Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 597590 - Add hook after fetching the Packages file when using the getbinpkg feature
Summary: Add hook after fetching the Packages file when using the getbinpkg feature
Status: RESOLVED OBSOLETE
Alias: None
Product: Portage Development
Classification: Unclassified
Component: Enhancement/Feature Requests (show other bugs)
Hardware: All All
: Normal normal
Assignee: Portage team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 377365
  Show dependency tree
 
Reported: 2016-10-20 05:47 UTC by MCassaniti
Modified: 2022-10-20 01:50 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description MCassaniti 2016-10-20 05:47:53 UTC 
This enhancement proposal is to add a hook so that whenever an __updated or new__ copy of the Packages file from a binary package host is fetched, the hooked script will parse the file.

A directory under /etc/portage will need to be created, similar to the repo.postsync.d directory. If the script returns a non-zero exit code, then the fetch of the file is considered failed. If multiple servers are listed in PORTAGE_BINHOST, the next should be tried. If all servers fail then the emerge process should stop.

The script arguments are:
1. Path to a temporary copy of Packages.
2. The full URL path that the Packages file was fetched from.

My primary use case is to verify a detached signature of the Packages file. This would be done by fetching something like ${2}.asc and checking the signature of the given file path.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-10-20 01:50:24 UTC 
This is obsolete given we have proper GPG support now (bug 266879).