Enable sync-webrsync-verify-signature by default. Use a new
PORTAGE_TEMP_GPG_DIR variable to distinguish indirect emerge-webrsync
calls that use gemato for secure key refresh, and disable direct
emerge-webrsync calls.
Deprecate FEATURES=webrsync-gpg and use it to trigger a
backward-compatibility mode where direct emerge-webrsync calls are
allowed (but trigger a warning message). Since direct emerge-webrsync
calls do not use gemato for secure key refresh, this behavior will
not be supported in a future release.
Bug: https://bugs.gentoo.org/689506
---
bin/emerge-webrsync | 19 ---
lib/portage/package/ebuild/config.py | 4
lib/portage/sync/modules/webrsync/webrsync.py | 3 ++-
man/make.conf.5 | 6 --
man/portage.5 | 2 +-
misc/emerge-delta-webrsync| 19 ---
6 files changed, 43 insertions(+), 10 deletions(-)
diff --git a/bin/emerge-webrsync b/bin/emerge-webrsync
index f622dde3e..25daaf8eb 100755
--- a/bin/emerge-webrsync
+++ b/bin/emerge-webrsync
@@ -50,7 +50,7 @@ eval "$("${portageq}" envvar -v DISTDIR EPREFIX FEATURES \
FETCHCOMMAND GENTOO_MIRRORS \
PORTAGE_BIN_PATH PORTAGE_CONFIGROOT PORTAGE_GPG_DIR \
PORTAGE_NICENESS PORTAGE_REPOSITORIES PORTAGE_RSYNC_EXTRA_OPTS \
- PORTAGE_RSYNC_OPTS PORTAGE_TMPDIR \
+ PORTAGE_RSYNC_OPTS PORTAGE_TEMP_GPG_DIR PORTAGE_TMPDIR \
USERLAND http_proxy ftp_proxy)"
export http_proxy ftp_proxy
@@ -74,9 +74,21 @@ do_verbose=0
do_debug=0
keep=false
-if has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature | \
+has webrsync-gpg ${FEATURES} && webrsync_gpg=1 || webrsync_gpg=0
+
+if [[ ${webrsync_gpg} -eq 1 ]]; then
+ wecho "FEATURES=webrsync-gpg is deprecated, see the make.conf(5) man
page."
+fi
+
+if [[ -n ${PORTAGE_TEMP_GPG_DIR} ]] ||
+ has $(__repo_attr "${repo_name}" sync-webrsync-verify-signature |
LC_ALL=C tr '[:upper:]' '[:lower:]') true yes; then
- if [[ ! -d ${PORTAGE_GPG_DIR} ]]; then
+ # If FEATURES=webrsync-gpg is enabled then allow direct emerge-webrsync
+ # calls for backward compatibility (this triggers a deprecation warning
+ # above). Since direct emerge-webrsync calls do not use gemato for
secure
+ # key refresh, this behavior will not be supported in a future release.
+ if [[ ! ( -d ${PORTAGE_GPG_DIR} && ${webrsync_gpg} -eq 1 ) &&
+ -z ${PORTAGE_TEMP_GPG_DIR} ]]; then
eecho "Do not call ${argv0##*/} directly, instead call emerge
--sync or emaint sync."
exit 1
fi
@@ -86,6 +98,7 @@ elif has webrsync-gpg ${FEATURES}; then
else
WEBSYNC_VERIFY_SIGNATURE=0
fi
+[[ -n ${PORTAGE_TEMP_GPG_DIR} ]] && PORTAGE_GPG_DIR=${PORTAGE_TEMP_GPG_DIR}
if [ ${WEBSYNC_VERIFY_SIGNATURE} != 0 -a -z "${PORTAGE_GPG_DIR}" ]; then
eecho "please set PORTAGE_GPG_DIR in make.conf"
exit 1
diff --git a/lib/portage/package/ebuild/config.py
b/lib/portage/package/ebuild/config.py
index 780013bca..83a15b370 100644
--- a/lib/portage/package/ebuild/config.py
+++ b/lib/portage/package/ebuild/config.py
@@ -1205,6 +1205,10 @@ class config(object):
writemsg(_("!!! FEATURES=fakeroot is enabled, but the "
"fakeroot binary is not installed.\n"),
noiselevel=-1)
+ if "webrsync-gpg" in self.features:
+ writemsg(_("!!! FEATURES=webrsync-gpg is deprecated,
see the make.conf(5) man page.\n"),
+ noiselevel=-1)
+
if os.getuid() == 0 and not hasattr(os, "setgroups"):
warning_shown = False
diff --git a/lib/portage/sync/modules/webrsync/webrsync.py
b/lib/portage/sync/modules/webrsync/webrsync.py
index 609ba0be2..6228cb93c 100644
--- a/lib/portage/sync/modules/webrsync/webrsync.py
+++ b/lib/portage/sync/modules/webrsync/webrsync.py
@@ -62,7 +62,7 @@ class WebRsync(SyncBase):
openpgp_env = None
try:
if self.repo.module_specific_options.get(
- 'sync-webrsync-verify-signature',
'false').lower() in ('true', 'yes'):
+ 'sync-webrsync-verify-signature',
'true').lower() in ('true', 'yes'):
if not self.repo.sync_openpgp_key_path:
writemsg_level("!!!
sync-openpgp-key-path is not set\n",
@@ -88,6 +88,7 @@ class WebRsync(SyncBase):
openpgp_env.import_key(f)
self._refresh_keys(openpgp_env)
self.spawn_kwargs["env"]["PORTAGE_GPG_DIR"] = openpgp_env.home
+
self.spawn_kwargs["env"]["PORTAGE_TEMP_GPG_DIR"] = openpgp_env.home
except
