| 1 |
On Tue, Jul 3, 2018 at 8:44 AM gevisz <gevisz@×××××.com> wrote: |
| 2 |
> |
| 3 |
> 2018-07-03 14:47 GMT+03:00 Rich Freeman <rich0@g.o>: |
| 4 |
> > On Tue, Jul 3, 2018 at 7:06 AM gevisz <gevisz@×××××.com> wrote: |
| 5 |
> >> |
| 6 |
> >> Why not to put new openpgp-keys-gentoo-release |
| 7 |
> >> into the portage tree BEFORE all existing Gentoo |
| 8 |
> >> singing keys expire? |
| 9 |
> >> |
| 10 |
> > |
| 11 |
> > My guess is that it was an oversight. |
| 12 |
> > |
| 13 |
> > I note that emerge --sync seems to update keys from the keyserver |
| 14 |
> > automatically, and thus it didn't report any errors syncing for me. |
| 15 |
> > On the other hand, I believe it will leave /usr/portage compromised if |
| 16 |
> > an error is detected, so if you don't actually catch the error it |
| 17 |
> > throws you can still be harmed. I assume webrsync won't do that, but |
| 18 |
> > I haven't checked (the repository I use isn't available to webrsync as |
| 19 |
> > far as I'm aware). |
| 20 |
> |
| 21 |
> emerge-webrsync do check gpg Gentoo signitures, if webrsync-gpg |
| 22 |
> feature is enabled in /etc/portage/make.conf, but it cannot do so, if |
| 23 |
> all Gentoo signitures expired, as it was the case after 1 July 2018. |
| 24 |
> |
| 25 |
|
| 26 |
I know it checks sigs. I was assuming that it won't actually |
| 27 |
overwrite a good /usr/portage with a bad one if the verification |
| 28 |
fails. |
| 29 |
|
| 30 |
emerge --sync, with git at least, overwrites /usr/portage in place and |
| 31 |
so it will leave it in a bad state if verification fails. |
| 32 |
|
| 33 |
-- |
| 34 |
Rich |
Archives