I'm facing an issue reported in the bug #662224 where the tree verification fails after "emerge --sync". This message is easy to overlook and run "emerge -DNu world" to upgrade the system. Currently, emerge does not warm a user or does not prevent from upgrading even if the verification process failed. It should.
Bug 659322 tracks fixes included in the latest version, currently sys-apps/portage-2.3.44: Bug 660410 - rsync quarantines the download until after verification has succeeded Bug 660372 - git aborts the checkout if verification fails Bug 661838 - websync supports repos.conf sync-openpgp-key-path and automatic key refresh
(In reply to Zac Medico from comment #1) > Bug 660410 - rsync quarantines the download until after verification has > succeeded Given this quarantine behavior, hopefully the existing verification failure message is sufficient. Do we need to do more?
> > Given this quarantine behavior, hopefully the existing verification failure > message is sufficient. Do we need to do more? From what I understand from the description, the tree won't change and emerge won't be using untrusted (compromised) ebuilds if verification fails. Ok, so in the worst case scenario a user will run an update and will not get any which will look "odd". However, it would be just "nice" to a have a warning. The common test case is when the "emerge --sync" runs from a cron job (weekly) and "emerge -DNu world" a user runs manually. Something like "emerge is using a previous trusted tree since the signature verification has failed during the last sync" will do.
Yeah, we can add some kind of flag that triggers a warning message for all future emerge invocations until the flag is cleared.
I'm working on a repository storage framework for bug 662070, and I'm thinking I should add a method to check if there is a previously attempted download that has not been committed (which typically indicates a verification failure).