Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Bill Kenworthy <billk@×××××××××.au>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] syncing via via git and signature failure
Date: Wed, 04 Jul 2018 22:36:14
Message-Id: d48915d5-9142-463a-8540-dcd713068a2a@iinet.net.au
In Reply to: Re: [gentoo-user] syncing via via git and signature failure by gevisz
1 On 05/07/18 02:32, gevisz wrote:
2 > 2018-07-04 21:01 GMT+03:00 Mick <michaelkintzios@×××××.com>:
3 >> On Wednesday, 4 July 2018 18:57:56 BST gevisz wrote:
4 >>> 2018-07-04 11:55 GMT+03:00 Alex Thorne <lexiconifernelius@×××××.com>:
5 >>>>> I use rsync and get the following for more than a day now;
6 >>>>>
7 >>>>> !!! Manifest verification failed:
8 >>>>> OpenPGP verification failed:
9 >>>>> gpg: Signature made Wed 04 Jul 2018 04:08:28 AM UTC
10 >>>>> gpg: using RSA key
11 >>>>> E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
12 >>>>> gpg: Can't check signature: No public key
13 >>>> I'm seeing this too. For me `app-crypt/gentoo-keys` is somehow no longer
14 >>>> installed and `/var/lib/gentoo/gkeys` is missing. I have no idea how this
15 >>>> happened. Perhaps it somehow got into `emerge --depclean` and I didn't
16 >>>> catch it.
17 >>> No. Gentoo maintainers just overlooked that all Gentoo signing keys expired
18 >>> on July 1, and added new openpgp-keys-gentoo into portage tree only on July
19 >>> 2.
20 >>>
21 >>> So, since July 1, rsync cannot verify any new portage tree and cannot
22 >>> download app-crypt/openpgp-keys-gentoo-release-20180702
23 >>>
24 >>> It was discovered in the thread
25 >>> "All Gentoo signing key expired and no way to fix it"
26 >> Is there a documented manual workaround we could follow at present,
27 >> irrespective of our sync'ing mechanism of choice?
28 > For me, it somehow worked by manually refreshing the Gentoo signing keys by
29 > executing the following two commands:
30 > # gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --refresh-keys
31 > # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys 0xDB6B8C1F96D8BF6D
32 > in different order and sourcing /etc/profile
33 >
34 > But, please, note that I use emerge-webrsync to update the portage tree.
35 >
36 I believe the internal mechanisms are different between git and rsync. 
37 Ive tried manually updating the keys with no luck.
38
39
40 BillK
Report Message
Find on MARC Find on Google Groups