Bug 680908

Summary:	sys-apps/portage: enable user settable gpg keyservers
Product:	Portage Development	Reporter:	Zac Medico <zmedico>
Component:	Core - Configuration	Assignee:	Portage team <dev-portage>
Status:	RESOLVED FIXED
Severity:	normal	CC:	esigra, prometheanfire
Priority:	Normal	Keywords:	InVCS
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://archives.gentoo.org/gentoo-portage-dev/message/b0c46468b18a9a7430e7dfbaf158c772
Whiteboard:
Package list:		Runtime testing required:	---
Bug Depends on:
Bug Blocks:	240187, 683434

Description Zac Medico gentoo-dev

2019-03-19 00:35:23 UTC

See patch:

https://archives.gentoo.org/gentoo-portage-dev/message/b0c46468b18a9a7430e7dfbaf158c772

Comment 1 Matthew Thode ( prometheanfire ) archtester

2019-03-19 00:38:27 UTC

https://archives.gentoo.org/gentoo-portage-dev/message/78bacfce2d44aca024178d7a48d3ad68

is the most updated patch

Comment 2 Larry the Git Cow gentoo-dev

2019-03-31 19:31:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/portage.git/commit/?id=244a4021ce58268336fd7b120ab7b9eb09acb26e

commit 244a4021ce58268336fd7b120ab7b9eb09acb26e
Author:     Matthew Thode <mthode@mthode.org>
AuthorDate: 2019-02-25 20:14:20 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2019-03-31 19:29:04 +0000

    repos.conf: add sync-openpgp-keyserver option (bug 680908)
    
    Allowing users to define which keyservers they update from allows them
    to work around buggy keyservers. It is also useful for local mirrors
    and / or private keyservers.
    
    Bug: https://bugs.gentoo.org/680908
    Signed-off-by: Matthew Thode <mthode@mthode.org>
    Signed-off-by: Zac Medico <zmedico@gentoo.org>

 lib/portage/repository/config.py | 6 ++++++
 lib/portage/sync/syncbase.py     | 6 +++---
 man/portage.5                    | 5 +++++
 3 files changed, 14 insertions(+), 3 deletions(-)

Comment 3 J. Paul Reed 2019-06-08 00:27:53 UTC

I was syncing my portage tree today, and this patch introduces a bit of a confusing message for users:

>>> Syncing repository 'gentoo' into '/usr/portage'...
> * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
> * Refreshing keys from keyserver None ...                               [ ok ]

This implies to the user that the keys AREN'T being refreshed from _any_ keyserver, when it looks to me (based on a cursory examination of the Gemato code?) that if the keyserver argument is None, then the keys are refreshed "from their assigned keyserver" (https://github.com/mgorny/gemato/blob/master/gemato/openpgp.py)

This message was different / surprising enough to me that I spent some time in #gentoo, where I was told that "everything is fine," where, ultimately, I suppose it was, but I had to spend about 20 minutes digging through source to convince myself of that.

Would it be possible to wrap this status line (https://github.com/gentoo/portage/blob/244a4021ce58268336fd7b120ab7b9eb09acb26e/lib/portage/sync/syncbase.py#L255) with an appropriate check on whether self.repo.sync_openpgp_keyserver is None, so that it prints the previous message in that case, and prints the user-defined server name in not-that-case.

I understand that this is a fit-and-finish issue, really, but I'm trying to save future Gentoo'ers both the surprise and the associated goose chase...