[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] Re: Manifest signing
From:       "Robin H. Johnson" <robbat2 () gentoo ! org>
Date:       2011-09-29 19:36:22
Message-ID: robbat2-20110929T192830-577785968Z () orbis-terrarum ! net
[Download RAW message or body]

On Thu, Sep 29, 2011 at 07:08:29PM +0000, Duncan wrote:
> Beyond that, IMO it's now at the "needs a proposal champion to clean it 
> up and present it to the council" stage, at least at the "council 
> declared priority" level for getting the requirements into repoman, the 
> CVS server, and perhaps the PMs (I don't know what stage they're at, 
> possibly all they need is a switch flipped?).
It doesn't need cleaning up. I wrote the tree-signing GLEPs a few years
ago, and those were approved by the council, really they just need
updating to a recent Portage and usage.

They provide better support than just getting every developer to sign
the Manifests, because to do so while eclasses are unsigned is a giant
security hole. MetaManifest in the proposal covers that by getting the
entire tree to a state of being signed.

> Talking about which, at the PM user level, is there a per-repo/overlay 
> switch?  If not, it should strongly be considered.
Yes. See layout.conf/repo.conf. Also controls usage of thin Manifests.

-- 
Robin Hugh Johnson
Gentoo Linux: Developer, Trustee & Infrastructure Lead
E-Mail     : robbat2@gentoo.org
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85

[prev in list] [next in list] [prev in thread] [next in thread]