1 |
robbat2 08/07/01 07:08:20 |
2 |
|
3 |
Modified: 01-distribution-process-security |
4 |
Log: |
5 |
Clarify spots where verification has failed and we must abort. |
6 |
|
7 |
Revision Changes Path |
8 |
1.12 users/robbat2/tree-signing-gleps/01-distribution-process-security |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.12&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.12&content-type=text/plain |
12 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?r1=1.11&r2=1.12 |
13 |
|
14 |
Index: 01-distribution-process-security |
15 |
=================================================================== |
16 |
RCS file: /var/cvsroot/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security,v |
17 |
retrieving revision 1.11 |
18 |
retrieving revision 1.12 |
19 |
diff -p -w -b -B -u -u -r1.11 -r1.12 |
20 |
--- 01-distribution-process-security 1 Jul 2008 07:06:53 -0000 1.11 |
21 |
+++ 01-distribution-process-security 1 Jul 2008 07:08:20 -0000 1.12 |
22 |
@@ -1,7 +1,7 @@ |
23 |
GLEP: xx+1 |
24 |
Title: Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest |
25 |
-Version: $Revision: 1.11 $ |
26 |
-Last-Modified: $Date: 2008/07/01 07:06:53 $ |
27 |
+Version: $Revision: 1.12 $ |
28 |
+Last-Modified: $Date: 2008/07/01 07:08:20 $ |
29 |
Author: Robin Hugh Johnson <robbat2@g.o>, |
30 |
Status: Draft |
31 |
Type: Standards Track |
32 |
@@ -139,7 +139,7 @@ filetypes may be ignored on missing is d |
33 |
1. Check the GnuPG signature on the MetaManifest against the keyring of |
34 |
automated Gentoo keys. See [GLEPxx+3] for full details regarding |
35 |
verification of GnuPG signatures. |
36 |
-1.1. Do not continue if the signature check fails. |
37 |
+1.1. Abort if the signature check fails. |
38 |
|
39 |
2. For a verification of the tree following an rsync: |
40 |
2.1. Build a set 'ALL' of every file covered by the rsync. (exclude |
41 |
@@ -151,7 +151,7 @@ filetypes may be ignored on missing is d |
42 |
COVERED sets. |
43 |
2.4. For each file in the UNCOVERED set, assign a Manifest2 filetype. |
44 |
2.5. If the filetype for any file in the UNCOVERED set requires a halt |
45 |
- on error, do so. |
46 |
+ on error, abort and display a suitable error. |
47 |
2.6. Completed verification |
48 |
|
49 |
3. If checking at the installation of a package: |
50 |
|
51 |
|
52 |
|
53 |
-- |
54 |
gentoo-commits@l.g.o mailing list |