1 |
Benny Pedersen posted on Mon, 26 Apr 2010 15:53:21 +0200 as excerpted: |
2 |
|
3 |
> media-libs/raptor/raptor-1.4.21.ebuild |
4 |
> media-video/kmplayer/kmplayer-0.11.2b.ebuild |
5 |
> |
6 |
> just my server ? |
7 |
|
8 |
No issues here (just synced and updated everything). |
9 |
|
10 |
In my experience, digest issues are usually one of three things. |
11 |
|
12 |
One that can happen if you're actually trying to (re)merge the package is |
13 |
an error fetching the sources, such that an incomplete or incorrect source |
14 |
or patch tarball is downloaded. The digest error in this case mentions |
15 |
the tarball in question, and the fix is easy enough: simply delete the |
16 |
thing so portage can redownload it, hopefully correctly this time. |
17 |
|
18 |
If the digest error indicates it's the ebuild itself, it can either be a |
19 |
similar issue there, in which case a fresh sync should solve the issue, |
20 |
or, occasionally, it's an issue with the tools the Gentoo devs use to do |
21 |
their updates, such that they actually upload an incorrect value. These |
22 |
problems are generally caught and fixed quite rapidly but not immediately |
23 |
-- if you're not too impatient, wait a few hours or a day and resync. The |
24 |
problem will have generally been fixed by then. If you're impatient or |
25 |
just curious, or the problem hasn't been fixed in a day, check bugzilla |
26 |
for a related bug (be sure to begin the query with the keyword ALL, so you |
27 |
get fixed issues too, this'll often return a quite a lot of old bugs as |
28 |
well, but you can look at just the highest numbered ones, the last couple |
29 |
of days worth of bugs, since this sort of bug shouldn't be years or even |
30 |
weeks old). Likely, someone has already filed one. If not, file one |
31 |
yourself, and see what happens. |
32 |
|
33 |
The third type of error is again with the sources tarballs, but in this |
34 |
case it's due to upstream pulling a no-no, updating the tarball (so it |
35 |
doesn't verify against the old checksums) without changing the version |
36 |
number. These often take a bit longer to resolve, perhaps a few days, as |
37 |
the Gentoo dev has to research the issue and find out if the change is |
38 |
legit, or not. Thankfully, it doesn't happen often (at least with |
39 |
officially released code, tarballs made available to the distributions for |
40 |
testing a few hours or days before a big public release, such as of kde, |
41 |
do occasionally get changed before final public release, if a critical |
42 |
reason to do so is found, but if you're on a testing team with access to |
43 |
that sort of thing, you generally know about it right away, as you're |
44 |
following the immediately pre-release testing and discussion), but when it |
45 |
does, there's a real security danger in just accepting the new code |
46 |
without verifying it, so getting upstream confirmation that they did in |
47 |
fact change the sources without changing the version number is vital -- |
48 |
and you can be sure that they're getting enough complaints from various |
49 |
distribution and compile-your-own users, that most upstreams don't tend to |
50 |
to make /that/ mistake again. |
51 |
|
52 |
Of course, the problem can also be a deliberately tampered with ebuild or |
53 |
tarball, as well, one of the reasons it's not recommended to simply |
54 |
manually redigest the package yourself, and continue as if nothing was |
55 |
wrong. Redigesting is possible (ebuild /path/to/ebuild digest), and if |
56 |
you find a bug confirming it was indeed a simple mistake, you can if you |
57 |
wish redigest and continue, instead of doing a full resync, but DO confirm |
58 |
that it was a mistake, checking the bug report or the like, before doing |
59 |
so, just in case. |
60 |
|
61 |
-- |
62 |
Duncan - List replies preferred. No HTML msgs. |
63 |
"Every nonfree program has a lord, a master -- |
64 |
and if you use the program, he is your master." Richard Stallman |