Handbook Talk:Parts/Working/Features

From Gentoo Wiki
Jump to: navigation, search
Note
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (~~~~). When adding a new section (at the bottom of the page), please mark it as "open for discussion" by using {{talk|open}} so it will show up in the list of open discussions.

Different --homedir in this section

Talk status
This discussion is done.

Guess the second RootCmd is a copy error? Should it be the same --homedir as in first RootCmd? Also, it's not too obvious that this section is to be used for existing installations, unlike the Original install and configuration instructions further down.

Use gpg to verify that the keys in the keyring are the correct keys:
root #gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --with-fingerprint --list-keys
Verify the fingerprints of the key(s) against those listed here:  Project:RelEng#Release_security_and_signing

Repeat the following command for each key you wish to trust. (Substitute the keyid '0x...' for the desired key you wish to trust.)

root #gpg --homedir /etc/portage/gpg --edit-key 0xDB6B8C1F96D8BF6D trust
  --Charles17 (talk) 10:00, 22 May 2015 (UTC)
Yes, a missed copy/paste edit. Thanks for seeing it. It is fixed now. Dol-sen (talk) 13:02, 22 May 2015 (UTC)

repos.conf is recommended as a directory

Talk status
This discussion is done.

In FileBox with Clear the sync-type and sync-uri variables the path should reflect repos.conf is recommended to be a directory.

I've fixed this in both the new and old sections of the Validated gpg sync methods Dol-sen (talk) 13:04, 22 May 2015 (UTC)

Set sync-type or not for FEATURES="webrsync-gpg"

Talk status
This discussion is done.

For PORTAGE_GPG_DIR="/var/lib/gentoo/gkeys/keyrings/gentoo/release" it recommends

# For portage-2.2.18 use 'websync'
# For portage-2.2.19 and greater use 'webrsync' (websync was renamed to webrsync)
sync-type = websync

whereas for PORTAGE_GPG_DIR="/etc/portage/gpg" it recommends

# Disable synchronization by clearing the values
# Do not set value of the variables in this configuration file using quotes ('' or "")!
sync-type = 

As using the first version produces a warning message I guess it's also kind of a copy error? --Charles17 (talk) 07:45, 23 May 2015 (UTC)

Showing IDs in key listing.

Talk status
This discussion is done.

I suggest adding the following option to --list-keys:

--keyid-format 0xLONG

This way the user can see key IDs and fingerprints at the same time, to easily verify against the website. So the full command becomes:

gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --with-fingerprint --keyid-format 0xLONG --list-keys

Without this option the keys are listed without any ID, so the user does not know which is which.

I can't edit the Handbook, so dear devs, please add this option.

— The preceding unsigned comment was added by Js0hthwa (talkcontribs) 7 July 2018

Thanks for finding that. Changed. --Grknight (talk) 14:48, 7 November 2018 (UTC)

webrsync-gpg is deprecated

Talk status
This discussion is done as of 30 July 2019.

webrsync-gpg as mentioned in Handbook:Parts/Working/Features#Validated_Gentoo_repository_snapshots is deprecated.

!!! FEATURES=webrsync-gpg is deprecated, see the make.conf(5) man page.--Charles17 (talk) 06:03, 30 July 2019 (UTC)

Changed. Thanks for noticing. --Grknight (talk) 11:10, 30 July 2019 (UTC)
Also, PORTAGE_GPG_DIR in make.conf seems to be superfluous, and even also sync-webrsync-verify-signature = true in repos.conf
--Charles17 (talk) 11:49, 30 July 2019 (UTC)

app-crypt/gkeys has gone

Talk status
This discussion is still ongoing as of October 09, 2020.

gkeys has gone. It should also be removed from Handbook:Parts/Working/Features#Validated_Gentoo_repository_snapshots.
--Charles17 (talk) 06:07, 9 October 2020 (UTC)