On Thu, Jan 27, 2011 at 11:24 AM, Zac Medico <zmed...@gentoo.org> wrote:
> On 01/27/2011 09:05 AM, Matthew Summers wrote: > > Now, as to whether to include the value ESVN_PASSWORD in the ebuild, I > would > > not do that. Personally, I would setup svn+ssh and use an ssh key to > access > > the repo. I do this with git using the git eclass. I am prompted for a > > password/key by portage in this case. To automate this using an ssh key, > you > > can just use a passwordless key or setup ssh-agent. Also note, the key > will > > be sought out first in /root/.ssh (I think it looks there first anyway). > > In this case, you could potentially have a problem if you have > FEATURES=userpriv enabled, since that would cause src_unpack to execute > as the "portage" user. > > > Regarding your final question, I think that portage will ask you to enter > > the password if it tries to access something over HTTPS requiring > > authentication, but I am not 100% certain at the moment. > > In this case, depending on the FETCHCOMMAND behavior, you could have a > problem with FEATURES=parallel-fetch since it launches fetches in the > background. So, if background fetch doesn't fail gracefully, you might > want to set FEATURES="-parallel-fetch" in /etc/make.conf. > > Also, you could set PROPERTIES=interactive in the ebuild, in order > ensure that the fetcher is executed in the foreground. > -- > Thanks > Zac > > These are excellent points Zac, thank you for illuminating this functionality. One question though. Since the 'portage' user has its $home set by default to /var/tmp/portage how would you recommend handling the ssh key situation since that directory is somewhat special? Thanks! Matthew W. Summers
