| 1 |
On Sun, Oct 02, 2011 at 01:39:41PM -0700, Zac Medico wrote: |
| 2 |
> On 10/02/2011 05:46 AM, Robin H. Johnson wrote: |
| 3 |
> > On Sat, Oct 01, 2011 at 09:40:13PM -0700, Zac Medico wrote: |
| 4 |
> >> If we control these hashes via metadata/layout.conf, then we can toggle |
| 5 |
> >> it atomically for all commiters. Otherwise, we'll have an annoying |
| 6 |
> >> period of time where different committers are committing different sets |
| 7 |
> >> of hashes, depending on their portage version. |
| 8 |
> > How do you suggest doing it via layout.conf? I've kept SHA256 in both |
| 9 |
> > sets for now, but if you could enforce new signatures including both |
| 10 |
> > WHIRLPOOL and SHA256, that would be great. |
| 11 |
> How about if we put something like this in |
| 12 |
> gentoo-x86/metadata/layout.conf now: |
| 13 |
Did you mean profiles/layout.conf? I just want to make sure no scripts |
| 14 |
that pull from CVS and expect that dir to not exist don't break. |
| 15 |
|
| 16 |
> manifest2-sha1 = true |
| 17 |
> manifest2-whirlpool = false |
| 18 |
Bikeshedding slightly, but can we figure something like a list or dict |
| 19 |
instead? (Also gives us a chance to make the required hashes a list). |
| 20 |
manifest2-hashes = ['SHA1', 'SHA256', 'RMD160'] |
| 21 |
|
| 22 |
> Then we'll patch portage so that by default it will disable SHA1 and |
| 23 |
> enable WHIRLPOOL, and the above settings will override the defaults. |
| 24 |
> After the patched portage is marked stable in a month or so, we'll send |
| 25 |
> an announcement to gentoo-announce, and remove the above settings from |
| 26 |
> layout.conf. |
| 27 |
Sounds good to me. Hopefully I'll have more of the MetaManifest |
| 28 |
prototype code in the next few days to go live around the same time. |
| 29 |
|
| 30 |
-- |
| 31 |
Robin Hugh Johnson |
| 32 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
| 33 |
E-Mail : robbat2@g.o |
| 34 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |
Archives