1 |
Enable sync-webrsync-verify-signature by default. Use a new |
2 |
PORTAGE_TEMP_GPG_DIR variable to distinguish indirect emerge-webrsync |
3 |
calls that use gemato for secure key refresh, and disable direct |
4 |
emerge-webrsync calls. |
5 |
|
6 |
Deprecate FEATURES=webrsync-gpg and use it to trigger a |
7 |
backward-compatibility mode where direct emerge-webrsync calls are |
8 |
allowed (but trigger a warning message). Since direct emerge-webrsync |
9 |
calls do not use gemato for secure key refresh, this behavior will |
10 |
not be supported in a future release. |
11 |
|
12 |
Bug: https://bugs.gentoo.org/689506 |
13 |
--- |
14 |
bin/emerge-webrsync | 19 ++++++++++++++++--- |
15 |
lib/portage/package/ebuild/config.py | 4 ++++ |
16 |
lib/portage/sync/modules/webrsync/webrsync.py | 3 ++- |
17 |
man/make.conf.5 | 6 ++++-- |
18 |
man/portage.5 | 2 +- |
19 |
misc/emerge-delta-webrsync | 19 ++++++++++++++++--- |
20 |
6 files changed, 43 insertions(+), 10 deletions(-) |
21 |
|
22 |
diff --git a/bin/emerge-webrsync b/bin/emerge-webrsync |
23 |
index f622dde3e..25daaf8eb 100755 |
24 |
--- a/bin/emerge-webrsync |
25 |
+++ b/bin/emerge-webrsync |
26 |
@@ -50,7 +50,7 @@ eval "$("${portageq}" envvar -v DISTDIR EPREFIX FEATURES \ |
27 |
FETCHCOMMAND GENTOO_MIRRORS \ |
28 |
PORTAGE_BIN_PATH PORTAGE_CONFIGROOT PORTAGE_GPG_DIR \ |
29 |
PORTAGE_NICENESS PORTAGE_REPOSITORIES PORTAGE_RSYNC_EXTRA_OPTS \ |
30 |
- PORTAGE_RSYNC_OPTS PORTAGE_TMPDIR \ |
31 |
+ PORTAGE_RSYNC_OPTS PORTAGE_TEMP_GPG_DIR PORTAGE_TMPDIR \ |
32 |
USERLAND http_proxy ftp_proxy)" |
33 |
export http_proxy ftp_proxy |
34 |
|
35 |
@@ -74,9 +74,21 @@ do_verbose=0 |
36 |
do_debug=0 |
37 |
keep=false |
38 |
|
39 |
-if has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature | \ |
40 |
+has webrsync-gpg ${FEATURES} && webrsync_gpg=1 || webrsync_gpg=0 |
41 |
+ |
42 |
+if [[ ${webrsync_gpg} -eq 1 ]]; then |
43 |
+ wecho "FEATURES=webrsync-gpg is deprecated, see the make.conf(5) man page." |
44 |
+fi |
45 |
+ |
46 |
+if [[ -n ${PORTAGE_TEMP_GPG_DIR} ]] || |
47 |
+ has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature | |
48 |
LC_ALL=C tr '[:upper:]' '[:lower:]') true yes; then |
49 |
- if [[ ! -d ${PORTAGE_GPG_DIR} ]]; then |
50 |
+ # If FEATURES=webrsync-gpg is enabled then allow direct emerge-webrsync |
51 |
+ # calls for backward compatibility (this triggers a deprecation warning |
52 |
+ # above). Since direct emerge-webrsync calls do not use gemato for secure |
53 |
+ # key refresh, this behavior will not be supported in a future release. |
54 |
+ if [[ ! ( -d ${PORTAGE_GPG_DIR} && ${webrsync_gpg} -eq 1 ) && |
55 |
+ -z ${PORTAGE_TEMP_GPG_DIR} ]]; then |
56 |
eecho "Do not call ${argv0##*/} directly, instead call emerge --sync or emaint sync." |
57 |
exit 1 |
58 |
fi |
59 |
@@ -86,6 +98,7 @@ elif has webrsync-gpg ${FEATURES}; then |
60 |
else |
61 |
WEBSYNC_VERIFY_SIGNATURE=0 |
62 |
fi |
63 |
+[[ -n ${PORTAGE_TEMP_GPG_DIR} ]] && PORTAGE_GPG_DIR=${PORTAGE_TEMP_GPG_DIR} |
64 |
if [ ${WEBSYNC_VERIFY_SIGNATURE} != 0 -a -z "${PORTAGE_GPG_DIR}" ]; then |
65 |
eecho "please set PORTAGE_GPG_DIR in make.conf" |
66 |
exit 1 |
67 |
diff --git a/lib/portage/package/ebuild/config.py b/lib/portage/package/ebuild/config.py |
68 |
index 780013bca..83a15b370 100644 |
69 |
--- a/lib/portage/package/ebuild/config.py |
70 |
+++ b/lib/portage/package/ebuild/config.py |
71 |
@@ -1205,6 +1205,10 @@ class config(object): |
72 |
writemsg(_("!!! FEATURES=fakeroot is enabled, but the " |
73 |
"fakeroot binary is not installed.\n"), noiselevel=-1) |
74 |
|
75 |
+ if "webrsync-gpg" in self.features: |
76 |
+ writemsg(_("!!! FEATURES=webrsync-gpg is deprecated, see the make.conf(5) man page.\n"), |
77 |
+ noiselevel=-1) |
78 |
+ |
79 |
if os.getuid() == 0 and not hasattr(os, "setgroups"): |
80 |
warning_shown = False |
81 |
|
82 |
diff --git a/lib/portage/sync/modules/webrsync/webrsync.py b/lib/portage/sync/modules/webrsync/webrsync.py |
83 |
index 609ba0be2..6228cb93c 100644 |
84 |
--- a/lib/portage/sync/modules/webrsync/webrsync.py |
85 |
+++ b/lib/portage/sync/modules/webrsync/webrsync.py |
86 |
@@ -62,7 +62,7 @@ class WebRsync(SyncBase): |
87 |
openpgp_env = None |
88 |
try: |
89 |
if self.repo.module_specific_options.get( |
90 |
- 'sync-webrsync-verify-signature', 'false').lower() in ('true', 'yes'): |
91 |
+ 'sync-webrsync-verify-signature', 'true').lower() in ('true', 'yes'): |
92 |
|
93 |
if not self.repo.sync_openpgp_key_path: |
94 |
writemsg_level("!!! sync-openpgp-key-path is not set\n", |
95 |
@@ -88,6 +88,7 @@ class WebRsync(SyncBase): |
96 |
openpgp_env.import_key(f) |
97 |
self._refresh_keys(openpgp_env) |
98 |
self.spawn_kwargs["env"]["PORTAGE_GPG_DIR"] = openpgp_env.home |
99 |
+ self.spawn_kwargs["env"]["PORTAGE_TEMP_GPG_DIR"] = openpgp_env.home |
100 |
except (GematoException, asyncio.TimeoutError) as e: |
101 |
writemsg_level("!!! Verification impossible due to keyring problem:\n%s\n" |
102 |
% (e,), |
103 |
diff --git a/man/make.conf.5 b/man/make.conf.5 |
104 |
index d73bb9bac..ede92de7a 100644 |
105 |
--- a/man/make.conf.5 |
106 |
+++ b/man/make.conf.5 |
107 |
@@ -1,4 +1,4 @@ |
108 |
-.TH "MAKE.CONF" "5" "Jun 2019" "Portage VERSION" "Portage" |
109 |
+.TH "MAKE.CONF" "5" "Ju. 2019" "Portage VERSION" "Portage" |
110 |
.SH "NAME" |
111 |
make.conf \- custom settings for Portage |
112 |
.SH "SYNOPSIS" |
113 |
@@ -716,7 +716,9 @@ Portage would have to waste time validating ownership for each and every sync |
114 |
operation. |
115 |
.TP |
116 |
.B webrsync-gpg |
117 |
-Enable GPG verification when using \fIemerge\-webrsync\fR. |
118 |
+Enable GPG verification when using \fIemerge\-webrsync\fR. This feature is |
119 |
+deprecated and has been replaced by the \fBrepos.conf\fR |
120 |
+\fIsync\-webrsync\-verify\-signature\fR setting, see \fBportage\fR(5) |
121 |
.TP |
122 |
.B xattr |
123 |
Preserve extended attributes (filesystem-stored metadata) when installing |
124 |
diff --git a/man/portage.5 b/man/portage.5 |
125 |
index 36c871123..bcb4d3f58 100644 |
126 |
--- a/man/portage.5 |
127 |
+++ b/man/portage.5 |
128 |
@@ -1178,7 +1178,7 @@ Keep snapshots in \fBDISTDIR\fR (do not delete). Defaults to false. |
129 |
.B sync\-webrsync\-verify\-signature = true|false |
130 |
Require the detached tarball signature to contain a good OpenPGP |
131 |
signature. This uses the OpenPGP key(ring) specified by the |
132 |
-sync\-openpgp\-key\-path setting. Defaults to false. |
133 |
+sync\-openpgp\-key\-path setting. Defaults to true. |
134 |
|
135 |
.RE |
136 |
|
137 |
diff --git a/misc/emerge-delta-webrsync b/misc/emerge-delta-webrsync |
138 |
index 8419e01a9..c5f6fbbd3 100755 |
139 |
--- a/misc/emerge-delta-webrsync |
140 |
+++ b/misc/emerge-delta-webrsync |
141 |
@@ -48,7 +48,7 @@ eval "$("${portageq}" envvar -v DISTDIR EPREFIX FEATURES \ |
142 |
FETCHCOMMAND GENTOO_MIRRORS \ |
143 |
PORTAGE_BIN_PATH PORTAGE_CONFIGROOT PORTAGE_GPG_DIR \ |
144 |
PORTAGE_NICENESS PORTAGE_REPOSITORIES PORTAGE_RSYNC_EXTRA_OPTS \ |
145 |
- PORTAGE_RSYNC_OPTS PORTAGE_TMPDIR \ |
146 |
+ PORTAGE_RSYNC_OPTS PORTAGE_TEMP_GPG_DIR PORTAGE_TMPDIR \ |
147 |
USERLAND http_proxy ftp_proxy)" |
148 |
export http_proxy ftp_proxy |
149 |
|
150 |
@@ -114,9 +114,21 @@ if [[ ! -d $STATE_DIR ]]; then |
151 |
exit -2 |
152 |
fi |
153 |
|
154 |
-if has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature | \ |
155 |
+has webrsync-gpg ${FEATURES} && webrsync_gpg=1 || webrsync_gpg=0 |
156 |
+ |
157 |
+if [[ ${webrsync_gpg} -eq 1 ]]; then |
158 |
+ wecho "FEATURES=webrsync-gpg is deprecated, see the make.conf(5) man page." |
159 |
+fi |
160 |
+ |
161 |
+if [[ -n ${PORTAGE_TEMP_GPG_DIR} ]] || |
162 |
+ has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature | |
163 |
LC_ALL=C tr '[:upper:]' '[:lower:]') true yes; then |
164 |
- if [[ ! -d ${PORTAGE_GPG_DIR} ]]; then |
165 |
+ # If FEATURES=webrsync-gpg is enabled then allow direct emerge-webrsync |
166 |
+ # calls for backward compatibility (this triggers a deprecation warning |
167 |
+ # above). Since direct emerge-webrsync calls do not use gemato for secure |
168 |
+ # key refresh, this behavior will not be supported in a future release. |
169 |
+ if [[ ! ( -d ${PORTAGE_GPG_DIR} && ${webrsync_gpg} -eq 1 ) && |
170 |
+ -z ${PORTAGE_TEMP_GPG_DIR} ]]; then |
171 |
eecho "Do not call ${argv0##*/} directly, instead call emerge --sync or emaint sync." |
172 |
exit 1 |
173 |
fi |
174 |
@@ -126,6 +138,7 @@ elif has webrsync-gpg ${FEATURES}; then |
175 |
else |
176 |
WEBSYNC_VERIFY_SIGNATURE=0 |
177 |
fi |
178 |
+[[ -n ${PORTAGE_TEMP_GPG_DIR} ]] && PORTAGE_GPG_DIR=${PORTAGE_TEMP_GPG_DIR} |
179 |
if [ ${WEBSYNC_VERIFY_SIGNATURE} != 0 -a -z "${PORTAGE_GPG_DIR}" ]; then |
180 |
eecho "please set PORTAGE_GPG_DIR in make.conf" |
181 |
exit 1 |
182 |
-- |
183 |
2.21.0 |