Handbook Talk:PPC/Working/Features

From Gentoo Wiki
Jump to:navigation Jump to:search
Note
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using ~~~~:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC)
: A reply [[User:Sally|Sally]] 23:49, 11 October 2024 (UTC)
:: Your reply ~~~~

Validated Gentoo repository snapshots

Talk status
This discussion is done as of 2024-02-20.

Hey everyone,

So, I've been trying out validating Gentoo repositories according to the manual, however, this will lead to an error message:

# emerge --sync
!!! Repository 'gentoo' has sync-type attribute, but is missing sync-uri attribute

* The specified repo(s) are missing sync-uri: gentoo
  ...returning

So I thought of deleting it all together, which works. However, it'll then simply use the preset value in /usr/share/portage/config/repos.conf. However it seems to work, at least with my preset rsync://rsync.gentoo.org/gentoo-portage, so maybe the section

Clear the sync-uri variable

is obsolete?

According to this thread at Gentoo Forums it seems to be the case.

--Pygospa (talk) 08:55, 3 August 2017 (UTC)

The problem mentioned in "Not working according to description" is the well known bug #607290. The workaround is to omit that line.--Charles17 (talk) 10:11, 3 August 2017 (UTC)
And for the time until bug #607290 is fixed, Gentoo handbook should propose the ugly workaround instead of settings which are correct but due to the bug don't work!--Charles17 (talk) 11:03, 3 August 2017 (UTC)
I think so, too. I would just remove that file block all together, as removing the whole line in etc/portage/repos.conf/gentoo.conf would just make emerge use the settings in /usr/share/portage/config/repos.conf, which in most cases would be the same anyways. However, I don't seem to have the rights to edit that page. One more thing that just came into my mind: etc/portage/repos.conf/gentoo.conf does not exist by default. According to Project:Portage/Sync#Portage_configuration it should only exist when making changes anyway, so if a reader never changed anything up to this point, he won't find etc/portage/repos.conf/gentoo.conf and might get frustrated. One should add that as well, once this is working as it should...
I don't understand however, why one should bother to take that out anyway. When leaving the line in the config, I do get yet another warning saying that gpg: WARNING: unsafe permissions on homedir '/var/lib/gentoo/gkeys/keyrings/gentoo/release' - however, GPG signatures get checked.--Pygospa (talk) 09:05, 4 August 2017 (UTC)
See bug #566782
--Charles17 (talk) 11:21, 4 August 2017 (UTC)
Closing stale discussion. bug #566782 was closed long ago. --Maffblaster (talk) 08:52, 20 February 2024 (UTC)

Good idea to fully trust fingerprints from a website?

Talk status
This discussion is done as of 2024-02-20.

Another thing I was wondering is: Is it really a good idea to fully trust a fingerprint from a website?

As far as my understanding of Web-of-Trust goes, I should only trust keys where I have personally verified the fingerprint, e.g. by calling the owner, or meeting up and checking if the fingerprint I got from the web is identical to the one the owner has on his computer, with the attack scenario being that someone managed to temper with the website listing the fingerprints.

--Pygospa (talk) 08:55, 3 August 2017 (UTC)

You either trust them or you don't. We now offer PGP signing, so it's up to you. --Maffblaster (talk) 08:52, 20 February 2024 (UTC)