| 1 |
On Mon, 10 Aug 2015 22:13:23 +0200 hasufell wrote: |
| 2 |
> On 08/10/2015 05:09 PM, Rich Freeman wrote: |
| 3 |
> > On Mon, Aug 10, 2015 at 11:04 AM, Mike Gilbert <floppym@g.o> wrote: |
| 4 |
> >> |
| 5 |
> >> Expanding on this: the rsync master creates the following |
| 6 |
> >> files/directories under metatdata. On my own system, I like to symlink |
| 7 |
> >> them to locations outside my repo so that related portage features |
| 8 |
> >> continue to work. |
| 9 |
> >> |
| 10 |
> >> I would like to have these added in .gitignore. |
| 11 |
> >> |
| 12 |
> >> metadata/dtd/ # used by something? |
| 13 |
> >> metadata/glsa/ # used by the GLSA utilities? |
| 14 |
> >> matadata/herds.xml # used by equery from gentoolkit |
| 15 |
> >> metadata/news/ # used by eselect news |
| 16 |
> >> |
| 17 |
> > |
| 18 |
> > As a side note, it probably wouldn't hurt to set up a guide for |
| 19 |
> > running git on /usr/portage, including setting up these symlinks, |
| 20 |
> > running egencache after emerge --sync, etc. I imagine that this is a |
| 21 |
> > configuration that many developers will tend to use, and with the |
| 22 |
> > advent of git we may see more users who tend to contribute doing the |
| 23 |
> > same. |
| 24 |
> > |
| 25 |
> |
| 26 |
> In fact, this should be the recommended way of running gentoo for |
| 27 |
> everyone. Our rsync methods are still inherently insecure (unless I |
| 28 |
> missed something), because: |
| 29 |
> 1. machine key |
| 30 |
> 2. profiles, eclasses and so on are not covered with a |
| 31 |
> signature/Manifest anyway |
| 32 |
|
| 33 |
Not unless metadata cache will be synced too from a trusted source. |
| 34 |
It takes too much time to generate, especially on non-brand-new |
| 35 |
hardware. |
| 36 |
|
| 37 |
Best regards, |
| 38 |
Andrew Savchenko |
Archives