Bug 662386

Comment 1 Zac Medico 2018-07-29 02:40:12 UTC

Bug 659322 tracks fixes included in the latest version, currently sys-apps/portage-2.3.44:

Bug 660410 - rsync quarantines the download until after verification has succeeded

Bug 660372 - git aborts the checkout if verification fails

Bug 661838 - websync supports repos.conf sync-openpgp-key-path and automatic key refresh

Comment 2 Zac Medico 2018-07-30 02:59:40 UTC

(In reply to Zac Medico from comment #1)
> Bug 660410 - rsync quarantines the download until after verification has
> succeeded

Given this quarantine behavior, hopefully the existing verification failure message is sufficient. Do we need to do more?

> 
> Given this quarantine behavior, hopefully the existing verification failure
> message is sufficient. Do we need to do more?

From what I understand from the description, the tree won't change and emerge won't be using untrusted (compromised) ebuilds if verification fails.

Ok, so in the worst case scenario a user will run an update and will not get any which will look "odd".

However, it would be just "nice" to a have a warning. The common test case is when the "emerge --sync" runs from a cron job (weekly) and "emerge -DNu world" a user runs manually.

Something like "emerge is using a previous trusted tree since the signature verification has failed during the last sync" will do.

Comment 4 Zac Medico 2018-07-30 04:26:19 UTC

Yeah, we can add some kind of flag that triggers a warning message for all future emerge invocations until the flag is cleared.

Comment 5 Zac Medico 2018-07-31 17:36:33 UTC

I'm working on a repository storage framework for bug 662070, and I'm thinking I should add a method to check if there is a previously attempted download that has not been committed (which typically indicates a verification failure).