| 1 |
Thanks. |
| 2 |
|
| 3 |
BillK |
| 4 |
|
| 5 |
|
| 6 |
On 9/4/22 15:32, Ionen Wolkens wrote: |
| 7 |
> On Sat, Apr 09, 2022 at 02:50:30PM +0800, William Kenworthy wrote: |
| 8 |
>> A new use has shown up named "verify-sig". It seems simple enough from |
| 9 |
>> its euse description but its causing a large number of packages to be |
| 10 |
>> rebuilt unnecessarily (it defaults to off on my sytems). Should I |
| 11 |
>> enable it? - I can find much info on it and it looks like it will cause |
| 12 |
>> major user hassles considering its effects so far - I am surprised there |
| 13 |
>> has been no news item for it which probably means its not considered a |
| 14 |
>> useful use flag. |
| 15 |
> Use --changed-use/-U rather than --newuse/-N when using emerge. |
| 16 |
> |
| 17 |
> With --changed-use, if USE is changing from to: |
| 18 |
> enabled -> removed = rebuilds |
| 19 |
> disabled -> removed = ignores (changes nothing, no rebuild needed) |
| 20 |
> missing -> disabled = ignores (likewise, this is the verify-sig) |
| 21 |
> missing -> enabled = rebuilds |
| 22 |
> |
| 23 |
> While --newuse rebuilds in all 4 cases. |
| 24 |
> |
| 25 |
> There's largely no reason to enable verify-sig as you're already |
| 26 |
> verifying through the Manifest. This is primarily intended for |
| 27 |
> developers, albeit for users it can give some assurance that |
| 28 |
> signatures were checked. |
| 29 |
> |
Archives