Re: [gentoo-dev] Merge 7 Fedora wallpapers packages to single one with slots?

Hi Alec, On 27.01.2018 22:58, Alec Warner wrote: > > I noticed that we have 7 packages on Fedora wallpapers with names that > > only explain themselves to Fedora insiders: > > So traditionally we follow upstream package naming. If we aim to > deviate, I'd prefer we have strong reasons

Re: [gentoo-portage-dev] [PATCH 5/5] rsync: Issue an explicit warning if Manifest timestamp is >24hr old

On 02/01/2018 04:17 AM, Michał Górny wrote: > Issue an explicit warning if the Manifest timestamp is 24 hours behind > the system clock. This is meant to detect attacks based on preventing > the user from upgrading. > --- > pym/portage/sync/modules/rsync/rsync.py | 6 ++ > 1 file changed, 6

Re: [gentoo-portage-dev] [PATCH 2/5] rsync: Use gemato routines directly instead of calling the CLI tool

W dniu czw, 01.02.2018 o godzinie 12∶50 -0800, użytkownik Zac Medico napisał: > On 02/01/2018 04:17 AM, Michał Górny wrote: > > + except Exception as e: > > + writemsg_level("!!! Manifest > > verification failed:\n%s\n" > > +

Re: [gentoo-portage-dev] [PATCH 2/5] rsync: Use gemato routines directly instead of calling the CLI tool

On 02/01/2018 04:17 AM, Michał Górny wrote: > + except Exception as e: > + writemsg_level("!!! Manifest > verification failed:\n%s\n" > + % (e,), > +

Re: [gentoo-portage-dev] [PATCH 1/2] openpgp_key_path -> sync_openpgp_key_path

On 02/01/2018 12:25 PM, Michał Górny wrote: > Rename the openpgp_key_path attribute to sync_openpgp_key_path since > Portage code assumes that attribute name matches config key. > --- > pym/portage/repository/config.py| 6 +++--- > pym/portage/sync/modules/rsync/rsync.py | 4 ++-- > 2

[gentoo-portage-dev] [PATCH 2/2] repository.config: Fix handling sync-openpgp-key-path

Fix sync-openpgp-key-path to be correctly inherited from system repos.conf and preserved in repo dumps. Bug: https://bugs.gentoo.org/646314 --- pym/portage/repository/config.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pym/portage/repository/config.py

[gentoo-portage-dev] [PATCH 1/2] openpgp_key_path -> sync_openpgp_key_path

Rename the openpgp_key_path attribute to sync_openpgp_key_path since Portage code assumes that attribute name matches config key. --- pym/portage/repository/config.py| 6 +++--- pym/portage/sync/modules/rsync/rsync.py | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git

[gentoo-portage-dev] [PATCH 2/2] git: Support running the verification against sync-openpgp-key-path

--- pym/portage/sync/modules/git/git.py | 100 +--- 1 file changed, 69 insertions(+), 31 deletions(-) diff --git a/pym/portage/sync/modules/git/git.py b/pym/portage/sync/modules/git/git.py index 7e5ddf3b5..2b40db0fa 100644 ---

[gentoo-portage-dev] [PATCH 1/2] git: Support verifying commit signature post-sync

Add a new sync-git-verify-commit-signature option (defaulting to false) that verifies the top commit signature after syncing. The verification is currently done using built-in git routines. The verification passes if the signature is good or untrusted. In the latter case, a warning is printed. In

[gentoo-portage-dev] [PATCH 5/5] rsync: Issue an explicit warning if Manifest timestamp is >24hr old

Issue an explicit warning if the Manifest timestamp is 24 hours behind the system clock. This is meant to detect attacks based on preventing the user from upgrading. --- pym/portage/sync/modules/rsync/rsync.py | 6 ++ 1 file changed, 6 insertions(+) diff --git

[gentoo-portage-dev] [PATCH 4/5] rsync: Load and update keys early

Load and update keys early to avoid delaying failures post rsync. Any failure will prevent verification from happening, and presumably most of the users will prefer fixing it and trying to sync again. For that case, it is better to perform the task before actual rsync to avoid unnecessarily

[gentoo-portage-dev] [PATCH 2/5] rsync: Use gemato routines directly instead of calling the CLI tool

--- pym/portage/sync/modules/rsync/rsync.py | 66 - 1 file changed, 57 insertions(+), 9 deletions(-) diff --git a/pym/portage/sync/modules/rsync/rsync.py b/pym/portage/sync/modules/rsync/rsync.py index 6b0280032..f6e59e211 100644 ---

[gentoo-portage-dev] [PATCH 1/5] rsync: Verify the value of sync-rsync-verify-jobs

--- pym/portage/sync/modules/rsync/rsync.py | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pym/portage/sync/modules/rsync/rsync.py b/pym/portage/sync/modules/rsync/rsync.py index e2e6d0658..6b0280032 100644 --- a/pym/portage/sync/modules/rsync/rsync.py +++

[gentoo-portage-dev] [PATCH] rsync: Improve gemato rsync Manifest verification logic

Hi, Here's a batch of patches meant to be merged after the bugfix release. They replace the calls to "gemato" executable with Python routine calls, and further improve the security. The notable improvements are: 1. New shiny e-style output ;-). 2. Manifest signature is always verified, even if

[gentoo-portage-dev] [PATCH 3/5] rsync: Verify the Manifest signature even if tree is unchanged

Always verify the Manifest signature if verification is enabled. Skipping the deep tree verification for unchanged case is reasonable but we need to make sure the Manifest signature stays valid to catch the case of the signing key being revoked. --- pym/portage/sync/modules/rsync/rsync.py | 13

Re: [gentoo-dev] as-needed patch for ltmain.sh

On Thu, 1 Feb 2018 11:55:46 +0100 Andreas Fink wrote: > Hello, > I have a question to the patch provided by the package > app-portage/elt-patches, namely the file as-needed/2.4.3 > > Here I can see the following being added to ltmain.sh: > +

[gentoo-dev] as-needed patch for ltmain.sh

Hello, I have a question to the patch provided by the package app-portage/elt-patches, namely the file as-needed/2.4.3 Here I can see the following being added to ltmain.sh: + -Wl,--as-needed|-Wl,--no-as-needed) + deplibs="$deplibs $arg" + continue + ;; + In my

[gentoo-dev] Package up for grabs: games-engines/love

Hi all! Due to lack of time, I have to drop maintainership of games-engines/love. There is some user interest in this package, and a version bump is needed (bug 640802). Best regards, Chí-Thanh Christopher Nguyễn