2018-07-03 11:10 GMT+03:00 Mick <michaelkintz...@gmail.com>: > On Tuesday, 3 July 2018 08:48:02 BST gevisz wrote: >> Just today I have tried emerge-webrsync and got >> to the following endless circle: >> >> Fetching most recent snapshot ... >> Trying to retrieve 20180702 snapshot from http://mirror.netcologne.de/gentoo >> ... Fetching file portage-20180702.tar.xz.md5sum ... >> Fetching file portage-20180702.tar.xz.gpgsig ... >> Fetching file portage-20180702.tar.xz ... >> Checking digest ... >> Checking signature ... >> gpg: Signature made Tue Jul 3 03:51:21 2018 EEST >> gpg: using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 >> gpg: Good signature from "Gentoo Portage Snapshot Signing Key >> (Automated Signing Key)" [expired] >> gpg: Note: This key has expired! >> Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D >> Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250 >> Fetching file portage-20180702.tar.bz2.md5sum ... >> Fetching file portage-20180702.tar.bz2.gpgsig ... >> Fetching file portage-20180702.tar.bz2 ... >> Checking digest ... >> Checking signature ... >> gpg: Signature made Tue Jul 3 03:51:20 2018 EEST >> gpg: using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 >> gpg: Good signature from "Gentoo Portage Snapshot Signing Key >> (Automated Signing Key)" [expired] >> gpg: Note: This key has expired! >> Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D >> Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250 >> Fetching file portage-20180702.tar.gz.md5sum ... >> >> The following command showed that all Gentoo signing keys in my system >> expired: >> >> # gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release >> --with-fingerprint --list-keys >> /var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg >> --------------------------------------------------------- >> pub rsa4096 2014-10-03 [C] [expired: 2017-09-17] >> D2DE 1DBB A0F4 3EBA 341B 97D8 8255 33CB F6CD 6C97 >> uid [ expired] Gentoo-keys Team <gk...@gentoo.org> >> >> pub dsa1024 2004-07-20 [SC] [expired: 2018-07-01] >> D99E AC73 79A8 50BC E47D A5F2 9E64 38C8 1707 2058 >> uid [ expired] Gentoo Linux Release Engineering (Gentoo >> Linux Release Signing Key) <rel...@gentoo.org> >> >> pub rsa4096 2011-11-25 [C] [expired: 2018-07-01] >> DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D >> uid [ expired] Gentoo Portage Snapshot Signing Key >> (Automated Signing Key) >> >> pub rsa4096 2009-08-25 [SC] [expired: 2017-08-25] >> 13EB BDBE DE7A 1277 5DFD B1BA BB57 2E0E 2D18 2910 >> uid [ expired] Gentoo Linux Release Engineering (Automated >> Weekly Release Key) <rel...@gentoo.org> >> >> >> Trying to renew them manually with the following commands does not help: >> >> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys >> 0x825533CBF6CD6C97 gpg: key 825533CBF6CD6C97: 2 signatures not checked due >> to missing keys gpg: key 825533CBF6CD6C97: public key "Gentoo-keys Team >> <gk...@gentoo.org>" imported >> gpg: no ultimately trusted keys found >> gpg: Total number processed: 1 >> gpg: imported: 1 >> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys >> 0xDB6B8C1F96D8BF6D gpg: key DB6B8C1F96D8BF6D: 14 signatures not checked due >> to missing keys gpg: key DB6B8C1F96D8BF6D: public key "Gentoo Portage >> Snapshot Signing Key (Automated Signing Key)" imported >> gpg: no ultimately trusted keys found >> gpg: Total number processed: 1 >> gpg: imported: 1 >> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys >> 0x9E6438C817072058 gpg: key 9E6438C817072058: 83 signatures not checked due >> to missing keys gpg: key 9E6438C817072058: public key "Gentoo Linux Release >> Engineering (Gentoo Linux Release Signing Key) <rel...@gentoo.org>" >> imported >> gpg: no ultimately trusted keys found >> gpg: Total number processed: 1 >> gpg: imported: 1 >> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys >> 0xBB572E0E2D182910 gpg: key BB572E0E2D182910: 10 signatures not checked due >> to missing keys gpg: key BB572E0E2D182910: 1 bad signature >> gpg: key BB572E0E2D182910: public key "Gentoo Linux Release >> Engineering (Automated Weekly Release Key) <rel...@gentoo.org>" >> imported >> gpg: no ultimately trusted keys found >> gpg: Total number processed: 1 >> gpg: imported: 1 >> >> Here >> https://wiki.gentoo.org/wiki/Handbook:AMD64/Working/Features#Fetching_files >> has been said the following: >> >> If any of the keys installed from app-crypt/gentoo-keys should expire, >> run gkeys from app-crypt/gkeys to refresh them from the key server: >> root #emerge --ask app-crypt/gkeys >> root #gkeys refresh-key -C gentoo >> >> but gkeys are not stable in my architeture as it follows from the following: >> >> $ eix gkeys >> * app-crypt/gkeys >> Available versions: ~0.2 **9999 {PYTHON_TARGETS="python2_7 >> python3_4 python3_5 python3_6"} >> Homepage: https://wiki.gentoo.org/wiki/Project:Gentoo-keys >> Description: An OpenPGP/GPG key management tool and python libs >> >> * app-crypt/gkeys-gen >> Available versions: ~0.2 **9999 {PYTHON_TARGETS="python2_7 >> python3_4 python3_5 python3_6"} >> Homepage: https://wiki.gentoo.org/wiki/Project:Gentoo-keys >> Description: Tool for generating OpenPGP/GPG keys using a >> specifications file > > This package update came up yesterday: > > app-crypt/openpgp-keys-gentoo-release-20180702 >
Too late: Gentoo signing keys expired on 1 July 2018. So, no way to update portage tree on 2 July 2018. :(