Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 632018 - tarsync: needs cleanup and fixes
Summary: tarsync: needs cleanup and fixes
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Other (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Infrastructure
Depends on:
Reported: 2017-09-25 22:15 UTC by Robin Johnson
Modified: 2021-08-26 00:14 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2017-09-25 22:15:59 UTC
tarsync only supports the bare minimum of the Tar spec.

It recently broke with volume-id header was added, per bug 631616.

Instead of having it's own codebase, it should be rewritten to use some Tar libraries code.

tarsync presently uses the 'cfile' (compressed file) library from the diffball package as well, but nothing else from diffball.
Comment 1 Zac Medico gentoo-dev 2019-12-21 21:47:58 UTC
I'm seeing a tarsync "error reading" failure like this with gentoo-YYYYMMDD snapshots (should be fixed by elimination of the perl script related to bug 703460), which does not occur with portage-YYYYMMDD snapshots:

> # emerge --sync gentoo
> >>> Syncing repository 'gentoo' into '/var/db/repos/gentoo'...
>  * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
>  * Refreshing keys via WKD ...                                                                                         [ ok ]
> Fetching most recent snapshot ...
> Trying to retrieve 20191220 snapshot from ...
> Fetching file gentoo-20191220.tar.xz.md5sum ...
> Fetching file gentoo-20191220.tar.xz.gpgsig ...
> Fetching file gentoo-20191220.tar.xz ...
> Checking digest ...
> Checking signature ...
> gpg: Signature made Fri 20 Dec 2019 04:57:27 PM PST
> gpg:                using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
> gpg: Good signature from "Gentoo ebuild repository signing key (Automated Signing Key) <>" [unknown]
> gpg:                 aka "Gentoo Portage Snapshot Signing Key (Automated Signing Key)" [unknown]
> gpg: WARNING: Using untrusted key!
> Getting snapshot timestamp ...
> Syncing local tree ...
> scanning tarball...
> error reading /var/cache/distfiles/gentoo-20191220.tar.xz
> emerge-webrsync: error: tarsync failed; tarball is corrupt? (/var/cache/distfiles/gentoo-20191220.tar.xz)
> Trying to retrieve 20191219 snapshot from ...
> Fetching file gentoo-20191219.tar.xz.md5sum ...
> Fetching file gentoo-20191219.tar.xz.gpgsig ...
> Fetching file gentoo-20191219.tar.xz ...
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2019-12-23 19:01:31 UTC
zmedico: please retest with snapshot gentoo-20191222 or newer for the Perl script change.
Comment 3 Zac Medico gentoo-dev 2019-12-23 20:22:45 UTC
The gentoo-20191222.tar.xz snapshot works for me with tarsync. Thanks!
Comment 4 Alec Warner archtester Gentoo Infrastructure gentoo-dev Security 2021-08-26 00:14:32 UTC
Looks fixed?