1 |
2018-07-03 11:10 GMT+03:00 Mick <michaelkintzios@×××××.com>: |
2 |
> On Tuesday, 3 July 2018 08:48:02 BST gevisz wrote: |
3 |
>> Just today I have tried emerge-webrsync and got |
4 |
>> to the following endless circle: |
5 |
>> |
6 |
>> Fetching most recent snapshot ... |
7 |
>> Trying to retrieve 20180702 snapshot from http://mirror.netcologne.de/gentoo |
8 |
>> ... Fetching file portage-20180702.tar.xz.md5sum ... |
9 |
>> Fetching file portage-20180702.tar.xz.gpgsig ... |
10 |
>> Fetching file portage-20180702.tar.xz ... |
11 |
>> Checking digest ... |
12 |
>> Checking signature ... |
13 |
>> gpg: Signature made Tue Jul 3 03:51:21 2018 EEST |
14 |
>> gpg: using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 |
15 |
>> gpg: Good signature from "Gentoo Portage Snapshot Signing Key |
16 |
>> (Automated Signing Key)" [expired] |
17 |
>> gpg: Note: This key has expired! |
18 |
>> Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D |
19 |
>> Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250 |
20 |
>> Fetching file portage-20180702.tar.bz2.md5sum ... |
21 |
>> Fetching file portage-20180702.tar.bz2.gpgsig ... |
22 |
>> Fetching file portage-20180702.tar.bz2 ... |
23 |
>> Checking digest ... |
24 |
>> Checking signature ... |
25 |
>> gpg: Signature made Tue Jul 3 03:51:20 2018 EEST |
26 |
>> gpg: using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 |
27 |
>> gpg: Good signature from "Gentoo Portage Snapshot Signing Key |
28 |
>> (Automated Signing Key)" [expired] |
29 |
>> gpg: Note: This key has expired! |
30 |
>> Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D |
31 |
>> Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250 |
32 |
>> Fetching file portage-20180702.tar.gz.md5sum ... |
33 |
>> |
34 |
>> The following command showed that all Gentoo signing keys in my system |
35 |
>> expired: |
36 |
>> |
37 |
>> # gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release |
38 |
>> --with-fingerprint --list-keys |
39 |
>> /var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg |
40 |
>> --------------------------------------------------------- |
41 |
>> pub rsa4096 2014-10-03 [C] [expired: 2017-09-17] |
42 |
>> D2DE 1DBB A0F4 3EBA 341B 97D8 8255 33CB F6CD 6C97 |
43 |
>> uid [ expired] Gentoo-keys Team <gkeys@g.o> |
44 |
>> |
45 |
>> pub dsa1024 2004-07-20 [SC] [expired: 2018-07-01] |
46 |
>> D99E AC73 79A8 50BC E47D A5F2 9E64 38C8 1707 2058 |
47 |
>> uid [ expired] Gentoo Linux Release Engineering (Gentoo |
48 |
>> Linux Release Signing Key) <releng@g.o> |
49 |
>> |
50 |
>> pub rsa4096 2011-11-25 [C] [expired: 2018-07-01] |
51 |
>> DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D |
52 |
>> uid [ expired] Gentoo Portage Snapshot Signing Key |
53 |
>> (Automated Signing Key) |
54 |
>> |
55 |
>> pub rsa4096 2009-08-25 [SC] [expired: 2017-08-25] |
56 |
>> 13EB BDBE DE7A 1277 5DFD B1BA BB57 2E0E 2D18 2910 |
57 |
>> uid [ expired] Gentoo Linux Release Engineering (Automated |
58 |
>> Weekly Release Key) <releng@g.o> |
59 |
>> |
60 |
>> |
61 |
>> Trying to renew them manually with the following commands does not help: |
62 |
>> |
63 |
>> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys |
64 |
>> 0x825533CBF6CD6C97 gpg: key 825533CBF6CD6C97: 2 signatures not checked due |
65 |
>> to missing keys gpg: key 825533CBF6CD6C97: public key "Gentoo-keys Team |
66 |
>> <gkeys@g.o>" imported |
67 |
>> gpg: no ultimately trusted keys found |
68 |
>> gpg: Total number processed: 1 |
69 |
>> gpg: imported: 1 |
70 |
>> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys |
71 |
>> 0xDB6B8C1F96D8BF6D gpg: key DB6B8C1F96D8BF6D: 14 signatures not checked due |
72 |
>> to missing keys gpg: key DB6B8C1F96D8BF6D: public key "Gentoo Portage |
73 |
>> Snapshot Signing Key (Automated Signing Key)" imported |
74 |
>> gpg: no ultimately trusted keys found |
75 |
>> gpg: Total number processed: 1 |
76 |
>> gpg: imported: 1 |
77 |
>> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys |
78 |
>> 0x9E6438C817072058 gpg: key 9E6438C817072058: 83 signatures not checked due |
79 |
>> to missing keys gpg: key 9E6438C817072058: public key "Gentoo Linux Release |
80 |
>> Engineering (Gentoo Linux Release Signing Key) <releng@g.o>" |
81 |
>> imported |
82 |
>> gpg: no ultimately trusted keys found |
83 |
>> gpg: Total number processed: 1 |
84 |
>> gpg: imported: 1 |
85 |
>> # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys |
86 |
>> 0xBB572E0E2D182910 gpg: key BB572E0E2D182910: 10 signatures not checked due |
87 |
>> to missing keys gpg: key BB572E0E2D182910: 1 bad signature |
88 |
>> gpg: key BB572E0E2D182910: public key "Gentoo Linux Release |
89 |
>> Engineering (Automated Weekly Release Key) <releng@g.o>" |
90 |
>> imported |
91 |
>> gpg: no ultimately trusted keys found |
92 |
>> gpg: Total number processed: 1 |
93 |
>> gpg: imported: 1 |
94 |
>> |
95 |
>> Here |
96 |
>> https://wiki.gentoo.org/wiki/Handbook:AMD64/Working/Features#Fetching_files |
97 |
>> has been said the following: |
98 |
>> |
99 |
>> If any of the keys installed from app-crypt/gentoo-keys should expire, |
100 |
>> run gkeys from app-crypt/gkeys to refresh them from the key server: |
101 |
>> root #emerge --ask app-crypt/gkeys |
102 |
>> root #gkeys refresh-key -C gentoo |
103 |
>> |
104 |
>> but gkeys are not stable in my architeture as it follows from the following: |
105 |
>> |
106 |
>> $ eix gkeys |
107 |
>> * app-crypt/gkeys |
108 |
>> Available versions: ~0.2 **9999 {PYTHON_TARGETS="python2_7 |
109 |
>> python3_4 python3_5 python3_6"} |
110 |
>> Homepage: https://wiki.gentoo.org/wiki/Project:Gentoo-keys |
111 |
>> Description: An OpenPGP/GPG key management tool and python libs |
112 |
>> |
113 |
>> * app-crypt/gkeys-gen |
114 |
>> Available versions: ~0.2 **9999 {PYTHON_TARGETS="python2_7 |
115 |
>> python3_4 python3_5 python3_6"} |
116 |
>> Homepage: https://wiki.gentoo.org/wiki/Project:Gentoo-keys |
117 |
>> Description: Tool for generating OpenPGP/GPG keys using a |
118 |
>> specifications file |
119 |
> |
120 |
> This package update came up yesterday: |
121 |
> |
122 |
> app-crypt/openpgp-keys-gentoo-release-20180702 |
123 |
> |
124 |
|
125 |
Too late: Gentoo signing keys expired on 1 July 2018. |
126 |
So, no way to update portage tree on 2 July 2018. :( |