| 1 |
On Thu, Jan 27, 2011 at 11:24 AM, Zac Medico <zmedico@g.o> wrote: |
| 2 |
|
| 3 |
> On 01/27/2011 09:05 AM, Matthew Summers wrote: |
| 4 |
> > Now, as to whether to include the value ESVN_PASSWORD in the ebuild, I |
| 5 |
> would |
| 6 |
> > not do that. Personally, I would setup svn+ssh and use an ssh key to |
| 7 |
> access |
| 8 |
> > the repo. I do this with git using the git eclass. I am prompted for a |
| 9 |
> > password/key by portage in this case. To automate this using an ssh key, |
| 10 |
> you |
| 11 |
> > can just use a passwordless key or setup ssh-agent. Also note, the key |
| 12 |
> will |
| 13 |
> > be sought out first in /root/.ssh (I think it looks there first anyway). |
| 14 |
> |
| 15 |
> In this case, you could potentially have a problem if you have |
| 16 |
> FEATURES=userpriv enabled, since that would cause src_unpack to execute |
| 17 |
> as the "portage" user. |
| 18 |
> |
| 19 |
> > Regarding your final question, I think that portage will ask you to enter |
| 20 |
> > the password if it tries to access something over HTTPS requiring |
| 21 |
> > authentication, but I am not 100% certain at the moment. |
| 22 |
> |
| 23 |
> In this case, depending on the FETCHCOMMAND behavior, you could have a |
| 24 |
> problem with FEATURES=parallel-fetch since it launches fetches in the |
| 25 |
> background. So, if background fetch doesn't fail gracefully, you might |
| 26 |
> want to set FEATURES="-parallel-fetch" in /etc/make.conf. |
| 27 |
> |
| 28 |
> Also, you could set PROPERTIES=interactive in the ebuild, in order |
| 29 |
> ensure that the fetcher is executed in the foreground. |
| 30 |
> -- |
| 31 |
> Thanks |
| 32 |
> Zac |
| 33 |
> |
| 34 |
> |
| 35 |
These are excellent points Zac, thank you for illuminating this |
| 36 |
functionality. |
| 37 |
|
| 38 |
One question though. Since the 'portage' user has its $home set by default |
| 39 |
to /var/tmp/portage how would you recommend handling the ssh key situation |
| 40 |
since that directory is somewhat special? |
| 41 |
|
| 42 |
Thanks! |
| 43 |
Matthew W. Summers |
Archives