Gentoo Archives: gentoo-dev

From: Matthew Thode <prometheanfire@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] adding app-crypt/gentoo-keys to @system
Date: Wed, 20 Feb 2019 05:04:01
Message-Id: 20190220050350.tzggbrxg5wuowlzv@gentoo.org
In Reply to: Re: [gentoo-dev] adding app-crypt/gentoo-keys to @system by Michael Orlitzky
1 On 19-02-20 00:00:04, Michael Orlitzky wrote:
2 > On 2/19/19 11:21 PM, Matthew Thode wrote:
3 > >>
4 > >> What problem would this solve? (Is adding gentoo-keys to @system the
5 > >> least bad way to solve it?)
6 > >>
7 > >
8 > > It'd allow the stage tarballs (3,4) to use webrsync-gpg to verify
9 > > portage tarballs. This is useful for the initial sync (as called out in
10 > > our manual). Otherwise using emerge-webrsync could be mitm'd or
11 > > otherwise messed with.
12 >
13 > Ok, then I agree with the goal if not the solution. This is a
14 > portage-specific thing, namely
15 >
16 > FEATURES=webrsync-gpg
17 >
18 > that should be enabled by default on a stage3. (Making new users go out
19 > of their way to add basic security is daft.) Portage already has
20 > USE=rsync-verify, and I think we could either
21 >
22 > a) expand the meaning of that flag to include enabling webrsync-gpg
23 > by default, and to pull in gentoo-keys; or
24 >
25 > b) add another (default-on) flag like USE=webrsync-verify to do it
26 >
27 > That flag would be enabled by default, so gentoo-keys would be pulled in
28 > as part of @system without actually being *in* the @system. Something
29 > along those lines would achieve the same goal in a cleaner way.
30 >
31 >
32
33 This worksforme (optional, default enabled dep of portage with a default
34 feature flag change).
35
36 > > As far how we treat deps of @system packages, since this does not have
37 > > any deps that should help check that box for anyone worried.
38 >
39 > I meant the other way around. Once gentoo-keys is in @system, packages
40 > will (inconsistently) omit gentoo-keys from (R)DEPEND. There's no real
41 > policy or consensus on the matter, and it makes it a real PITA if we
42 > ever want to remove things from @system, because lots of packages will
43 > break in unpredictable ways.
44 >
45
46 Ah, ya, that makes sense.
47
48 --
49 Matthew Thode (prometheanfire)

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] adding app-crypt/gentoo-keys to @system Brian Dolbec <dolsen@g.o>