1 |
commit: 96801877fa7a151dddc9e44e814214b77e21b383 |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Jan 30 16:43:14 2018 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jan 30 19:39:03 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=96801877 |
7 |
|
8 |
sync-rsync-openpgp-key-path -> generic sync-openpgp-key-path |
9 |
|
10 |
Rename the 'sync-rsync-openpgp-key-path' to a more generic |
11 |
'sync-openpgp-key-path'. OpenPGP is the basis of at least three |
12 |
different verification schemes (git, rsync, snapshots) and at least |
13 |
two of them use the same keys. |
14 |
|
15 |
Reviewed-by: Zac Medico <zmedico <AT> gentoo.org> |
16 |
|
17 |
cnf/repos.conf | 2 +- |
18 |
man/portage.5 | 9 +++++---- |
19 |
pym/portage/repository/config.py | 4 ++++ |
20 |
pym/portage/sync/modules/rsync/__init__.py | 1 - |
21 |
pym/portage/sync/modules/rsync/rsync.py | 8 ++------ |
22 |
5 files changed, 12 insertions(+), 12 deletions(-) |
23 |
|
24 |
diff --git a/cnf/repos.conf b/cnf/repos.conf |
25 |
index 0d2b1f4be..4a40ff4fc 100644 |
26 |
--- a/cnf/repos.conf |
27 |
+++ b/cnf/repos.conf |
28 |
@@ -7,7 +7,7 @@ sync-type = rsync |
29 |
sync-uri = rsync://rsync.gentoo.org/gentoo-portage |
30 |
auto-sync = yes |
31 |
sync-rsync-verify-metamanifest = yes |
32 |
-sync-rsync-openpgp-key-path = /var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg |
33 |
+sync-openpgp-key-path = /var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg |
34 |
|
35 |
# for daily squashfs snapshots |
36 |
#sync-type = squashdelta |
37 |
|
38 |
diff --git a/man/portage.5 b/man/portage.5 |
39 |
index 84999bd2f..1f6259715 100644 |
40 |
--- a/man/portage.5 |
41 |
+++ b/man/portage.5 |
42 |
@@ -1071,10 +1071,11 @@ Extra options to give to rsync on repository synchronization. It takes |
43 |
precedence over a declaration in [DEFAULT] section, that takes |
44 |
precedence over PORTAGE_RSYNC_EXTRA_OPTS. |
45 |
.TP |
46 |
-.B sync\-rsync\-openpgp\-key\-path |
47 |
-Path to the OpenPGP key(ring) used to verify MetaManifest. Used only |
48 |
-if \fBsync\-rsync\-verify\-metamanifest\fR is enabled. If unset, |
49 |
-the user's keyring is used. |
50 |
+.B sync\-openpgp\-key\-path |
51 |
+Path to the OpenPGP key(ring) used to verify received repository. Used |
52 |
+only for protocols supporting cryptographic verification, provided |
53 |
+that the respective verification option is enabled. If unset, the user's |
54 |
+keyring is used. |
55 |
.TP |
56 |
.B sync-rsync-vcs-ignore = true|false |
57 |
Ignore vcs directories that may be present in the repository. It is the |
58 |
|
59 |
diff --git a/pym/portage/repository/config.py b/pym/portage/repository/config.py |
60 |
index be31ed3b1..d3a622f7c 100644 |
61 |
--- a/pym/portage/repository/config.py |
62 |
+++ b/pym/portage/repository/config.py |
63 |
@@ -86,6 +86,7 @@ class RepoConfig(object): |
64 |
'sync_type', 'sync_umask', 'sync_uri', 'sync_user', 'thin_manifest', |
65 |
'update_changelog', '_eapis_banned', '_eapis_deprecated', |
66 |
'_masters_orig', 'module_specific_options', 'manifest_required_hashes', |
67 |
+ 'openpgp_key_path', |
68 |
) |
69 |
|
70 |
def __init__(self, name, repo_opts, local_config=True): |
71 |
@@ -182,6 +183,9 @@ class RepoConfig(object): |
72 |
self.strict_misc_digests = repo_opts.get( |
73 |
'strict-misc-digests', 'true').lower() == 'true' |
74 |
|
75 |
+ self.openpgp_key_path = repo_opts.get( |
76 |
+ 'sync-openpgp-key-path', None) |
77 |
+ |
78 |
self.module_specific_options = {} |
79 |
|
80 |
# Not implemented. |
81 |
|
82 |
diff --git a/pym/portage/sync/modules/rsync/__init__.py b/pym/portage/sync/modules/rsync/__init__.py |
83 |
index 14af2120c..27a2548c0 100644 |
84 |
--- a/pym/portage/sync/modules/rsync/__init__.py |
85 |
+++ b/pym/portage/sync/modules/rsync/__init__.py |
86 |
@@ -27,7 +27,6 @@ module_spec = { |
87 |
'validate_config': CheckSyncConfig, |
88 |
'module_specific_options': ( |
89 |
'sync-rsync-extra-opts', |
90 |
- 'sync-rsync-openpgp-key-path', |
91 |
'sync-rsync-vcs-ignore', |
92 |
'sync-rsync-verify-jobs', |
93 |
'sync-rsync-verify-metamanifest', |
94 |
|
95 |
diff --git a/pym/portage/sync/modules/rsync/rsync.py b/pym/portage/sync/modules/rsync/rsync.py |
96 |
index 552ac6f6b..d9d7d56f2 100644 |
97 |
--- a/pym/portage/sync/modules/rsync/rsync.py |
98 |
+++ b/pym/portage/sync/modules/rsync/rsync.py |
99 |
@@ -87,10 +87,6 @@ class RsyncSync(NewBase): |
100 |
self.verify_metamanifest = ( |
101 |
self.repo.module_specific_options.get( |
102 |
'sync-rsync-verify-metamanifest', False)) |
103 |
- # Default to gentoo-keys keyring. |
104 |
- self.openpgp_key_path = ( |
105 |
- self.repo.module_specific_options.get( |
106 |
- 'sync-rsync-openpgp-key-path', None)) |
107 |
# Support overriding job count. |
108 |
self.verify_jobs = self.repo.module_specific_options.get( |
109 |
'sync-rsync-verify-jobs', None) |
110 |
@@ -276,8 +272,8 @@ class RsyncSync(NewBase): |
111 |
# if synced successfully, verify now |
112 |
if exitcode == 0 and self.verify_metamanifest: |
113 |
command = ['gemato', 'verify', '-s', self.repo.location] |
114 |
- if self.openpgp_key_path is not None: |
115 |
- command += ['-K', self.openpgp_key_path] |
116 |
+ if self.repo.openpgp_key_path is not None: |
117 |
+ command += ['-K', self.repo.openpgp_key_path] |
118 |
if self.verify_jobs is not None: |
119 |
command += ['-j', self.verify_jobs] |
120 |
exitcode = portage.process.spawn(command, **self.spawn_kwargs) |