[gentoo-user] Um...Who can fix this?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was emerging some packages to set up a postfix virtual mailer and got this: emerge (8 of 10) mail-client/sylpheed-claws-1.0.5 to / !!! Security Violation: A file exists that is not in the manifest. !!! File: files/digest-sylpheed-claws-1.9.1 - -- gentux echo hfouvyAdpy/ofu | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint == 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A 6996 0993 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDXUzHLYGSSmmWCZMRAg8rAJ4x4uAeLqb0o+OTR5IpwpkxeLmuLACg6e9B Um0yt8Haw1RRmWulkRLnufY= =ySlo -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
gentuxx wrote: I was emerging some packages to set up a postfix virtual mailer and got this: emerge (8 of 10) mail-client/sylpheed-claws-1.0.5 to / !!! Security Violation: A file exists that is not in the manifest. !!! File: files/digest-sylpheed-claws-1.9.1 # emerge --sync -- or -- # cd /usr/portage/mail-client/sylpheed-claws # ebuild sylpheed-claws-1.9.1.ebuild digest Christoph -- echo mailto: NOSPAM !#$.'*'|sed 's. ..'|tr * !#:2 [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
gentuxx wrote: !!! Security Violation: A file exists that is not in the manifest. !!! File: files/digest-sylpheed-claws-1.9.1 There's a file within the portage structure for sylpheed-claws that it hasn't been told about. Two options: - First, is it's just a standard package from the normal portage tree (i.e. it's not in a layout), then run a sync. If there is still an error, file a bug. - Second, run the digest command. You'll need to do this if it's not in the standard portage tree and it's something you have added. Portage needs to be told all the files within the tree and their md5 values, to make sure nothing bad gets in :) To do this, run # ebuild /path/to/sylpheed-claws-1.9.1.ebuild digest This will run though all the files and rebuilt the digest file. You can do this in the main portage tree aswell, but it's not recommended as something could be there that shouldn't. -- Jonathan Wright ~ mail at djnauk.co.uk ~ www.djnauk.co.uk -- 2.6.13-gentoo-r3-djnauk-b2 AMD Athlon(tm) XP 2100+ up 10:06, 0 users, load average: 3.50, 1.73, 0.83 -- It always seemed to me a bit pointless to disapprove of homosexuality. It's like disapproving of rain. ~ Francis Maude -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jonathan Wright wrote: gentuxx wrote: !!! Security Violation: A file exists that is not in the manifest. !!! File: files/digest-sylpheed-claws-1.9.1 There's a file within the portage structure for sylpheed-claws that it hasn't been told about. Two options: - First, is it's just a standard package from the normal portage tree (i.e. it's not in a layout), then run a sync. If there is still an error, file a bug. I've just run a --sync, and am retrying the emerge... - Second, run the digest command. You'll need to do this if it's not in the standard portage tree and it's something you have added. Portage needs to be told all the files within the tree and their md5 values, to make sure nothing bad gets in :) To do this, run # ebuild /path/to/sylpheed-claws-1.9.1.ebuild digest This will run though all the files and rebuilt the digest file. You can do this in the main portage tree aswell, but it's not recommended as something could be there that shouldn't. Thanks. - -- gentux echo hfouvyAdpy/ofu | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint == 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A 6996 0993 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDXVioLYGSSmmWCZMRAuB5AKCQ1QHpbRStSnovkKi7dxhoMHp2UwCgzmyw GQzxlNvFuGBkPefTvBrByww= =HvrG -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
On Mon, 24 Oct 2005 22:32:46 +0100 Jonathan Wright wrote: - Second, run the digest command. You'll need to do this if it's not in the standard portage tree and it's something you have added. Portage needs to be told all the files within the tree and their md5 values, to make sure nothing bad gets in :) And by running emerge --digest target or ebuild target.ebuild digest screws the digest system, because it substitutes the values you got from the portage mirror with the values from the files on your computer. It destroys any safety that the digest system offers. So if someone has broken into your system and screwed around with the portage tree so that when you install sylpheed-claws it does something nasty, running the digest command will allow that to happen. If the digests are wrong find out what the problem is! -- Nick Rout [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this? -- SOLVED
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nick Rout wrote: On Mon, 24 Oct 2005 22:32:46 +0100 Jonathan Wright wrote: - Second, run the digest command. You'll need to do this if it's not in the standard portage tree and it's something you have added. Portage needs to be told all the files within the tree and their md5 values, to make sure nothing bad gets in :) And by running emerge --digest target or ebuild target.ebuild digest screws the digest system, because it substitutes the values you got from the portage mirror with the values from the files on your computer. It destroys any safety that the digest system offers. So if someone has broken into your system and screwed around with the portage tree so that when you install sylpheed-claws it does something nasty, running the digest command will allow that to happen. If the digests are wrong find out what the problem is! My guess is that it didn't even get to the digest checks when it gave me the error/warning. emerge --sync seems to have fixed the problem. I probably should have tried that before posting. ;-) - -- gentux echo hfouvyAdpy/ofu | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint == 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A 6996 0993 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDXWCsLYGSSmmWCZMRAhEwAJ4oplvQ41TfWsYJL9DmY6DGJ6dvHQCgi/Us wpUly/Hz/3VTvZdFE7k1ILI= =7dn/ -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this? -- SOLVED
On Mon, 24 Oct 2005 15:31:08 -0700 gentuxx [EMAIL PROTECTED] wrote: | My guess is that it didn't even get to the digest checks when it gave | me the error/warning. emerge --sync seems to have fixed the problem. | I probably should have tried that before posting. ;-) What probably happened is that the cvs pull happened mid-commit, after some files had been committed but before the manifest recommit. It's a pretty narrow time slot but it can happen occasionally. Usually an emerge sync will fix it. -- Ciaran McCreesh : Gentoo Developer (Vim, Shell tools, Fluxbox, Cron) Mail: ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm pgp0f2VIijshH.pgp Description: PGP signature
Re: [gentoo-user] Um...Who can fix this?
On Tue, 25 Oct 2005 00:33:11 +0100 Jonathan Wright wrote: So if someone has broken into your system and screwed around with the portage tree so that when you install sylpheed-claws it does something nasty, running the digest command will allow that to happen. Hence the reason I said it wasn't recommended (paragraph following this). However, if you have downloaded a few files from bugzilla and have added them to an extra layout you will have to run a digest command before running portage - it will not run without. He may not have know that, hence giving both points and the bad points about running digest within the main tree. If the digests are wrong find out what the problem is! In this case, it could most likely be the digest itself that was incorrect, but this is rare, while there was nothing else wrong with the system. I wasn't aiming my comment at your advice in particular. I do get concerned when I foten see (in other threads) the suggestion to simply change the digest when there is a digest error. It kinda defeats the purpose of the digest. I agree it is necessary when doing something in your overlay. It seems most people who post to bugs.gentoo.org do not post a digest file. Perhaps they should. -- Nick Rout [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
On Tue, 25 Oct 2005 12:54:14 +1300 Nick Rout [EMAIL PROTECTED] wrote: | I agree it is necessary when doing something in your overlay. It seems | most people who post to bugs.gentoo.org do not post a digest file. | Perhaps they should. Oh please no. -- Ciaran McCreesh : Gentoo Developer (Vim, Shell tools, Fluxbox, Cron) Mail: ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm pgpZSpFbVsVut.pgp Description: PGP signature
Re: [gentoo-user] Um...Who can fix this?
Nick Rout schreef: I agree it is necessary when doing something in your overlay. It seems most people who post to bugs.gentoo.org do not post a digest file. Perhaps they should. Sometimes people do, but iirc this is discouraged by the dev team. Don't know why, but I know if I use an overlay ebuild, the tarball is downloaded when the digest is made (thus the md5 is taken directly from the tarball after downloading). I don't really think I'd want to rely on some unknown person's digest from a download that may not be the same as mine for whatever reason. At least this way I can confirm the tarball is from the legitimate source (by watching the wget output), and if necessary, compare the digest md5 with the md5 on the tarball's homepage (usually available). Having a digest from an 'untrusted source' (it's unofficial, after all) would encourage me to trust sources I shouldn't just trust by default, and I don't want to get into a bad habit like that. Holly -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
On Tue, 25 Oct 2005 01:02:14 +0100 Ciaran McCreesh wrote: On Tue, 25 Oct 2005 12:54:14 +1300 Nick Rout [EMAIL PROTECTED] wrote: | I agree it is necessary when doing something in your overlay. It seems | most people who post to bugs.gentoo.org do not post a digest file. | Perhaps they should. Oh please no. Oh please explain? I am ready to accept I made a stupid suggestion, but i'd like to knoe why it was stooopid :-) -- Nick Rout [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Um...Who can fix this?
On Tue, 25 Oct 2005 13:16:50 +1300 Nick Rout [EMAIL PROTECTED] wrote: | On Tue, 25 Oct 2005 01:02:14 +0100 | Ciaran McCreesh wrote: | | On Tue, 25 Oct 2005 12:54:14 +1300 Nick Rout [EMAIL PROTECTED] | wrote: | | I agree it is necessary when doing something in your overlay. It | | seems most people who post to bugs.gentoo.org do not post a | | digest file. Perhaps they should. | | Oh please no. | | Oh please explain? It's another two worthless emails per bug change. We can't use user-submitted digests anyway. emerge --digest is far simpler. -- Ciaran McCreesh : Gentoo Developer (Vim, Shell tools, Fluxbox, Cron) Mail: ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm pgp9chxtCdrhu.pgp Description: PGP signature
