Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 632018

Summary: tarsync: needs cleanup and fixes
Product: Gentoo Infrastructure Reporter: Robin Johnson <robbat2>
Component: OtherAssignee: Gentoo Infrastructure <infra-bugs>
Status: RESOLVED FIXED    
Severity: normal CC: kingjon3377, zmedico
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=702970
Whiteboard:
Package list:
Runtime testing required: ---

Description Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2017-09-25 22:15:59 UTC 
tarsync only supports the bare minimum of the Tar spec.

It recently broke with volume-id header was added, per bug 631616.

Instead of having it's own codebase, it should be rewritten to use some Tar libraries code.

tarsync presently uses the 'cfile' (compressed file) library from the diffball package as well, but nothing else from diffball.
Comment 1 Zac Medico gentoo-dev 2019-12-21 21:47:58 UTC 
I'm seeing a tarsync "error reading" failure like this with gentoo-YYYYMMDD snapshots (should be fixed by elimination of the perl script related to bug 703460), which does not occur with portage-YYYYMMDD snapshots:

> # emerge --sync gentoo
> >>> Syncing repository 'gentoo' into '/var/db/repos/gentoo'...
>  * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
>  * Refreshing keys via WKD ...                                                                                         [ ok ]
> Fetching most recent snapshot ...
> Trying to retrieve 20191220 snapshot from http://distfiles.gentoo.org ...
> Fetching file gentoo-20191220.tar.xz.md5sum ...
> Fetching file gentoo-20191220.tar.xz.gpgsig ...
> Fetching file gentoo-20191220.tar.xz ...
> Checking digest ...
> Checking signature ...
> gpg: Signature made Fri 20 Dec 2019 04:57:27 PM PST
> gpg:                using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
> gpg: Good signature from "Gentoo ebuild repository signing key (Automated Signing Key) <infrastructure@gentoo.org>" [unknown]
> gpg:                 aka "Gentoo Portage Snapshot Signing Key (Automated Signing Key)" [unknown]
> gpg: WARNING: Using untrusted key!
> Getting snapshot timestamp ...
> Syncing local tree ...
> scanning tarball...
> error reading /var/cache/distfiles/gentoo-20191220.tar.xz
> emerge-webrsync: error: tarsync failed; tarball is corrupt? (/var/cache/distfiles/gentoo-20191220.tar.xz)
> Trying to retrieve 20191219 snapshot from http://distfiles.gentoo.org ...
> Fetching file gentoo-20191219.tar.xz.md5sum ...
> Fetching file gentoo-20191219.tar.xz.gpgsig ...
> Fetching file gentoo-20191219.tar.xz ...
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2019-12-23 19:01:31 UTC 
zmedico: please retest with snapshot gentoo-20191222 or newer for the Perl script change.
Comment 3 Zac Medico gentoo-dev 2019-12-23 20:22:45 UTC 
The gentoo-20191222.tar.xz snapshot works for me with tarsync. Thanks!
Comment 4 Alec Warner (RETIRED) archtester gentoo-dev Security 2021-08-26 00:14:32 UTC 
Looks fixed?