On Wed, Jul 4, 2018 at 12:20 PM gevisz <gev...@gmail.com> wrote: > > 2018-07-03 16:04 GMT+03:00 Rich Freeman <ri...@gentoo.org>: > > > emerge --sync, with git at least, overwrites /usr/portage in place and > > so it will leave it in a bad state if verification fails. > > It sounds really aweful. > I did not know this as I always used only emerge-webrsync. >
Yes. I do have scripts set to abort if it fails and I should notice. But, this isn't really viewed as acceptable by anybody - there just hasn't been a more complete solution devised. Part of the issue is that I think portage just has git do a pull in-place which just overwrites everything, and then portage does the signature check after that. I wonder if we can have portage instead do a fetch, then do the verification of HEAD, and then if it passes do a checkout. That will still leave you with invalid data in the git history, but it won't actually be checked out, so at least emerge won't be seeing it. -- Rich
