1 |
Hello, |
2 |
|
3 |
This is the last week of the Gentoo-GPG Google Summer of Code project. It |
4 |
has been a fun ride where I learned a whole lot of things from little |
5 |
Python tricks to how Portage verifies GnuPG signatures. It will be an |
6 |
unforgettable experience that has helped me make an entrance to the open |
7 |
source community and shown me the success and the difficulties that can be |
8 |
found there. Now, for the summary of the work that I have done, I have |
9 |
written it below in two segments, Gentoo-Keys and MetaManifest. |
10 |
|
11 |
*Gentoo-Keys* |
12 |
|
13 |
In my proposal which can be found here |
14 |
<https://docs.google.com/document/d/14ZCjQuuoymPBgEEOgCs3Evu44t5ZWxfKSjOdU1AfPcU/edit?usp=sharing>, |
15 |
I promised to deliver on many things, most which I was able to achieve, |
16 |
while, in the end, one thing I decided not to prioritize for that time |
17 |
frame, which I replaced with deliverables outside the proposal. More |
18 |
specifically, due to the complexity of pyGPG and Gentoo-Keys, I was unable |
19 |
to make unit tests and was advised not to by my mentors because of time |
20 |
constraints. In return, I spent more time working the email reminder |
21 |
generator and fixing older Gkeys functions. All the other deliverables were |
22 |
accomplished. A combined PR of all my code that has not yet been merged |
23 |
can be found here <https://github.com/gentoo/gentoo-keys/pull/52>. |
24 |
|
25 |
1. Count Incorrect Qualified IDs and present them in the Spec Check |
26 |
summary. (link |
27 |
<https://github.com/gentoo/gentoo-keys/commit/bacec7da1e7ff446f232d48dcf34b71966df7068>) |
28 |
(done in the bonding period) |
29 |
2. Added a requirements file that includes required packages for Gkeys |
30 |
to run. (link |
31 |
<https://github.com/gentoo/gentoo-keys/commit/0cb7bf0d8e0d4649f48631956eb3e8026b01639f>) |
32 |
(done in the 1st week) |
33 |
3. Fixed the move-seed function that was broken due to more recent |
34 |
patches. (link |
35 |
<https://github.com/gentoo/gentoo-keys/commit/423c3bf0b3ae993e15886858aede0a94372b55fd>) |
36 |
(done in the 1st week) |
37 |
4. Created the update key function that downloads and installs the seeds |
38 |
of a selected Gkeys category or all categories. (link |
39 |
<https://github.com/gentoo/gentoo-keys/pull/46>) (done in the 2nd and |
40 |
3rd week) |
41 |
5. Add automatic update seed check whenever Gkeys runs, that checks if |
42 |
the seeds match with the ones from the server and if not, it gives the user |
43 |
the option to use update-seed. (link |
44 |
<https://github.com/gentoo/gentoo-keys/pull/46>) (done in the 4th week |
45 |
and 5th week) |
46 |
6. Made the default GPG config file over-ridable in Gkeys-Gen during the |
47 |
generation of a new key. (link |
48 |
<https://github.com/gentoo/gentoo-keys/pull/48>) (done in the 4th week) |
49 |
7. Fixed a small bug in the verify function of Gkeys. (link |
50 |
<https://github.com/gentoo/gentoo-keys/pull/49>) (done in the 4th week) |
51 |
8. Created the send-key function (dubbed upload key in the proposal) |
52 |
that send the selected key/s in the selected server of the config file. In |
53 |
order to get that to work though, I had to make a small patch in pyGPG as |
54 |
well. (link <https://github.com/gentoo/gentoo-keys/pull/50>, link |
55 |
<https://github.com/dol-sen/pyGPG/commit/304a2998b9322dd199adc514c559093300ac7d1f>) |
56 |
(done in the 5th week) |
57 |
9. Created an email reminder generation script that works along with |
58 |
spec-check and using the Spec Check tuple, checks if a key has expired or |
59 |
is expiring in a selected time frame from the config file and if it is, it |
60 |
sends an email to the key's owner that includes all the information needed |
61 |
along with resources on how to update the key. It priorities emails with a |
62 |
preferred address found in the config file and has the option to login in |
63 |
either email account found again in the config file. (link |
64 |
<https://github.com/gentoo/gentoo-keys/pull/51>) (done in the 10th and |
65 |
11th week) |
66 |
|
67 |
*Meta Manifest System* |
68 |
|
69 |
In my proposal, I also promised to implement the new Meta Manifest system |
70 |
according to GLEP:58 <https://wiki.gentoo.org/wiki/GLEP:58> which is a |
71 |
system that provides a more efficient way to verify the integrity of Gentoo |
72 |
distribution. It works is by creating many different Manifest files for all |
73 |
important directories of a tree (ex. categories, profiles etc.) and then |
74 |
adding the hash sums of those Manifest files to create a master Meta |
75 |
Manifest file in the root directory, which is afterwards GPG signed by an |
76 |
official Gentoo key. That way, the user only needs to verify the master |
77 |
meta manifest file to check the integrity of the tree, which is much more |
78 |
efficient than checking each manifest file separately. Here |
79 |
<https://github.com/gentoo/portage/pull/38> is the link to the PR. The |
80 |
project was divided in two parts: |
81 |
|
82 |
1. The creation and signing process of the Meta Manifest files by using |
83 |
the logic above. (done in the 6th to 8th week) |
84 |
2. The verification and signature validation process of the Meta |
85 |
Manifest files. (done in the 9th to 11th week) |
86 |
|
87 |
*Plans for the future* |
88 |
|
89 |
My plan for the future is to continue supporting my code for Portage like |
90 |
making minor fixes and reworking some functions from the original manifest |
91 |
code that seem a little inefficient. I would also like to become part of |
92 |
the team developing Gentoo-Keys and prepare for the next release of the |
93 |
platform. |
94 |
|
95 |
*Conclusion* |
96 |
|
97 |
Finally, I would like to thank all those people that helped me with the |
98 |
project. Firstly my mentors, Pavlos 'dastergon' Ratis, Brian 'dol-sen' |
99 |
Dolbec and Kristian 'K_F' Fiskerstrand for their guidance and suggestions, |
100 |
and always being there whenever I had questions. Also, I would like to |
101 |
thank Doug 'dwfreed' Freed, Zac 'zmedico' Medico and Gilles 'EvaSDK' |
102 |
Dartiguelongue for reviewing my code and giving useful tips. |
103 |
|
104 |
- aeroniero |