1 |
On Mon, 10 Aug 2015 22:13:23 +0200 hasufell wrote: |
2 |
> On 08/10/2015 05:09 PM, Rich Freeman wrote: |
3 |
> > On Mon, Aug 10, 2015 at 11:04 AM, Mike Gilbert <floppym@g.o> wrote: |
4 |
> >> |
5 |
> >> Expanding on this: the rsync master creates the following |
6 |
> >> files/directories under metatdata. On my own system, I like to symlink |
7 |
> >> them to locations outside my repo so that related portage features |
8 |
> >> continue to work. |
9 |
> >> |
10 |
> >> I would like to have these added in .gitignore. |
11 |
> >> |
12 |
> >> metadata/dtd/ # used by something? |
13 |
> >> metadata/glsa/ # used by the GLSA utilities? |
14 |
> >> matadata/herds.xml # used by equery from gentoolkit |
15 |
> >> metadata/news/ # used by eselect news |
16 |
> >> |
17 |
> > |
18 |
> > As a side note, it probably wouldn't hurt to set up a guide for |
19 |
> > running git on /usr/portage, including setting up these symlinks, |
20 |
> > running egencache after emerge --sync, etc. I imagine that this is a |
21 |
> > configuration that many developers will tend to use, and with the |
22 |
> > advent of git we may see more users who tend to contribute doing the |
23 |
> > same. |
24 |
> > |
25 |
> |
26 |
> In fact, this should be the recommended way of running gentoo for |
27 |
> everyone. Our rsync methods are still inherently insecure (unless I |
28 |
> missed something), because: |
29 |
> 1. machine key |
30 |
> 2. profiles, eclasses and so on are not covered with a |
31 |
> signature/Manifest anyway |
32 |
|
33 |
Not unless metadata cache will be synced too from a trusted source. |
34 |
It takes too much time to generate, especially on non-brand-new |
35 |
hardware. |
36 |
|
37 |
Best regards, |
38 |
Andrew Savchenko |