From: Fabian Groffen <grobian@gentoo.org>
To: Eddie Chapman <eddie@ehuk.net>
Cc: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Current unavoidable use of xz utils in Gentoo
Date: Sat, 6 Apr 2024 16:04:35 +0200 [thread overview]
Message-ID: <ZhFWcwdyTS5koQXb@gentoo.org> (raw)
In-Reply-To: <92ef54a0-7a49-49f3-b3cc-d38a2b9adebd@ehuk.net>
[-- Attachment #1: Type: text/plain, Size: 1206 bytes --]
On 06-04-2024 12:57:23 +0100, Eddie Chapman wrote:
> There is one significant thing that breaks, which is Gemato
> (app-portage/gemato). Gemato requires lzma support in core python in
> order to do GPG signature verification. This means you will have to say
> goodbye (for now) to verifying upstream GPG signatures on distfiles, and
> verification of Portage metadata after doing an emerge --sync. These
> features have been added to Portage relatively recently (2022?) so are
> "nice to have", without them your system is just less hardened, but
> still with the very high level of security that Gentoo systems have has
> always had prior to these features, in my opinion. Personally I can live
> without them for now. Verifying hashes in Manifest files still works
> fine and that's the main thing. You may disagree in which case, well,
> don't do this then. I'm going to figure out an alternative way I can
> verify Portage metadata soon, as there are other ways if you are creative.
If you just want to verify signatures and manifests after sync,
qmanifest from portage-utils can help you do this.
Thanks,
Fabian
--
Fabian Groffen
Gentoo on a different level
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2024-04-06 14:04 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-30 3:07 [gentoo-dev] Current unavoidable use of xz utils in Gentoo Eddie Chapman
2024-03-30 3:43 ` orbea
2024-03-30 7:06 ` Dale
2024-03-30 10:47 ` [gentoo-dev] " Duncan
2024-03-30 11:32 ` [gentoo-dev] " Rich Freeman
2024-03-30 14:57 ` Eddie Chapman
2024-03-30 15:02 ` Michał Górny
2024-03-30 15:17 ` Eddie Chapman
2024-03-30 15:29 ` Michał Górny
2024-03-30 15:59 ` Eddie Chapman
2024-03-30 16:07 ` Dale
2024-03-30 17:13 ` Re[2]: " Stefan Schmiedl
2024-03-30 17:36 ` Eddie Chapman
2024-03-31 1:41 ` Thomas Gall
2024-03-30 23:49 ` Eddie Chapman
2024-03-31 1:36 ` Eli Schwartz
2024-03-30 15:23 ` orbea
2024-03-30 15:14 ` Rich Freeman
2024-03-30 17:19 ` Eddie Chapman
2024-03-31 1:25 ` Sam James
2024-03-31 1:33 ` Eli Schwartz
2024-03-31 11:13 ` Eddie Chapman
2024-03-31 11:59 ` Matt Jolly
2024-04-01 7:57 ` Eddie Chapman
2024-04-01 14:50 ` Eli Schwartz
2024-04-02 8:43 ` Eddie Chapman
2024-04-02 19:46 ` Eli Schwartz
2024-04-02 20:19 ` Eddie Chapman
2024-04-01 14:55 ` Michał Górny
2024-04-02 9:02 ` Eddie Chapman
2024-04-01 15:14 ` Kenton Groombridge
2024-04-01 15:40 ` orbea
2024-04-01 16:01 ` Kenton Groombridge
2024-04-01 16:21 ` orbea
2024-04-01 18:51 ` Kévin GASPARD DE RENEFORT
2024-04-01 20:07 ` James Le Cuirot
2024-04-02 6:32 ` Joonas Niilola
2024-03-31 11:32 ` stefan11111
2024-04-01 14:56 ` Azamat Hackimov
2024-04-02 19:32 ` Eddie Chapman
2024-04-03 11:47 ` [gentoo-dev] " Duncan
2024-04-03 12:14 ` Sam James
2024-04-03 15:30 ` [gentoo-dev] " Eddie Chapman
2024-04-03 16:40 ` Michael Orlitzky
2024-04-04 3:20 ` [gentoo-dev] " Duncan
2024-04-04 3:49 ` [gentoo-dev] " Eli Schwartz
2024-04-04 8:32 ` Sam James
2024-04-04 8:34 ` Kévin GASPARD DE RENEFORT
2024-04-04 14:38 ` Eddie Chapman
2024-04-04 14:24 ` Eddie Chapman
2024-04-06 11:57 ` Eddie Chapman
2024-04-06 12:15 ` Ulrich Mueller
2024-04-06 12:34 ` Roy Bamford
2024-04-06 14:04 ` Fabian Groffen [this message]
2024-04-07 6:44 ` Eddie Chapman
2024-04-06 16:15 ` Sam James
2024-04-07 11:24 ` Eddie Chapman
2024-04-11 5:21 ` Joonas Niilola
2024-04-12 7:18 ` [gentoo-dev] " Duncan
2024-04-13 7:10 ` [gentoo-dev] " Eddie Chapman
2024-04-03 12:22 ` [gentoo-dev] " Kévin GASPARD DE RENEFORT
2024-04-03 12:26 ` Kévin GASPARD DE RENEFORT
2024-04-04 1:41 ` Duncan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZhFWcwdyTS5koQXb@gentoo.org \
--to=grobian@gentoo.org \
--cc=eddie@ehuk.net \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox