News Item: Portage rsync tree verification unstable

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

News Item: Portage rsync tree verification unstable

Zac Medico-2
Please review. This is needed in order to resolve
https://bugs.gentoo.org/650072.

Title: Portage rsync tree verification unstable
Author: Zac Medico <[hidden email]>
Posted: 2018-03-13
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: sys-apps/portage

Starting with sys-apps/portage-2.3.24, Portage will no longer verify
the Gentoo repository after rsync by default, which contradicts the
earlier "Portage rsync tree verification" news item.

If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
they need to follow these steps:

1) In order to unmask the 'rsync-verify' USE flag, create a file named
/etc/portage/profile/package.use.mask containing a line like the
following:

    sys-apps/portage -rsync-verify

2) Once the 'rsync-verify' USE flag has been unmasked as described
in step 1, it can be enabled with a line like the folling in
/etc/portage/package.use:

    sys-apps/portage rsync-verify

3) After the configuration changes in steps 1 and 2 have been made, run
the following command:

    emerge --oneshot --newuse '>=sys-apps/portage-2.3.24'

After all above steps are successfully completed, a line like the
following should appear in the emerge --info output for the gentoo
repository:

    sync-rsync-verify-metamanifest: yes

If you wish to disable it for some reason, you can set
'sync-rsync-verify-metamanifest = no' in your repos.conf.

Problems related to the 'rsync-verify' USE flag are tracked here:

    https://bugs.gentoo.org/650144

--
Thanks,
Zac

2018-03-13-portage-rsync-verification-unstable.en.txt (1K) Download Attachment
signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item: Portage rsync tree verification unstable

M. J. Everitt
On 10/03/18 21:22, Zac Medico wrote:
> Please review. This is needed in order to resolve
> https://bugs.gentoo.org/650072.
<snip>
> 2) Once the 'rsync-verify' USE flag has been unmasked as described
> in step 1, it can be enabled with a line like the folling in
> /etc/portage/package.use:
s/folling/following/

:)



signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item: Portage rsync tree verification unstable

Michał Górny-5
In reply to this post by Zac Medico-2
W dniu sob, 10.03.2018 o godzinie 13∶22 -0800, użytkownik Zac Medico
napisał:

> Please review. This is needed in order to resolve
> https://bugs.gentoo.org/650072.
>
> Title: Portage rsync tree verification unstable
> Author: Zac Medico <[hidden email]>
> Posted: 2018-03-13
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: sys-apps/portage
>
> Starting with sys-apps/portage-2.3.24, Portage will no longer verify
> the Gentoo repository after rsync by default, which contradicts the
> earlier "Portage rsync tree verification" news item.
>
> If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
> they need to follow these steps:
>
> 1) In order to unmask the 'rsync-verify' USE flag, create a file named
> /etc/portage/profile/package.use.mask containing a line like the
> following:
>
>     sys-apps/portage -rsync-verify

Why do you need to mask it in the first place? The dependencies are
stable, and it's not like having it unmasked-but-off-by-default is going
to cause any major harm.

>
> 2) Once the 'rsync-verify' USE flag has been unmasked as described
> in step 1, it can be enabled with a line like the folling in
> /etc/portage/package.use:
>
>     sys-apps/portage rsync-verify
>
> 3) After the configuration changes in steps 1 and 2 have been made, run
> the following command:
>
>     emerge --oneshot --newuse '>=sys-apps/portage-2.3.24'
>
> After all above steps are successfully completed, a line like the
> following should appear in the emerge --info output for the gentoo
> repository:
>
>     sync-rsync-verify-metamanifest: yes
>
> If you wish to disable it for some reason, you can set
> 'sync-rsync-verify-metamanifest = no' in your repos.conf.
>
> Problems related to the 'rsync-verify' USE flag are tracked here:
>
>     https://bugs.gentoo.org/650144
>

--
Best regards,
Michał Górny


Reply | Threaded
Open this post in threaded view
|

Re: News Item: Portage rsync tree verification unstable

Zac Medico-2
On 03/10/2018 01:42 PM, Michał Górny wrote:

> W dniu sob, 10.03.2018 o godzinie 13∶22 -0800, użytkownik Zac Medico
> napisał:
>> Please review. This is needed in order to resolve
>> https://bugs.gentoo.org/650072.
>>
>> Title: Portage rsync tree verification unstable
>> Author: Zac Medico <[hidden email]>
>> Posted: 2018-03-13
>> Revision: 1
>> News-Item-Format: 2.0
>> Display-If-Installed: sys-apps/portage
>>
>> Starting with sys-apps/portage-2.3.24, Portage will no longer verify
>> the Gentoo repository after rsync by default, which contradicts the
>> earlier "Portage rsync tree verification" news item.
>>
>> If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
>> they need to follow these steps:
>>
>> 1) In order to unmask the 'rsync-verify' USE flag, create a file named
>> /etc/portage/profile/package.use.mask containing a line like the
>> following:
>>
>>     sys-apps/portage -rsync-verify
>
> Why do you need to mask it in the first place? The dependencies are
> stable, and it's not like having it unmasked-but-off-by-default is going
> to cause any major harm.
It's only in packages.use.stable.mask, but it simplifies the
instructions for users if we simply refer to package.use.mask here.

Since gemato doesn't have stable keywords yet, the
packages.use.stable.mask is needed so that repoman will allow us
stabilize the latest sys-apps/portage.
--
Thanks,
Zac


signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item: Portage rsync tree verification unstable

Robin H. Johnson-2
In reply to this post by Zac Medico-2
On Sat, Mar 10, 2018 at 01:22:49PM -0800, Zac Medico wrote:

> Please review. This is needed in order to resolve
> https://bugs.gentoo.org/650072.
>
> Title: Portage rsync tree verification unstable
> Author: Zac Medico <[hidden email]>
> Posted: 2018-03-13
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: sys-apps/portage
>
> Starting with sys-apps/portage-2.3.24, Portage will no longer verify
> the Gentoo repository after rsync by default, which contradicts the
> earlier "Portage rsync tree verification" news item.
Can we have something in this message that tells users WHY it's
unstable, beyond just linking to bug 650144? I also don't see any
stablereq bug for gemato yet, which should probably also be tracked.

A rewrite of this first paragraph to that effect:

]] Portage rsync tree verification is being temporarily turned off by
]] default, starting with sys-apps/portage-2.3.24. This permits
]] stabilization of sys-apps/portage-2.3.24 while still working on bugs
]] relating to tree verification [1]: deadlocks [2] & key fetching [3]
]]
]] [1] https://bugs.gentoo.org/650144 sys-apps/portage: [TRACKER] issues related to 'rsync-verify' USE flag
]] [2] https://bugs.gentoo.org/647964 app-portage/gemato-11.2: deadlock?
]] [3] https://bugs.gentoo.org/649276 sys-apps/portage: gpg key refresh needs exponential backoff with jitter

--
Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Treasurer
E-Mail   : [hidden email]
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136

signature.asc (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

News Item v2: Portage rsync tree verification unstable

Zac Medico-2
In reply to this post by Zac Medico-2
Changes:
  * First paragraph rewritten by Robin Johnson <robbat2>
  * Fixes spelling of 'following' reported by Michael Everitt


Title: Portage rsync tree verification unstable
Author: Zac Medico <[hidden email]>
Posted: 2018-03-13
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: sys-apps/portage

Portage rsync tree verification is being temporarily turned off by
default, starting with sys-apps/portage-2.3.24. This permits
stabilization of sys-apps/portage-2.3.24 while still working on bugs
relating to tree verification [1]: deadlocks [2] & key fetching [3].

If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
they need to follow these steps:

1) In order to unmask the 'rsync-verify' USE flag, create a file named
/etc/portage/profile/package.use.mask containing a line like the
following:

    sys-apps/portage -rsync-verify

2) Once the 'rsync-verify' USE flag has been unmasked as described
in step 1, it can be enabled with a line like the following in
/etc/portage/package.use:

    sys-apps/portage rsync-verify

3) After the configuration changes in steps 1 and 2 have been made, run
the following command:

    emerge --oneshot --newuse '>=sys-apps/portage-2.3.24'

After all above steps are successfully completed, a line like the
following should appear in the emerge --info output for the gentoo
repository:

    sync-rsync-verify-metamanifest: yes

If you wish to disable it for some reason, you can set
'sync-rsync-verify-metamanifest = no' in your repos.conf.

[1] https://bugs.gentoo.org/650144 sys-apps/portage: [TRACKER] issues
    related to 'rsync-verify' USE flag
[2] https://bugs.gentoo.org/647964 app-portage/gemato-11.2: deadlock?
[3] https://bugs.gentoo.org/649276 sys-apps/portage: gpg key refresh
    needs exponential backoff with jitter
--
Thanks,
Zac


signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Duncan-42
Zac Medico posted on Sat, 10 Mar 2018 15:16:29 -0800 as excerpted:

> Changes:
>   * First paragraph rewritten by Robin Johnson <robbat2>
>   * Fixes spelling of 'following' reported by Michael Everitt
>
>
> Title: Portage rsync tree verification unstable
> Author: Zac Medico <[hidden email]>
> Posted: 2018-03-13
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: sys-apps/portage
>
> Portage rsync tree verification is being temporarily turned off by
> default, starting with sys-apps/portage-2.3.24. This permits
> stabilization of sys-apps/portage-2.3.24 while still working on bugs
> relating to tree verification [1]: deadlocks [2] & key fetching [3].

> [...]

With robbat2's first paragraph rewrite the effect isn't quite as bad
as that of the first draft, but the title still refers to "unstable",
which in addition to the intended package-stability meaning, has a
number of more severe and thus unnecessarily alarming meanings not
intended here.

FWIW, being security minded and knowing verification related to
security, my own first thought was an app instability due to a
potentially exploitable buffer-overflow... in code dealing with
verification and thus potentially remotely triggerable during
verification itself, definitely more alarming than intended!

Thankfully robbat2's rewrite clarifies in the body now, but
I still think the title remains overly alarming.

Maybe "... remains unstable" or "not yet stable", as in:

Title: Portage rsync tree verification not yet stable

Or better, refer to the FEATURE flag "rsync-verify" in the title,
so it's clear it's not a portage/emerge-executable instability,
and clarify that it's the stable keyword, something like this
(but might be too long, do those news item short title limits
still apply?):

Title: Portage rsync-verify feature not yet stable-keyworded

Perhaps omit the -keyworded if that's too long:

Title: Portage rsync-verify feature not yet stable

Feel free to revise further...

--
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman


Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Michał Górny-5
In reply to this post by Zac Medico-2
W dniu sob, 10.03.2018 o godzinie 15∶16 -0800, użytkownik Zac Medico
napisał:

> Changes:
>   * First paragraph rewritten by Robin Johnson <robbat2>
>   * Fixes spelling of 'following' reported by Michael Everitt
>
>
> Title: Portage rsync tree verification unstable
> Author: Zac Medico <[hidden email]>
> Posted: 2018-03-13
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: sys-apps/portage
>
> Portage rsync tree verification is being temporarily turned off by
> default, starting with sys-apps/portage-2.3.24. This permits
> stabilization of sys-apps/portage-2.3.24 while still working on bugs
> relating to tree verification [1]: deadlocks [2] & key fetching [3].
>
> If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
> they need to follow these steps:
>
> 1) In order to unmask the 'rsync-verify' USE flag, create a file named
> /etc/portage/profile/package.use.mask containing a line like the
> following:
>
>     sys-apps/portage -rsync-verify
>
> 2) Once the 'rsync-verify' USE flag has been unmasked as described
> in step 1, it can be enabled with a line like the following in
> /etc/portage/package.use:
>
>     sys-apps/portage rsync-verify
>
> 3) After the configuration changes in steps 1 and 2 have been made, run
> the following command:
>
>     emerge --oneshot --newuse '>=sys-apps/portage-2.3.24'
>

Not sure if it's for better or worse but I suppose some users would find
it easier if you provided a copy-paste snippet instead of or in addition
to detailed instructions, e.g.:

echo sys-apps/portage -rsync-verify >> /etc/portage/profile/package.use.mask
echo sys-apps/portage rsync-verify >> /etc/portage/package.use
emerge -1v
sys-apps/portage

--
Best regards,
Michał Górny


Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Zac Medico-2
On 03/11/2018 12:39 AM, Michał Górny wrote:

> W dniu sob, 10.03.2018 o godzinie 15∶16 -0800, użytkownik Zac Medico
> napisał:
>> Changes:
>>   * First paragraph rewritten by Robin Johnson <robbat2>
>>   * Fixes spelling of 'following' reported by Michael Everitt
>>
>>
>> Title: Portage rsync tree verification unstable
>> Author: Zac Medico <[hidden email]>
>> Posted: 2018-03-13
>> Revision: 1
>> News-Item-Format: 2.0
>> Display-If-Installed: sys-apps/portage
>>
>> Portage rsync tree verification is being temporarily turned off by
>> default, starting with sys-apps/portage-2.3.24. This permits
>> stabilization of sys-apps/portage-2.3.24 while still working on bugs
>> relating to tree verification [1]: deadlocks [2] & key fetching [3].
>>
>> If users wish to enable the 'rsync-verify' USE flag for sys-apps/portage,
>> they need to follow these steps:
>>
>> 1) In order to unmask the 'rsync-verify' USE flag, create a file named
>> /etc/portage/profile/package.use.mask containing a line like the
>> following:
>>
>>     sys-apps/portage -rsync-verify
>>
>> 2) Once the 'rsync-verify' USE flag has been unmasked as described
>> in step 1, it can be enabled with a line like the following in
>> /etc/portage/package.use:
>>
>>     sys-apps/portage rsync-verify
>>
>> 3) After the configuration changes in steps 1 and 2 have been made, run
>> the following command:
>>
>>     emerge --oneshot --newuse '>=sys-apps/portage-2.3.24'
>>
>
> Not sure if it's for better or worse but I suppose some users would find
> it easier if you provided a copy-paste snippet instead of or in addition
> to detailed instructions, e.g.:
>
> echo sys-apps/portage -rsync-verify >> /etc/portage/profile/package.use.mask
> echo sys-apps/portage rsync-verify >> /etc/portage/package.use
> emerge -1v
> sys-apps/portage
That's tempting, but I like my version better, and I'd prefer not to
include the shell version in addition since it's redundant and it give
people something more to nitpick.
--
Thanks,
Zac


signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Zac Medico-2
In reply to this post by Duncan-42
On 03/10/2018 05:38 PM, Duncan wrote:

> Zac Medico posted on Sat, 10 Mar 2018 15:16:29 -0800 as excerpted:
>
>> Changes:
>>   * First paragraph rewritten by Robin Johnson <robbat2>
>>   * Fixes spelling of 'following' reported by Michael Everitt
>>
>>
>> Title: Portage rsync tree verification unstable
>> Author: Zac Medico <[hidden email]>
>> Posted: 2018-03-13
>> Revision: 1
>> News-Item-Format: 2.0
>> Display-If-Installed: sys-apps/portage
>>
>> Portage rsync tree verification is being temporarily turned off by
>> default, starting with sys-apps/portage-2.3.24. This permits
>> stabilization of sys-apps/portage-2.3.24 while still working on bugs
>> relating to tree verification [1]: deadlocks [2] & key fetching [3].
>
>> [...]
>
> With robbat2's first paragraph rewrite the effect isn't quite as bad
> as that of the first draft, but the title still refers to "unstable",
> which in addition to the intended package-stability meaning, has a
> number of more severe and thus unnecessarily alarming meanings not
> intended here.
>
> FWIW, being security minded and knowing verification related to
> security, my own first thought was an app instability due to a
> potentially exploitable buffer-overflow... in code dealing with
> verification and thus potentially remotely triggerable during
> verification itself, definitely more alarming than intended!
>
> Thankfully robbat2's rewrite clarifies in the body now, but
> I still think the title remains overly alarming.
>
> Maybe "... remains unstable" or "not yet stable", as in:
Well, "unstable" sounds alarming when used to describe a person's
emotional state, but it then context of software I think it's less
alarming. I've found some discussion here:

https://english.stackexchange.com/questions/8351/what-s-the-etymology-of-the-word-unstable-in-the-context-of-software

> Title: Portage rsync tree verification not yet stable
>
> Or better, refer to the FEATURE flag "rsync-verify" in the title,
> so it's clear it's not a portage/emerge-executable instability,
> and clarify that it's the stable keyword, something like this
> (but might be too long, do those news item short title limits
> still apply?):
>
> Title: Portage rsync-verify feature not yet stable-keyworded
>
> Perhaps omit the -keyworded if that's too long:
>
> Title: Portage rsync-verify feature not yet stable
>
> Feel free to revise further...
I really don't want to spend a lot of time making revisions, and I think
"unstable" communicates well enough in this case.
--
Thanks,
Zac


signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Duncan-42
Zac Medico posted on Sun, 11 Mar 2018 19:57:31 -0700 as excerpted:

> I really don't want to spend a lot of time making revisions, and I think
> "unstable" communicates well enough in this case.

Very well then.  With robbat2's already accepted first paragraph changes
it's acceptable as-is.

Thanks.  You put an awful lot of work into portage, and I'm sure I'm not
the only one who's thankful there's a steady hand at the portage wheel,
even if it doesn't always come thru.  Your efforts certainly make the
gentoo experience a better one! =:^)

--
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman


Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

M. J. Everitt
On 12/03/18 04:53, Duncan wrote:

> Zac Medico posted on Sun, 11 Mar 2018 19:57:31 -0700 as excerpted:
>
>> I really don't want to spend a lot of time making revisions, and I think
>> "unstable" communicates well enough in this case.
> Very well then.  With robbat2's already accepted first paragraph changes
> it's acceptable as-is.
>
> Thanks.  You put an awful lot of work into portage, and I'm sure I'm not
> the only one who's thankful there's a steady hand at the portage wheel,
> even if it doesn't always come thru.  Your efforts certainly make the
> gentoo experience a better one! =:^)
>
+1 to that .. particularly through choppy waters lately .. keep up the
good work!


signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: News Item v2: Portage rsync tree verification unstable

Zac Medico-2
On 03/11/2018 09:58 PM, M. J. Everitt wrote:

> On 12/03/18 04:53, Duncan wrote:
>> Zac Medico posted on Sun, 11 Mar 2018 19:57:31 -0700 as excerpted:
>>
>>> I really don't want to spend a lot of time making revisions, and I think
>>> "unstable" communicates well enough in this case.
>> Very well then.  With robbat2's already accepted first paragraph changes
>> it's acceptable as-is.
>>
>> Thanks.  You put an awful lot of work into portage, and I'm sure I'm not
>> the only one who's thankful there's a steady hand at the portage wheel,
>> even if it doesn't always come thru.  Your efforts certainly make the
>> gentoo experience a better one! =:^)
>>
> +1 to that .. particularly through choppy waters lately .. keep up the
> good work!
You're very welcome. Thanks for your praise!
--
Thanks,
Zac


signature.asc (231 bytes) Download Attachment