[gentoo-commits] gentoo commit in users/robbat2/tree-signing-gleps: 01-distribution-process-security - gentoo-commits

From:	"Robin H. Johnson (robbat2)" <robbat2@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in users/robbat2/tree-signing-gleps: 01-distribution-process-security
Date:	Tue, 01 Jul 2008 07:07:00
Message-Id:	`E1KDZx0-0001Qq-FE@stork.gentoo.org`

1

robbat2     08/07/01 07:06:54

2

3

  Modified:             01-distribution-process-security

4

  Log:

5

  Exclude distfiles/packages directly, not $PKGDIR, $DISTDIR. Also always verify all of metadata/ if it is used in any way.

6

7

Revision  Changes    Path

8

1.11                 users/robbat2/tree-signing-gleps/01-distribution-process-security

9

10

file : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.11&view=markup

11

plain: http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.11&content-type=text/plain

12

diff : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?r1=1.10&r2=1.11

13

14

Index: 01-distribution-process-security

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security,v

17

retrieving revision 1.10

18

retrieving revision 1.11

19

diff -p -w -b -B -u -u -r1.10 -r1.11

20

--- 01-distribution-process-security	1 Jul 2008 07:04:31 -0000	1.10

21

+++ 01-distribution-process-security	1 Jul 2008 07:06:53 -0000	1.11

22

@@ -1,7 +1,7 @@

23

 GLEP: xx+1

24

 Title: Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest

25

-Version: $Revision: 1.10 $

26

-Last-Modified: $Date: 2008/07/01 07:04:31 $

27

+Version: $Revision: 1.11 $

28

+Last-Modified: $Date: 2008/07/01 07:06:53 $

29

 Author: Robin Hugh Johnson <robbat2@g.o>, 

30

 Status: Draft

31

 Type: Standards Track

32

@@ -143,7 +143,7 @@ filetypes may be ignored on missing is d

33

34

 2. For a verification of the tree following an rsync:

35

 2.1. Build a set 'ALL' of every file covered by the rsync. (exclude

36

-     $DISTDIR, $PKGDIR, local/)

37

+     distfiles/, packages/, local/)

38

 2.2. M2-verify every entry in the MetaManifest, descending into inferior

39

      Manifests as needed. Place the relative path of every checked item

40

      into a set 'COVERED'.

41

@@ -157,7 +157,7 @@ filetypes may be ignored on missing is d

42

 3. If checking at the installation of a package:

43

 3.1. M2-verify the entry in MetaManifest for the Manifest

44

 3.2. M2-verify all relevant metadata/ contents if metadata/ is being

45

-     used (optionally done before dependancy checking).

46

+     used in any way (optionally done before dependancy checking).

47

 3.3. M2-verifying the contents of the Manifest. 

48

 3.4. Perform M2-verification of all eclasses and profiles used (both

49

      directly and indirectly) by the ebuild.

--

54

gentoo-commits@l.g.o mailing list

1	robbat2 08/07/01 07:06:54
2
3	Modified: 01-distribution-process-security
4	Log:
5	Exclude distfiles/packages directly, not $PKGDIR, $DISTDIR. Also always verify all of metadata/ if it is used in any way.
6
7	Revision Changes Path
8	1.11 users/robbat2/tree-signing-gleps/01-distribution-process-security
9
10	file : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.11&view=markup
11	plain: http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.11&content-type=text/plain
12	diff : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?r1=1.10&r2=1.11
13
14	Index: 01-distribution-process-security
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security,v
17	retrieving revision 1.10
18	retrieving revision 1.11
19	diff -p -w -b -B -u -u -r1.10 -r1.11
20	--- 01-distribution-process-security 1 Jul 2008 07:04:31 -0000 1.10
21	+++ 01-distribution-process-security 1 Jul 2008 07:06:53 -0000 1.11
22	@@ -1,7 +1,7 @@
23	GLEP: xx+1
24	Title: Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest
25	-Version: $Revision: 1.10 $
26	-Last-Modified: $Date: 2008/07/01 07:04:31 $
27	+Version: $Revision: 1.11 $
28	+Last-Modified: $Date: 2008/07/01 07:06:53 $
29	Author: Robin Hugh Johnson <robbat2@g.o>,
30	Status: Draft
31	Type: Standards Track
32	@@ -143,7 +143,7 @@ filetypes may be ignored on missing is d
33
34	2. For a verification of the tree following an rsync:
35	2.1. Build a set 'ALL' of every file covered by the rsync. (exclude
36	- $DISTDIR, $PKGDIR, local/)
37	+ distfiles/, packages/, local/)
38	2.2. M2-verify every entry in the MetaManifest, descending into inferior
39	Manifests as needed. Place the relative path of every checked item
40	into a set 'COVERED'.
41	@@ -157,7 +157,7 @@ filetypes may be ignored on missing is d
42	3. If checking at the installation of a package:
43	3.1. M2-verify the entry in MetaManifest for the Manifest
44	3.2. M2-verify all relevant metadata/ contents if metadata/ is being
45	- used (optionally done before dependancy checking).
46	+ used in any way (optionally done before dependancy checking).
47	3.3. M2-verifying the contents of the Manifest.
48	3.4. Perform M2-verification of all eclasses and profiles used (both
49	directly and indirectly) by the ebuild.
50
51
52
53	--
54	gentoo-commits@l.g.o mailing list

Gentoo Archives: gentoo-commits