Since some time i run my portage git repository on my server which syncs every day. With the added script. From time to time the gpg signature check fails. When i manually download them they fit. Is the link on the server not always valid? The update from the server happens in my daily cron job. Time: 03:09 Europe/Berlin For example the current files which are ok, are from ls -la /tmp/portage-latest.tar.xz* -rw-r--r-- 1 root root 67413520 8. Aug 02:45 /tmp/portage-latest.tar.xz -rw-r--r-- 1 root root 819 8. Aug 02:55 /tmp/portage-latest.tar.xz.gpgsig cat /etc/timezone Europe/Berlin Reproducible: Sometimes
Created attachment 408530 [details] My update script to sync the tree
Should i change the time, when the portage tree gets downloaded?
Is this still occurring? The portage tarball release process has been updated somewhat since the change to git.
The last times it didnt happen again. I guess it can be closed
thanks, closing
It happened again. It seems that there is something not always in sync. gpg: Signature made Tue Oct 13 02:55:18 2015 CEST using RSA key ID C9189250 gpg: BAD signature from "Gentoo Portage Snapshot Signing Key (Automated Signing Key)" [ultimate] Am i the only one who checks gpg signatures?
that's key id seems valid.... I use portage tarballs with signing as well. C9189250 it's our signing subkey https://wiki.gentoo.org/wiki//etc/portage/repos.conf/webrsync.conf https://wiki.gentoo.org/wiki/Handbook:Parts/Working/Features#Pulling_validated_Gentoo_ebuild_tree_snapshots gpg --homedir /etc/portage/gpg/ --list-keys /etc/portage/gpg//pubring.gpg ----------------------------- pub dsa1024/239C75C4 2007-11-25 [expired: 2012-05-23] uid [ expired] Gentoo Portage Snapshot Signing Key (Automated Signing Key) pub rsa4096/96D8BF6D 2011-11-25 [expires: 2015-11-24] uid [ unknown] Gentoo Portage Snapshot Signing Key (Automated Signing Key) sub rsa4096/C9189250 2011-11-25 [expires: 2015-11-24]
I suspect you may be hitting it in middle of mirror update or something like that. Would it possible for you to check if it happens an hour later or sth like that?
I already changed my cron job time to 2 hours later.
Hmm, then I suspect the download may be distorted midway. Are you sure that the download does not get interrupted somehow?