Gentoo Archives: gentoo-amd64

From: Duncan <1i5t5.duncan@×××.net>
To: gentoo-amd64@l.g.o
Subject: [gentoo-amd64] Re: !!! Security Violation: A file exists that is not in the manifest.
Date: Fri, 03 Mar 2006 00:13:42
Message-Id: pan.2006.03.03.00.11.30.404082@cox.net
In Reply to: [gentoo-amd64] !!! Security Violation: A file exists that is not in the manifest. by Mark Knecht
Mark Knecht posted
<5bdc1c8b0603021524m572eedf7x18e22e51a1274d08@××××××××××.com>, excerpted
below,  on Thu, 02 Mar 2006 15:24:07 -0800:

>>>> emerge (4 of 6) sys-apps/baselayout-1.11.14-r6 to / > !!! Security Violation: A file exists that is not in the manifest. > !!! File: files/digest-baselayout-1.12.0_pre16-r2 > lightning ~ # > > What's the proper way to take care of this?
Depends on how paranoid you are. While it could be someone trying to crack the Gentoo ecosystem, it's far more likely to be a simple mis-sync -- either you or the upstream rsync server you used happened to sync at just the wrong moment and get a modification in progress, with the file there but the manifest not yet updated to reflect it. It could also be due to a dev partial-syncing, with the same results. If you are willing to play the odds, you can just ebuild digest (see the ebuild manpage if necessary) the thing and it'll fix the issue on your system. If you are security conscious enough to not be comfortable doing that (I certainly wouldn't be -- those manifests are there for a reason, and it /could/ be a cracker trying something, even if rather unlikely), wait a minimum 90 minutes between syncs, and try another emerge --sync. Hopefully by then the problem will have corrected itself, or you'll get a different sync server assigned that doesn't have the problem. If the issue still exists several hours later, after a resync, check the logs and verify the servers you are syncing with, then file a bug on either the rsync server or baselayout, as it's something that needs fixed, still most likely a dev accident, but getting more likely it's a real security issue. That assumes nothing irregular at your end, like you added that subdir in your rsync-excludes file or something, but then again, if you'd done that, you'd likely know that was the reason without asking. That would be a bit hard to do by accident. =8^) -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman in http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html -- gentoo-amd64@g.o mailing list

Replies