| 1 |
On Sun, 30 Oct 2016 14:44:26 -0700 |
| 2 |
Zac Medico <zmedico@g.o> wrote: |
| 3 |
|
| 4 |
> On 10/30/2016 02:34 PM, Michał Górny wrote: |
| 5 |
> > Increate the default git sync-depth from 1 to 10, to ensure that |
| 6 |
> |
| 7 |
> s/Increate/Increase/ |
| 8 |
|
| 9 |
Fixed. |
| 10 |
|
| 11 |
> > gentoo-mirror git clones retain at least a single original signed |
| 12 |
> > commit. |
| 13 |
> > --- |
| 14 |
> > man/portage.5 | 10 ++++++++-- |
| 15 |
> > pym/portage/sync/modules/git/__init__.py | 2 +- |
| 16 |
> > 2 files changed, 9 insertions(+), 3 deletions(-) |
| 17 |
> > |
| 18 |
> > diff --git a/man/portage.5 b/man/portage.5 |
| 19 |
> > index 963f49d..c1e4d97 100644 |
| 20 |
> > --- a/man/portage.5 |
| 21 |
> > +++ b/man/portage.5 |
| 22 |
> > @@ -965,8 +965,14 @@ Specifies priority of given repository. |
| 23 |
> > Specifies CVS repository. |
| 24 |
> > .TP |
| 25 |
> > .B sync\-depth |
| 26 |
> > -Specifies clone depth to use for DVCS repositories. Defaults to 1 (only |
| 27 |
> > -the newest commit). If set to 0, the depth is unlimited. |
| 28 |
> > +Specifies clone depth to use for DVCS repositories. Defaults to 10 |
| 29 |
> > +(commits deep). If set to 0, the depth is unlimited. |
| 30 |
> > +.br |
| 31 |
> > +The default depth of 10 was chosen as a compromise between space |
| 32 |
> > +and bandwidth savings, and maintaining a history of recent commits. |
| 33 |
> > +It is especially important for gentoo-mirror repositories where the most |
| 34 |
> > +recent commits are automated and unsigned, and it is necessary to |
| 35 |
> > +rewind the history to the newest signed commit for OpenPGP verification. |
| 36 |
> |
| 37 |
> Shouldn't people feel uneasy about the last commit being unverifiable? I |
| 38 |
> would think that that last commit should be signed with an |
| 39 |
> infrastructure key. |
| 40 |
|
| 41 |
I've even written a blog post [1] about that. Long story short, |
| 42 |
trusting some random key used by automated process running on remote |
| 43 |
server with no real security is insane. I've made a script that |
| 44 |
verifies underlying repo commit instead, and diffs for metadata |
| 45 |
changes. |
| 46 |
|
| 47 |
[1]:https://blogs.gentoo.org/mgorny/2016/04/15/why-automated-gentoo-mirror-commits-are-not-signed-and-how-to-verify-them-2/ |
| 48 |
|
| 49 |
-- |
| 50 |
Best regards, |
| 51 |
Michał Górny |
| 52 |
<http://dev.gentoo.org/~mgorny/> |
Archives