Gentoo Archives: gentoo-portage-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-portage-dev@l.g.o
Subject: [gentoo-portage-dev] Plan for initial integration of gemato with portage
Date: Wed, 24 Jan 2018 09:47:02
Message-Id: 2503DDCC-8A9D-4C39-9779-ABFDAB972895@gentoo.org
1 Hi, everyone.
2
3 Since the initial review of my patch lost focus, and lacked sufficient context, here's the plan that I'd like to follow in order to initially integrate gemato with portage and give our users secure checkouts by default.
4
5 1. Add postsync hook to Portage git. Eventually, it will be replaced by direct Portage support.
6
7 2. Add IUSE=+rsync-verify to portage-9999 that controls installing the hook. This will give users the ability to easily disable it without jumping through cross package hoops.
8
9 3. Submit a news item for review that will explain how to initially verify the keys on existing installations.
10
11 The news item would be published when the hook hits a release.
12
13 What do you think? If you agree, then I'll start writing the news item.
14 --
15 Best regards,
16 Michał Górny (by phone)

Replies