Gentoo Archives: gentoo-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-dev@l.g.o
Cc: phajdan.jr@g.o
Subject: Re: [gentoo-dev] repoman commit unexpectedly drops FEATURES="sign" on error
Date: Sun, 23 Jun 2013 08:18:41
Message-Id: 20130623101938.63f2fe7d@gentoo.org
In Reply to: Re: [gentoo-dev] repoman commit unexpectedly drops FEATURES="sign" on error by "Paweł Hajdan
1 Dnia 2013-06-22, o godz. 17:02:56
2 ""Paweł Hajdan, Jr."" <phajdan.jr@g.o> napisał(a):
3
4 > On 6/20/13 2:16 AM, Michał Górny wrote:
5 > > Doing test signatures won't cover all failures.
6 >
7 > Do you know an example? The only one I'm aware of is when a test
8 > signature is made very close to the expiration date, and then the real
9 > signature would be done after it.
10
11 Well, Michael explained one in the other branch of this thread quite
12 thoroughly. Other than that, there can be random runtime errors
13 and race conditions.
14
15 I'd say it's as good as using stat() to check whether a file exists
16 before opening it. But thinking of it, I've got another idea...
17
18 How about opening 'gpg -s' in a subprocess before first commit
19 and feeding the Manifest afterwards? As far as I can see, gpg asks for
20 the password instantly, so likely most of the bases will be covered
21 already, and we're be doing a single signature only.
22
23 --
24 Best regards,
25 Michał Górny

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies