Summary: | gemato: [Errno 2] No such file or directory: '/usr/portage/.tmp-unverified-download-quarantine/Manifest' | ||
---|---|---|---|
Product: | Portage Development | Reporter: | Hadrien Lacour <hadrien.lacour> |
Component: | Unclassified | Assignee: | Portage team <dev-portage> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Hadrien Lacour
2019-08-05 09:28:35 UTC
Maybe you've excluded the Manifest file via PORTAGE_RSYNC_EXTRA_OPTS or PORTAGE_RSYNC_OPTS?
Check the output of this command:
> portageq envvar -v PORTAGE_RSYNC_EXTRA_OPTS PORTAGE_RSYNC_OPTS
I get PORTAGE_RSYNC_EXTRA_OPTS= PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" on both systems. Looks normal to me. It looks like this directory isn't on any of the systems, including the server (which doesn't have problem syncing). Do you know what mirror your server last synced from? All mirrors should have the Manifest. Does the server have sync-rsync-verify-metamanifest disabled in /etc/portage/repos.conf? As written, I sync via https://anongit.gentoo.org/git/repo/sync/gentoo.git on the server. In the end, I simply disabled verif on the client. Doing the verification two times seems useless. Would still like to know why it doesn't work, though. For git, use sync-type = git and sync-git-verify-commit-signature as described here: https://wiki.gentoo.org/wiki/Portage_Security#git-mirror_repositories I already use this, please look at the end of the first post where I put the server repos.conf. (In reply to Hadrien Lacour from comment #7) > I already use this, please look at the end of the first post where I put the > server repos.conf. Since the Manifest file is not included in the sync/gentoo git tree, there's no way for the client to verify unless they client also uses sync-type = git. Alternatively, on you server you could use gemato to generate a signed Manifest, and set sync-openpgp-key-path on your client to refer to your exported key. I see, it makes sense for git and rsync to use different verification methods. Thanks for the help |