Chris Bainbridge wrote:
> ...
> Do we really have many users on dialup that it would
> inconvenience? Surely the massive size of the distfiles you have to
> download makes the impact of rsyncing the portage tree negligible
> compared to actually fetching everything you want to install?
>
It is har
Marius Mauch wrote:
> On Fri, 19 May 2006 12:28:04 -0400
> Peter <[EMAIL PROTECTED]> wrote:
>
>> Who signs the Manifests? Why are some unsigned? Is there a single
>> Gentoo Security Key (like I know Slackware has and some other distros
>> to ensure the authenticity of their files)?
>
> Because th
On Thu, May 18, 2006 at 12:22:25PM -0400, Mark Loeser wrote:
> This package is currently without a maintainer and has open QA issues;
> bug #123708. It was marked as testing on every arch without being
> tested and could really use someone to clean it up. It will be booted
> in 30 days if no one
On Fri, 2006-05-19 at 09:07 +0200, Henrik Brix Andersen wrote:
> Yes, I agree. It is very nice. We're slowly turning into Debian Linux
> - the role model of every GNU/Linux distribution out there.
I noticed that about the time GLEPs were introduced. It's a shame
really.
--
Owen Ford <[EMAIL PRO
Along these lines, I added my mercurial.eclass to the tree. I use it
personally for a couple projects, and figured it might help prevent
other people from needing to re-invent the wheel.
Regards,
Aron
--
gentoo-dev@gentoo.org mailing list
If there is anything you or genone need to make signing happening you
have to the full support of the council/infra/hardened/security.
On Thu, 2006-05-18 at 21:26 -0700, Robin H. Johnson wrote:
> This email is a discussion on why we need to care about more than the simple
> key parameters, and wh
On Friday 19 May 2006 23:44, Donnie Berkholz wrote:
> If you just want the latest git rather than snapshots etc, you could do
> a git-sources-.ebuild. That seems to have become the standard.
I would suggest a 2.6.999 just to be on the safe side ;)
--
Diego "Flameeyes" Pettenò - http://farragu
Robin H. Johnson wrote:
> Simple case - consider a disconnected machine, that you use sneakernet
> to get files to - I've had a few in the past where the hardware was new
> enough that networking was broken or not supported yet, and I had to try
> a few patches and snapshots before actually getting
On Fri, May 19, 2006 at 02:32:13PM -0700, Donnie Berkholz wrote:
> Robin H. Johnson wrote:
> > On Fri, May 19, 2006 at 09:08:08AM -0700, Greg KH wrote:
> >> On Fri, May 19, 2006 at 01:45:30PM +0200, Fernando J. Pereda wrote:
> >>> Also, git-sources *should* use this eclass once it is in the tree si
Greg KH wrote:
> Ok, we'll make it a new ebuild. "git-live-sources" perhaps? :)
If you just want the latest git rather than snapshots etc, you could do
a git-sources-.ebuild. That seems to have become the standard.
Thanks,
Donnie
signature.asc
Description: OpenPGP digital signature
Robin H. Johnson wrote:
> On Fri, May 19, 2006 at 09:08:08AM -0700, Greg KH wrote:
>> On Fri, May 19, 2006 at 01:45:30PM +0200, Fernando J. Pereda wrote:
>>> Also, git-sources *should* use this eclass once it is in the tree since
>>> people using it will save _lots_ of bandwidth and disk space.
>>
On Fri, May 19, 2006 at 02:18:05PM -0700, Robin H. Johnson wrote:
> On Fri, May 19, 2006 at 09:08:08AM -0700, Greg KH wrote:
> > On Fri, May 19, 2006 at 01:45:30PM +0200, Fernando J. Pereda wrote:
> > > Also, git-sources *should* use this eclass once it is in the tree since
> > > people using it wi
On Fri, May 19, 2006 at 09:08:08AM -0700, Greg KH wrote:
> On Fri, May 19, 2006 at 01:45:30PM +0200, Fernando J. Pereda wrote:
> > Also, git-sources *should* use this eclass once it is in the tree since
> > people using it will save _lots_ of bandwidth and disk space.
> Yes, I'll convert it over on
There is also a darcs.eclass in the zugaina overlay (available through
layman) if you need some more inspiration.
I think this is cool and a darcs eclass should definitely live in the tree.
Please add it, so that we can start using it :)
- Stefan
--
gentoo-dev@gentoo.org mailing list
On Fri, 19 May 2006 19:27:18 +0200
Stefan Schweizer <[EMAIL PROTECTED]> wrote:
> Also I would want to have it in the stable branch anyway because of
> bugreports by first-time users who do not use the latest version of
> portage. It is better to add it now while in pre-release phase than
> after t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marius Mauch wrote:
> On Fri, 19 May 2006 15:13:48 +0200
> Stefan Schweizer <[EMAIL PROTECTED]> wrote:
>
>> Marc Hildebrand wrote:
>>> Otoh LC_ALL=C could help if you intend to use a .utf-8 locale as
>>> root, though. So if it does help solving bugs a
Disclaimer: I'll only targeting technical aspects here, I won't go into
any security analysis.
On Thu, 18 May 2006 23:45:17 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
> 3) Manifest / Manifest2
>
> This is an implementation of a checksum / signature scheme. It is
> described in GLEP 44:
>
>
On Fri, 19 May 2006 17:10:53 +0100
"Chris Bainbridge" <[EMAIL PROTECTED]> wrote:
> Well, that would be incompatible with a single signature. I don't
> really see that point, but then I've been spoiled with broadband for
> years. Do we really have many users on dialup that it would
> inconvenience?
Marius Mauch wrote:
> Why does this have to be fast tracked all of a sudden?
Because someone took care of it eventually and it will fix all the estonian
bugs at once + allow other-LC-people like me to file bugs without having to
run emerge again with LC_ALL=C.
And I think it should go in as soon
On Fri, 19 May 2006 12:28:04 -0400
Peter <[EMAIL PROTECTED]> wrote:
> Who signs the Manifests? Why are some unsigned? Is there a single
> Gentoo Security Key (like I know Slackware has and some other distros
> to ensure the authenticity of their files)?
Because the whole signing stuff isn't offic
On Fri, 19 May 2006 15:13:48 +0200
Stefan Schweizer <[EMAIL PROTECTED]> wrote:
> Marc Hildebrand wrote:
> > Otoh LC_ALL=C could help if you intend to use a .utf-8 locale as
> > root, though. So if it does help solving bugs and causes no
> > trouble, why not.
>
>
> ok, we have prepared a patch no
On Fri, May 19, 2006 at 06:50:34PM +0200, Marius Mauch wrote:
> On Fri, 19 May 2006 15:13:15 +0100
> "Chris Bainbridge" <[EMAIL PROTECTED]> wrote:
>
> > find /usr/portage -path '/usr/portage/metadata' -prune -o -path
> > '/usr/portage/distfiles' -prune -o -path '/usr/portage/packages'
> > -prune -
On Fri, 19 May 2006 12:28:04 -0400
Peter <[EMAIL PROTECTED]> wrote:
> Who signs the Manifests?
The dev who commits it.
> Why are some unsigned?
Because some devs don't sign Manifests.
> Is there a single
> Gentoo Security Key (like I know Slackware has and some other distros
> to ensure the au
On 19/05/06, Peter <[EMAIL PROTECTED]> wrote:
Who signs the Manifests? Why are some unsigned? Is there a single Gentoo
Security Key (like I know Slackware has and some other distros to ensure
the authenticity of their files)?
Individual developers sign the manifests with their own gpg keys. Som
On Fri, 19 May 2006 15:13:15 +0100
"Chris Bainbridge" <[EMAIL PROTECTED]> wrote:
> find /usr/portage -path '/usr/portage/metadata' -prune -o -path
> '/usr/portage/distfiles' -prune -o -path '/usr/portage/packages'
> -prune -o -type f -exec cat {} > /tmp/blah \;
> time gpg --detach-sign -a /tmp/bla
On Thu, 18 May 2006 23:45:17 +0200, Patrick Lauer wrote:
> Hello all,
snip...
I have a question about package Manifests. On reviewing portage, some
Manifests are signed by various GPG keys, and others are not signed at all!
I submitted something to Patrick off list (largely because I'm not a de
On 19/05/06, John Myers <[EMAIL PROTECTED]> wrote:
On Friday 19 May 2006 08:17, Chris Bainbridge wrote:
>
> We do? What option to emerge enables this behaviour?
RSYNC_EXCLUDES is the name, IIRC...
Well, that would be incompatible with a single signature. I don't
really see that point, but then
On Fri, May 19, 2006 at 01:45:30PM +0200, Fernando J. Pereda wrote:
> Also, git-sources *should* use this eclass once it is in the tree since
> people using it will save _lots_ of bandwidth and disk space.
Yes, I'll convert it over once you feel it is ready, just let me know.
thanks,
greg k-h
--
On 19/05/06, Patrick Lauer <[EMAIL PROTECTED]> wrote:
On Fri, 2006-05-19 at 15:13 +0100, Chris Bainbridge wrote:
> There are now several hundred gentoo developers. It is more likely
> that one of them has a security lapse than cvs.gentoo.org.
One is a "local" bug, the other one "global".
I'd pref
On Fri, May 19, 2006 at 05:44:34PM +0200, Stefan Schweizer wrote:
> Harald van Dijk wrote:
> > [..] encourages broken packages.
> > et_EE breakage should be fixed, and slowly but surely is[..]
>
>
> That is your main problem here and I have discussed this in IRC with you and
> it is true in my opi
Stefan Schweizer <[EMAIL PROTECTED]> posted [EMAIL PROTECTED],
excerpted below, on Fri, 19 May 2006 15:13:48 +0200:
> Marc Hildebrand wrote:
>> Otoh LC_ALL=C could help if you intend to use a .utf-8 locale as root,
>> though. So if it does help solving bugs and causes no trouble, why not.
>
>
>
Grant Goodyear <[EMAIL PROTECTED]> wrote:
> Perhaps it's time to split off a thread or two...?
Perhaps, even a meta-thread!
--
Each night Father fills me with dread
When he sits on the foot of my bed.
I'd not mind that he speaks; In gibbers and squeaks,
But for the seventeen years he's b
Harald van Dijk wrote:
> [..] encourages broken packages.
> et_EE breakage should be fixed, and slowly but surely is[..]
That is your main problem here and I have discussed this in IRC with you and
it is true in my opinion that it does not improve gentoo or make the
distribution any better to clos
On Fri, 2006-05-19 at 16:17 +0100, Chris Bainbridge wrote:
> On 19/05/06, Andrew Gaffney <[EMAIL PROTECTED]> wrote:
> > Chris Bainbridge wrote:
> > > It is a single signature across the entire portage tree. It means that
> > > after rsync emerge can check the signature against the retrieved tree
>
On Fri, May 19, 2006 at 04:17:38PM +0100, Chris Bainbridge wrote:
> On 19/05/06, Andrew Gaffney <[EMAIL PROTECTED]> wrote:
> >Chris Bainbridge wrote:
> >> It is a single signature across the entire portage tree. It means that
> >> after rsync emerge can check the signature against the retrieved tre
On Friday 19 May 2006 08:17, Chris Bainbridge wrote:
> On 19/05/06, Andrew Gaffney <[EMAIL PROTECTED]> wrote:
> > Chris Bainbridge wrote:
> > > It is a single signature across the entire portage tree. It means that
> > > after rsync emerge can check the signature against the retrieved tree
> > > to
On Fri, 2006-05-19 at 15:13 +0100, Chris Bainbridge wrote:
> There are now several hundred gentoo developers. It is more likely
> that one of them has a security lapse than cvs.gentoo.org.
One is a "local" bug, the other one "global".
I'd prefer a system that is resilient against two devs going cra
On 19/05/06, Andrew Gaffney <[EMAIL PROTECTED]> wrote:
Chris Bainbridge wrote:
> It is a single signature across the entire portage tree. It means that
> after rsync emerge can check the signature against the retrieved tree
> to validate the whole tree (or overlay).
This idea has been brought up
On Friday 19 May 2006 15:52, Carsten Lohrke wrote:
> There will be always someone who goes ahead. Fact is that every dev who
> maintains a package installing an init script is expecteted to do so for
> baselayout, but is free to say no, when someone requests an initng one, as
> long as it isn't the
On Friday 19 May 2006 16:17, Roy Marples wrote:
> I can show you bugs where existing packages have invalid init scripts that
> just don't work with any baselayout version in portage. You could argue
> that they shouldn't be in the tree - if so then our imap server is
> foo-bared as it uses courier
Chris Bainbridge wrote:
It is a single signature across the entire portage tree. It means that
after rsync emerge can check the signature against the retrieved tree
to validate the whole tree (or overlay).
This idea has been brought up before and shot down. Signing the whole tree does
not work
On Friday 19 May 2006 14:54, Carsten Lohrke wrote:
> On Thursday 18 May 2006 22:15, Ciaran McCreesh wrote:
> > | Sure baselayout is. An there're others in the tree, But that doesn't
> > | mean these variants are supported (special cases like embedded aside).
> >
> > Sure, some of them are supported
On 19/05/06, Patrick Lauer <[EMAIL PROTECTED]> wrote:
On Fri, 2006-05-19 at 10:46 +0100, Chris Bainbridge wrote:
> We already trust the master cvs server admins (and they could just
> replace the whole tree anyway), so what benefit does a distributed
> signing system like gpg actually give to the
After extensive masking I have just unmasked db-4.3
The package uses linker versions to prevent colisions with db-4.4. This is
a change from the older versions that used renamed symbols. As such
db-4.3 is also compatible with those versions, as their names are
different.
Paul
--
Paul de Vri
On Friday 19 May 2006 09:33, Roy Marples wrote:
> Maybe you haven't noticed, but baselayout is a virtual - which does make
> things harder as the main "forks" (vserver and fbsd) sometimes break when
> we add new things and they haven't synced up yet.
I have nothing against a virtual. I just don't
On Friday 19 May 2006 15:24, Harald van Dijk wrote:
> grep through gcc/po/*, which doesn't require installation of the
> locales
Providing the error messages in english is part of what I consider the users
job when filing a bug report. Having to grep for the strings is wasted time.
I'm not so sur
On Thursday 18 May 2006 22:15, Ciaran McCreesh wrote:
> | Sure baselayout is. An there're others in the tree, But that doesn't
> | mean these variants are supported (special cases like embedded aside).
>
> Sure, some of them are supported.
By supported I mean all relevant packages in the tree inst
On Fri, May 19, 2006 at 02:44:03PM +0100, Daniel Drake wrote:
> Harald van Dijk wrote:
> >and as for
> >unreadable error messages, getting German gcc output in a German locale
> >is a feature, not a bug.
>
> I agree - but only when you use gcc on the command line, or in a
> Makefile, or in some o
On Fri, May 19, 2006 at 03:13:48PM +0200, Stefan Schweizer wrote:
> Marc Hildebrand wrote:
> > Otoh LC_ALL=C could help if you intend to use a .utf-8 locale as root,
> > though. So if it does help solving bugs and causes no trouble, why not.
>
>
> ok, we have prepared a patch now, so everyone can
Harald van Dijk wrote:
and as for
unreadable error messages, getting German gcc output in a German locale
is a feature, not a bug.
I agree - but only when you use gcc on the command line, or in a
Makefile, or in some other normal usage scenario.
I think Stefan is suggesting just using the st
On Fri, May 19, 2006 at 09:09:08AM -0400, Patrick McLean wrote:
> > No, it's needlessly unfriendly to users, and encourages broken packages.
> > et_EE breakage should be fixed, and slowly but surely is, and as for
> > unreadable error messages, getting German gcc output in a German locale
> > is a
Marc Hildebrand wrote:
> Otoh LC_ALL=C could help if you intend to use a .utf-8 locale as root,
> though. So if it does help solving bugs and causes no trouble, why not.
ok, we have prepared a patch now, so everyone can have a look at it.
http://dev.gentoo.org/~zmedico/tmp/portage_lc_all.patch
t
> No, it's needlessly unfriendly to users, and encourages broken packages.
> et_EE breakage should be fixed, and slowly but surely is, and as for
> unreadable error messages, getting German gcc output in a German locale
> is a feature, not a bug. It can indeed be a problem in bugreports, but
> it's
Harald van Dijk wrote:
> is a feature, not a bug. It can indeed be a problem in bugreports, but
> it's a much milder one, since it's trivial to look up what any
> particular message is translated from.
Well no, I completely disagree. Error output in $random language makes
searching for duplicate b
On Fri, May 19, 2006 at 11:38:06AM +0200, Stefan Schweizer wrote:
> Hi,
>
> there are at least two problems with how portage currently handles locales:
>
> - Firstly some packages fail to build with obscure LC_* settings
> The continuous stream of et_EE bugs is annoying: http://tinyurl.com/jsqzb
On Thu, May 18, 2006 at 06:30:47PM -0700, Donnie Berkholz wrote:
> [snip]
Hi,
I think I improved the eclass a bit by making it more efficient both
disk and network wise among other things:
- Branchs are supported so different versions of the ebuild can use
different versions of the code with
On Fri, 2006-05-19 at 10:46 +0100, Chris Bainbridge wrote:
> The only attack most people really care about is a compromised rsync
> server. There is no practical way to protect against the other attacks
> - and at the end of the day, if a developer gets compromised it
> doesn't matter whether it's
What do you think? LC_ALL=C in portage or not?
- Stefan
Well this problem (localized error messages) exists since I know linux
and the solution has always been "use per user locale settings and keep
LC_ALL=POSIX or =C as a system default".
Maybe we should just update the docs?
Otoh LC_ALL=
The only attack most people really care about is a compromised rsync server. There is no practical way to protect against the other attacks - and at the end of the day, if a developer gets compromised it doesn't matter whether it's a gpg key or ssh key, the effect is the same. The discussion about
Hi,
there are at least two problems with how portage currently handles locales:
- Firstly some packages fail to build with obscure LC_* settings
The continuous stream of et_EE bugs is annoying: http://tinyurl.com/jsqzb
- and secondly I get my gcc output in german when I have a german locale
set.
> On Thu, 18 May 2006 16:41:09 -0400 Peter <[EMAIL PROTECTED]> wrote:
> | However, continuing the thread serves no useful purpose except, IMHO,
> | to completely obfuscate the original point of the thread
>
> Nonsense. There is still productive discussion going on in that thread.
> The only reason
On Thursday 18 May 2006 22:43, Ciaran McCreesh wrote:
> | You say that there is no such a thing as a primary package manager,
> | but fail to state any reason (here or in other mails) as to why this
> | is true. Instead of arguing why my support is false you just say that
> | I am saying things tha
On Friday 19 May 2006 08:25, Paul de Vrieze wrote:
> On Thursday 18 May 2006 22:37, Stephen Bennett wrote:
> > On Thu, 18 May 2006 21:35:01 +0200
> >
> > Carsten Lohrke <[EMAIL PROTECTED]> wrote:
> > > Sure baselayout is. An there're others in the tree, But that doesn't
> > > mean these variants ar
On Thursday 18 May 2006 20:35, Carsten Lohrke wrote:
> On Thursday 18 May 2006 20:43, Roy Marples wrote:
> > Yes, part of it. baselayout is another part - and yet it's possible to
> > run Gentoo on other variants like initng, daemontools and no doubt
> > others.
>
> Sure baselayout is. An there're
On Thursday 18 May 2006 22:37, Stephen Bennett wrote:
> On Thu, 18 May 2006 21:35:01 +0200
>
> Carsten Lohrke <[EMAIL PROTECTED]> wrote:
> > Sure baselayout is. An there're others in the tree, But that doesn't
> > mean these variants are supported (special cases like embedded
> > aside).
>
> So the
On Thu, May 18, 2006 at 02:52:11PM +0900, Chris White wrote:
> Relax! Grab some popcorn, enjoy the show! 30 mile threads is what
> makes real linux distros real. We actually use them to provide a means
> of cooking for the weekly dev BBQ's. Anyways, at this point I'd call
> it it a day and say "
66 matches
Mail list logo
