600@gentoo.org> Date: Wed, 19 Jun 2013 20:27:21 -0700 From: Zac Medico User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] repoman commit unexpectedly drops FEATURES="sign" on error References: <51C26FFC.1090000@gentoo.org> <51C27615.2020600@gentoo.org> In-Reply-To: <51C27615.2020600@gentoo.org> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: 9cb56e88-9ad3-4db4-b1de-4ab16d9db2bf X-Archives-Hash: 684d35ab6e607f4a759cef0ae7e52e6e On 06/19/2013 08:25 PM, Zac Medico wrote: > On 06/19/2013 07:59 PM, "Paweł Hajdan, Jr." wrote: >> I was surprised by repoman just dropping FEATURES="sign" . I'm aware >> that at that time it has to commit an updated Manifest to prevent >> breakages, so if gpg fails it proceeds, but is there something it could >> do to check gpg sanity before committing anything? > > It seems the simplest way to go would be to do a test signature before > commit, as suggested here: > > https://bugs.gentoo.org/show_bug.cgi?id=298605 > > Is it okay to assume that everyone uses gpg-agent, so they won't have to > enter the passphrase more than once? Or, we could skip the test signature if the GPG_AGENT_INFO variable is not set? -- Thanks, Zac