Summary: | portage needs more signing | ||
---|---|---|---|
Product: | Portage Development | Reporter: | SpanKY <vapier> |
Component: | Conceptual/Abstract Ideas | Assignee: | Portage team <dev-portage> |
Status: | RESOLVED LATER | ||
Severity: | enhancement | CC: | basic |
Priority: | High | Keywords: | Tracker |
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 64258, 64259 | ||
Bug Blocks: |
Description
SpanKY
2004-09-16 06:04:33 UTC
Comment from a gentoo-user: Yes. I also think signing should really be pushed more. Also the documentation for the already implemented features could need improvement: I set the "gpg"-FEATURE and it complains because portage cant check the manifests ... for example the man-pages Manifest is signed by a key 4BB5F4CA that i couldnt find anywhere. Where do I get these keys? Another thing I really would like to see is checking of signed binaries from a BINHOST. Concerning signed binaries: Maybe portage could generate a signature for the .tbz2 in /var/tmp/portage/package/build-info. Putting a hold on feature requests for portage as they are drowning out the bugs. Most of these features should be available in the next major version of portage. But for the time being, they are just drowning out the major bugs and delaying the next version's progress. Any bugs that contain patches and any bugs for etc-update or dispatch-conf can be reopened. Sorry, I'm just not good enough with bugzilla. ;) |