Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 872439 Details for
Bug 915330
sys-apps/portage-3.0.51 - emerge: distfile integrity check and unpack is not atomic
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
man/make.conf.5: note locations with trust issues
bug915330-make.conf.patch (text/plain), 4.33 KB, created by
Mike Gilbert
on 2023-10-09 20:51:48 UTC
(
hide
)
Description:
man/make.conf.5: note locations with trust issues
Filename:
MIME Type:
Creator:
Mike Gilbert
Created:
2023-10-09 20:51:48 UTC
Size:
4.33 KB
patch
obsolete
>From b2f543f9b3815ac8e7d7f53ab387ce51f4b8311e Mon Sep 17 00:00:00 2001 >From: Mike Gilbert <floppym@gentoo.org> >Date: Mon, 9 Oct 2023 16:46:31 -0400 >Subject: [PATCH] man/make.conf.5: note locations with trust issues >To: gentoo-portage-dev@lists.gentoo.org > >Bug: https://bugs.gentoo.org/915330 >Signed-off-by: Mike Gilbert <floppym@gentoo.org> >--- > man/make.conf.5 | 14 +++++++++++--- > 1 file changed, 11 insertions(+), 3 deletions(-) > >diff --git a/man/make.conf.5 b/man/make.conf.5 >index 25893c424..045882a17 100644 >--- a/man/make.conf.5 >+++ b/man/make.conf.5 >@@ -207,21 +207,23 @@ Defaults to "/etc/portage/gnupg" > .br > .TP > .B CBUILD > This variable is passed by the \fIebuild scripts\fR to the \fIconfigure\fR > as \fI\-\-build=${CBUILD}\fR only if it is defined. Do not set this yourself > unless you know what you are doing. > .TP > \fBCCACHE_DIR\fR = \fI[path]\fR > Defines the location of the ccache working directory. See the \fBccache\fR(1) > man page for more information. >-.br >+ >+Only trusted users should be granted write access to this location. >+ > Defaults to /var/tmp/ccache > .TP > \fBCCACHE_SIZE\fR = \fI"size"\fR > This controls the space use limitations for ccache. See the \fI\-M\fR flag in > the \fBccache\fR(1) man page for more information. > .TP > .B CFLAGS CXXFLAGS > Use these variables to set the desired optimization/CPU instruction settings > for applications that you compile. These two variables are passed to the C > and C++ compilers, respectively. (CXX is used to refer to the C++ compiler >@@ -275,20 +277,22 @@ of \fBemerge\fR(1) for more information. > This variable is passed by the \fIebuild scripts\fR to the \fIconfigure\fR > as \fI\-\-target=${CTARGET}\fR only if it is defined. > .TP > \fBDISTDIR\fR = \fI[path]\fR > Defines the location of your local source file repository. After packages > are built, it is safe to remove any and all files from this directory since > they will be automatically fetched on demand for a given build. If you would > like to selectively prune obsolete files from this directory, see > \fBeclean\fR(1) from the gentoolkit package. > >+Only trusted users should be granted write access to this location. >+ > Use the \fBPORTAGE_RO_DISTDIRS\fR variable to specify one or > more read-only directories containing distfiles. > .br > Defaults to /var/cache/distfiles. > .TP > .B DOC_SYMLINKS_DIR > If this variable contains a directory then symlinks to html documentation will > be installed into it. > .TP > .B EBEEP_IGNORE >@@ -949,21 +953,23 @@ of \fBNO_COLOR\fR. > Defaults to false. > .TP > \fBPKGDIR\fR = \fI[path]\fR > Defines the location where created .tbz2 or .gpkg binary packages will be > stored when the \fBemerge\fR(1) \fB\-\-buildpkg\fR option is enabled. > By default, a given package is stored in a subdirectory corresponding > to its category. However, for backward compatibility with the layout > used by older versions of portage, if the \fI${PKGDIR}/All\fR directory > exists then all packages will be stored inside of it and symlinks to > the packages will be created in the category subdirectories. >-.br >+ >+Only trusted users should be granted write access to this location. >+ > Defaults to /var/cache/binpkgs. > .TP > .B PORT_LOGDIR > See \fIPORTAGE_LOGDIR\fR below. Deprecated. > .TP > .B PORT_LOGDIR_CLEAN > See \fIPORTAGE_LOGDIR_CLEAN\fR below. Deprecated. > .TP > \fBPORTAGE_BINHOST\fR = \fI[space delimited URI list]\fR > This is a list of hosts from which portage will grab prebuilt\-binary packages. >@@ -1198,21 +1204,23 @@ quotes must be escaped in make.conf settings). > Defaults to no value. > .TP > \fBPORTAGE_SYNC_STALE\fR = \fI[NUMBER]\fR > Defines the number of days after the last `emerge \-\-sync` that a warning > message should be produced. A value of 0 will disable warnings. > .br > Defaults to 30. > .TP > \fBPORTAGE_TMPDIR\fR = \fI[path]\fR > Defines the location of the temporary build directories. >-.br >+ >+Only trusted users should be granted write access to ${PORTAGE_TMPDIR}/portage. >+ > Defaults to /var/tmp. > > This should not be set to point anywhere under location of any repository. > .TP > \fBPORTAGE_TRUST_HELPER\fR = \fI[path]\fR > Defines an executable file which initializes and maintains > /etc/portage/gnupg, installing keys that are trusted for binary package > signing, and refreshing these keys from a key server. This helper is called > before all operations involving remote binary packages if and only if > binpkg-request-signature is in \fBFEATURES\fR. >-- >2.42.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=872439">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 915330
: 872439
