680908 – sys-apps/portage: enable user settable gpg keyservers

Bug 680908 - sys-apps/portage: enable user settable gpg keyservers

Summary: sys-apps/portage: enable user settable gpg keyservers

Status:	RESOLVED FIXED

Alias:	None

Product:	Portage Development
Classification:	Unclassified
Component:	Core - Configuration (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Portage team

URL:	https://archives.gentoo.org/gentoo-po...
Whiteboard:
Keywords:	InVCS

Depends on:
Blocks:	240187 683434
	Show dependency tree

Reported:	2019-03-19 00:35 UTC by Zac Medico
Modified:	2019-06-23 18:31 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Zac Medico gentoo-dev

2019-03-19 00:35:23 UTC

See patch:

https://archives.gentoo.org/gentoo-portage-dev/message/b0c46468b18a9a7430e7dfbaf158c772

Comment 1 Matthew Thode ( prometheanfire ) archtester

2019-03-19 00:38:27 UTC

https://archives.gentoo.org/gentoo-portage-dev/message/78bacfce2d44aca024178d7a48d3ad68

is the most updated patch

Comment 2 Larry the Git Cow gentoo-dev

2019-03-31 19:31:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/portage.git/commit/?id=244a4021ce58268336fd7b120ab7b9eb09acb26e

commit 244a4021ce58268336fd7b120ab7b9eb09acb26e
Author:     Matthew Thode <mthode@mthode.org>
AuthorDate: 2019-02-25 20:14:20 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2019-03-31 19:29:04 +0000

    repos.conf: add sync-openpgp-keyserver option (bug 680908)
    
    Allowing users to define which keyservers they update from allows them
    to work around buggy keyservers. It is also useful for local mirrors
    and / or private keyservers.
    
    Bug: https://bugs.gentoo.org/680908
    Signed-off-by: Matthew Thode <mthode@mthode.org>
    Signed-off-by: Zac Medico <zmedico@gentoo.org>

 lib/portage/repository/config.py | 6 ++++++
 lib/portage/sync/syncbase.py     | 6 +++---
 man/portage.5                    | 5 +++++
 3 files changed, 14 insertions(+), 3 deletions(-)

Comment 3 J. Paul Reed 2019-06-08 00:27:53 UTC

I was syncing my portage tree today, and this patch introduces a bit of a confusing message for users:

>>> Syncing repository 'gentoo' into '/usr/portage'...
> * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
> * Refreshing keys from keyserver None ...                               [ ok ]

This implies to the user that the keys AREN'T being refreshed from _any_ keyserver, when it looks to me (based on a cursory examination of the Gemato code?) that if the keyserver argument is None, then the keys are refreshed "from their assigned keyserver" (https://github.com/mgorny/gemato/blob/master/gemato/openpgp.py)

This message was different / surprising enough to me that I spent some time in #gentoo, where I was told that "everything is fine," where, ultimately, I suppose it was, but I had to spend about 20 minutes digging through source to convince myself of that.

Would it be possible to wrap this status line (https://github.com/gentoo/portage/blob/244a4021ce58268336fd7b120ab7b9eb09acb26e/lib/portage/sync/syncbase.py#L255) with an appropriate check on whether self.repo.sync_openpgp_keyserver is None, so that it prints the previous message in that case, and prints the user-defined server name in not-that-case.

I understand that this is a fit-and-finish issue, really, but I'm trying to save future Gentoo'ers both the surprise and the associated goose chase...