Ullrich n00b
Joined: 29 Oct 2005 Posts: 25
|
Posted: Tue Jul 03, 2018 12:10 pm Post subject: [solved] Warnings during emerge --sync (gpg verified) |
|
|
Hi all,
i just followed the steps mentioned here: https://wiki.gentoo.org/wiki/Handbook:Parts/Working/Features#Validated_Gentoo_repository_snapshots
I added FEATURES and PORTAGE_GPG_DIR variables to my make.conf,
installed app-crypt/gentoo-keys
and manually trusted `gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --edit-key 0xD2DE1DBBA0F43EBA341B97D8825533CBF6CD6C97 trust` the "Gentoo-keys Team" key and the 0xDCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D "Gentoo Portage Snapshot Signing Key"
Now, when running `emerge --sync` i got:
Code: |
localhost ~ # emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
Fetching most recent snapshot ...
Trying to retrieve 20180702 snapshot from ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ...
Fetching file portage-20180702.tar.xz.md5sum ...
Fetching file portage-20180702.tar.bz2.md5sum ...
Fetching file portage-20180702.tar.gz.md5sum ...
Trying to retrieve 20180702 snapshot from http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror ...
Fetching file portage-20180702.tar.xz.md5sum ...
Fetching file portage-20180702.tar.xz.gpgsig ...
Fetching file portage-20180702.tar.xz ...
Checking digest ...
Checking signature ...
gpg: WARNING: unsafe permissions on homedir '/var/lib/gentoo/gkeys/keyrings/gentoo/release'
gpg: Signature made Tue 03 Jul 2018 02:51:21 AM CEST
gpg: using RSA key E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
gpg: Good signature from "Gentoo Portage Snapshot Signing Key (Automated Signing Key)" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D
Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250
Getting snapshot timestamp ...
Syncing local tree ...
Number of files: 161,691 (reg: 134,254, dir: 27,437)
Number of created files: 49 (reg: 49)
Number of deleted files: 43 (reg: 42, dir: 1)
Number of regular files transferred: 231
Total file size: 218.08M bytes
Total transferred file size: 4.86M bytes
Literal data: 4.86M bytes
Matched data: 0 bytes
File list size: 196.59K
File list generation time: 0.001 seconds
File list transfer time: 0.000 seconds
Total bytes sent: 8.22M
Total bytes received: 35.06K
sent 8.22M bytes received 35.06K bytes 3.30M bytes/sec
total size is 218.08M speedup is 26.42
Cleaning up ...
=== Sync completed for gentoo
q: Updating ebuild cache in /usr/portage ...
q: Finished 35544 entries in 0.134679 seconds
Action: sync for repo: gentoo, returned code = 0
|
I wonder if that is the expected behavior/outcome and what i can do to fix the warnings?
Thanks for any help,
Ullrich
edit: 2018-07-24
I solved the issue and in case someone is interessted you can remove the warnings from GPG about unsafe permissions on homedir with:
Code: | chmod 0700 /var/lib/gentoo/gkeys/keyrings/gentoo/release |
and as far as i understood the warning about the trusted signature is expected.
But when changing the trust level to "5 = I trust ultimately" it is gone.
Code: | gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --edit-key 0xDCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D trust |
|
|