Re: [gentoo-user] syncing via via git and signature failure - gentoo-user

From:	Bill Kenworthy <billk@×××××××××.au>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] syncing via via git and signature failure
Date:	Sat, 07 Jul 2018 04:18:53
Message-Id:	`17baaa66-92bb-03f6-dd72-50306df5cca1@iinet.net.au`
In Reply to:	Re: [gentoo-user] syncing via via git and signature failure by Floyd Anderson

1

On 07/07/18 09:42, Floyd Anderson wrote:

2

> Hi Bill,

3

>

4

> On Sat, 07 Jul 2018 07:40:00 +0800

5

> Bill Kenworthy <billk@×××××××××.au> wrote:

6

>>

7

>> I still have this error and  Ive tried a number of things including:

8

>>

9

>> gemato create -p ebuild -K /usr/share/openpgp-keys/gentoo-release.asc

10

>> /usr/portage/

11

>>

12

>> next emerge --sync error-ed on a lot of private manifest files but

13

>> missing toot manifest error disappeared.  Deleted them and successfully

14

>> resynced.

15

>>

16

>> olympus /usr/portage # gemato verify -s -K

17

>> /usr/share/openpgp-keys/gentoo-release.asc /usr/portage/

18

>> INFO:root:Refreshing keys from keyserver...

19

>> INFO:root:Keys refreshed.

20

>> ERROR:root:Top-level Manifest /usr/portage/Manifest is not OpenPGP

21

>> signed

22

>> olympus /usr/portage #

23

>>

24

>> also did a "git reset --hard"

25

>>

26

>> still get:

27

>>

28

>> olympus /usr/portage # emerge --sync

29

>>>>> Syncing repository 'gentoo' into '/usr/portage'...

30

>> /usr/bin/git pull

31

>> Already up to date.

32

>>  * Using keys from /usr/share/openpgp-keys/gentoo-release.asc

33

>>  * Refreshing keys from keyserver

34

>> ...                                                                                                                                                

35

>>

36

>> [ ok ]

37

>>  * No valid signature found: unable to verify signature (missing key?)

38

>> q: Updating ebuild cache in /usr/portage ...

39

>

40

> please be aware of the context of my response to Mick. He use *rsync*

41

> and so do I. It seems you are using Git and thus, a different tree

42

> verification mechanism. I don't know why you have gemato installed,

43

> because it comes usually only with sys-apps/portage[rsync-verify] set

44

> and is only related to *rsync* therefore.

45

>

46

> Have a look at:

47

>

48

>  - [1] <https://www.gentoo.org/glep/glep-0074.html>

49

>  - [2]

50

> <https://www.gentoo.org/support/news-items/2018-01-30-portage-rsync-verification.html>

51

>  - [3] <https://wiki.gentoo.org/wiki/Portage_Security>

52

>

53

> for some further information. Maybe:

54

>

55

>  $ git status --untracked-files

56

>

57

> within your tree location can help to identify and sanitise the tree

58

> from any of your (with gemato) created files.

59

>

60

>

61

Brings up all the manifest files so I'll clean them out, resync and

62

see.  I do have rsync-verify set but I would not have thought that the

63

problem.  The system was converted to git syncing (by deletion and

64

recreating) soon after git became available so it could be something

65

ancient is the cause.  None of the docs I have examined seem to cover

66

portage and git problems very well.

67

68

69

BillK

1	On 07/07/18 09:42, Floyd Anderson wrote:
2	> Hi Bill,
3	>
4	> On Sat, 07 Jul 2018 07:40:00 +0800
5	> Bill Kenworthy <billk@×××××××××.au> wrote:
6	>>
7	>> I still have this error and Ive tried a number of things including:
8	>>
9	>> gemato create -p ebuild -K /usr/share/openpgp-keys/gentoo-release.asc
10	>> /usr/portage/
11	>>
12	>> next emerge --sync error-ed on a lot of private manifest files but
13	>> missing toot manifest error disappeared. Deleted them and successfully
14	>> resynced.
15	>>
16	>> olympus /usr/portage # gemato verify -s -K
17	>> /usr/share/openpgp-keys/gentoo-release.asc /usr/portage/
18	>> INFO:root:Refreshing keys from keyserver...
19	>> INFO:root:Keys refreshed.
20	>> ERROR:root:Top-level Manifest /usr/portage/Manifest is not OpenPGP
21	>> signed
22	>> olympus /usr/portage #
23	>>
24	>> also did a "git reset --hard"
25	>>
26	>> still get:
27	>>
28	>> olympus /usr/portage # emerge --sync
29	>>>>> Syncing repository 'gentoo' into '/usr/portage'...
30	>> /usr/bin/git pull
31	>> Already up to date.
32	>> * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
33	>> * Refreshing keys from keyserver
34	>> ...
35	>>
36	>> [ ok ]
37	>> * No valid signature found: unable to verify signature (missing key?)
38	>> q: Updating ebuild cache in /usr/portage ...
39	>
40	> please be aware of the context of my response to Mick. He use rsync
41	> and so do I. It seems you are using Git and thus, a different tree
42	> verification mechanism. I don't know why you have gemato installed,
43	> because it comes usually only with sys-apps/portage[rsync-verify] set
44	> and is only related to rsync therefore.
45	>
46	> Have a look at:
47	>
48	> - [1] <https://www.gentoo.org/glep/glep-0074.html>
49	> - [2]
50	> <https://www.gentoo.org/support/news-items/2018-01-30-portage-rsync-verification.html>
51	> - [3] <https://wiki.gentoo.org/wiki/Portage_Security>
52	>
53	> for some further information. Maybe:
54	>
55	> $ git status --untracked-files
56	>
57	> within your tree location can help to identify and sanitise the tree
58	> from any of your (with gemato) created files.
59	>
60	>
61	Brings up all the manifest files so I'll clean them out, resync and
62	see. I do have rsync-verify set but I would not have thought that the
63	problem. The system was converted to git syncing (by deletion and
64	recreating) soon after git became available so it could be something
65	ancient is the cause. None of the docs I have examined seem to cover
66	portage and git problems very well.
67
68
69	BillK

Gentoo Archives: gentoo-user