diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2018-01-25 11:02:18 +0100 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2018-01-25 19:57:22 +0100 |
| commit | fd8ed684ee5cc2e53443fe98bde11445e20c6e54 (patch) | |
| tree | 796e548899d6c9c11a542c1041ae528ce4fd5f38 /sys-apps | |
| parent | app-emulation/kompose: Version bump to 1.8.0 (diff) | |
| download | gentoo-fd8ed684ee5cc2e53443fe98bde11445e20c6e54.tar.gz gentoo-fd8ed684ee5cc2e53443fe98bde11445e20c6e54.tar.bz2 gentoo-fd8ed684ee5cc2e53443fe98bde11445e20c6e54.zip | |
sys-apps/portage: Add USE=rsync-verify to control gemato verification
Diffstat (limited to 'sys-apps')
| -rw-r--r-- | sys-apps/portage/metadata.xml | 4 | ||||
| -rw-r--r-- | sys-apps/portage/portage-9999.ebuild | 13 |
2 files changed, 16 insertions, 1 deletions
diff --git a/sys-apps/portage/metadata.xml b/sys-apps/portage/metadata.xml index c66241962c33..8d4801007bc4 100644 --- a/sys-apps/portage/metadata.xml +++ b/sys-apps/portage/metadata.xml @@ -20,6 +20,10 @@ This should only be temporarily disabled for some bootstrapping operations. Cross-compilation is not supported. </flag> + <flag name="rsync-verify"> + Enable full-tree cryptographic verification of Gentoo repository + rsync checkouts using <pkg>app-portage/gemato</pkg>. + </flag> <flag name="xattr">Preserve extended attributes (filesystem-stored metadata) when installing files. Usually only required for hardened systems. </flag> diff --git a/sys-apps/portage/portage-9999.ebuild b/sys-apps/portage/portage-9999.ebuild index 69caf4064227..98724289cf76 100644 --- a/sys-apps/portage/portage-9999.ebuild +++ b/sys-apps/portage/portage-9999.ebuild @@ -18,7 +18,7 @@ HOMEPAGE="https://wiki.gentoo.org/wiki/Project:Portage" LICENSE="GPL-2" KEYWORDS="" SLOT="0" -IUSE="build doc epydoc +ipc +native-extensions selinux xattr" +IUSE="build doc epydoc +ipc +native-extensions +rsync-verify selinux xattr" DEPEND="!build? ( $(python_gen_impl_dep 'ssl(+)') ) >=app-arch/tar-1.27 @@ -33,6 +33,8 @@ DEPEND="!build? ( $(python_gen_impl_dep 'ssl(+)') ) # for now, don't pull in xattr deps for other kernels. # For whirlpool hash, require python[ssl] (bug #425046). # For compgen, require bash[readline] (bug #445576). +# app-portage/gemato goes without PYTHON_USEDEP since we're calling +# the executable. RDEPEND=" >=app-arch/tar-1.27 dev-lang/python-exec:2 @@ -48,6 +50,10 @@ RDEPEND=" elibc_musl? ( >=sys-apps/sandbox-2.2 ) elibc_uclibc? ( >=sys-apps/sandbox-2.2 ) >=app-misc/pax-utils-0.1.17 + rsync-verify? ( + >=app-portage/gemato-10 + app-crypt/gentoo-keys + ) selinux? ( >=sys-libs/libselinux-2.0.94[python,${PYTHON_USEDEP}] ) xattr? ( kernel_linux? ( >=sys-apps/install-xattr-0.3 @@ -104,6 +110,11 @@ python_prepare_all() { || die "failed to append to make.globals" fi + if ! use rsync-verify; then + sed -e '/^sync-rsync-verify-metamanifest/s|yes|no|' \ + -i cnf/repos.conf || die "sed failed" + fi + if [[ -n ${EPREFIX} ]] ; then einfo "Setting portage.const.EPREFIX ..." sed -e "s|^\(SANDBOX_BINARY[[:space:]]*=[[:space:]]*\"\)\(/usr/bin/sandbox\"\)|\\1${EPREFIX}\\2|" \ |