Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
emerge --sync error
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
TequilaTR
n00b
n00b


Joined: 01 Feb 2005
Posts: 65

PostPosted: Wed Aug 07, 2019 7:45 pm    Post subject: other option? Reply with quote

Hm...

seems like removing
"sync-openpgp-keyserver"
from /etc/portage/repos.conf/gentoo.conf
and
/usr/share/portage/config

Also does the trick without re-emerging and such...

https://linux.gentoo.user.narkive.com/8IcazDNJ/gentoo-user-emerge-sync-problem-refreshing-keys

Ok, might be s.th. related to ipv6 being disabled on my machine:
https://bugs.gentoo.org/646194
Back to top
View user's profile Send private message
DancesWithWords
Guru
Guru


Joined: 29 Jun 2002
Posts: 342
Location: ottawa, canada

PostPosted: Thu Aug 08, 2019 11:26 am    Post subject: Reply with quote

NeddySeagoon wrote:
leonchik1976,

Intermittent failures like that are not a problem, so there is noting to fix.
If it fails every time, that's a problem.


I've been running Gentoo since 2002 and I've never ever had this problem until now. Quite frustrating I've not been able to --sync now for 3 days. I've followed instructions and have disabled the verification, not an option I want to continue to use.


=====
DWW
Back to top
View user's profile Send private message
mrsaccess
n00b
n00b


Joined: 03 Sep 2005
Posts: 30
Location: Greece

PostPosted: Thu Aug 08, 2019 5:45 pm    Post subject: Reply with quote

I can't sync as well for the last few days, so not sure about the comments about intermittent failures. :?
Any help that doesn't disable key verification is appreciated. :)
Code:
# emerge --debug --sync
myaction sync
myopts {'--debug': True}
>>> Syncing repository 'gentoo' into '/usr/portage'...
 * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
 * Refreshing keys via WKD ...                                                                                                                                                                                                                      [ !! ]
 * Refreshing keys from keyserver hkps://keys.gentoo.org ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://keys.gentoo.org
gpg: keyserver refresh failed: General error

OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://keys.gentoo.org
gpg: keyserver refresh failed: General error

...

_________________
Hardware: The parts of your pc you can kick.
Back to top
View user's profile Send private message
nc-pv
n00b
n00b


Joined: 01 Oct 2012
Posts: 38

PostPosted: Fri Aug 09, 2019 12:40 pm    Post subject: Reply with quote

mrsaccess wrote:
I can't sync as well for the last few days, so not sure about the comments about intermittent failures. :?
Any help that doesn't disable key verification is appreciated. :)


I think the Gentoo developers need to introduce an option to bypass key refresh process. The verification still should work even if refresh fails, otherwise it leaves users with two options: not to update or compromise security.

I created a bug: https://bugs.gentoo.org/691722
_________________
Use GNU/Linux
Back to top
View user's profile Send private message
mike155
Veteran
Veteran


Joined: 17 Sep 2010
Posts: 1413
Location: Frankfurt, Germany

PostPosted: Fri Aug 09, 2019 1:36 pm    Post subject: Reply with quote

Thanks for creating a bug! :-)

Unfortunately, that's not the only issue.

If I enable tree verification and the hardlink nonsense, 'emerge --sync'...
  • creates a subdirectory '/usr/portage/.tmp-unverified-download-quarantine'
  • creates more than 130.000 (one-hundred-thirty-thousand) links in that directory!!!
  • updates the tree
  • removes '/usr/portage/.tmp-unverified-download-quarantine' and all the links it created
On my desktop machine (/usr/portage is mounted via NFS), that slows down 'emerge -sync' from 30 seconds to over 8 minutes!!!

That's ridiculous!


Last edited by mike155 on Fri Aug 09, 2019 3:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
axl
Guru
Guru


Joined: 11 Oct 2002
Posts: 565
Location: Romania

PostPosted: Fri Aug 09, 2019 2:37 pm    Post subject: Reply with quote

rm -rf /usr/portage/* && wget -O /usr/portage/gentoo-current.xz.sqfs http://distfiles.gentoo.org/snapshots/squashfs/gentoo-current.xz.sqfs && mount -o loop /usr/portage/gentoo-current.xz.sqfs /usr/portage


This should be easier.
Back to top
View user's profile Send private message
nc-pv
n00b
n00b


Joined: 01 Oct 2012
Posts: 38

PostPosted: Fri Aug 09, 2019 4:03 pm    Post subject: Reply with quote

mike155 wrote:
Thanks for creating a bug! :-)

Unfortunately, that's not the only issue.


I see what you mean. Indeed this is an issue.

If I understand correctly, the webrsync method should not have this problem as it fetches the snapshot of the portage tree an it can be verified prior to unpacking.

The disadvantage of webrsync method is that you get update only once a day. However, in some cases (offline systems having extremely limited Internet access via HTTP-only proxy) this is the only way to sync the portage tree.
_________________
Use GNU/Linux
Back to top
View user's profile Send private message
mike155
Veteran
Veteran


Joined: 17 Sep 2010
Posts: 1413
Location: Frankfurt, Germany

PostPosted: Fri Aug 09, 2019 4:37 pm    Post subject: Reply with quote

Quote:
I see what you mean. Indeed this is an issue.


I would like to have an 'emerge --sync' that just works:
  1. it should be fast

  2. it should not issue error messages nobody understands

  3. it should do tree verification, but it should NOT download any keys

    Downloading keys is not required for tree verification. I download kernels once or twice a month. Of course I verify them using 'gpg --verify' - but I don't have to download keys to do that. I once downloaded keys from Linus and Greg and those keys have worked smoothly ever since.

  4. it should not create 130.000 links in /usr/portage or maltreat my SSDs in any other way

Am I asking too much?
Back to top
View user's profile Send private message
Anon-E-moose
Advocate
Advocate


Joined: 23 May 2008
Posts: 4122
Location: Dallas area

PostPosted: Fri Aug 09, 2019 4:52 pm    Post subject: Reply with quote

mike155 wrote:
Thanks for creating a bug! :-)

Unfortunately, that's not the only issue.

If I enable tree verification and the hardlink nonsense, 'emerge --sync'...
  • creates a subdirectory '/usr/portage/.tmp-unverified-download-quarantine'
  • creates more than 130.000 (one-hundred-thirty-thousand) links in that directory!!!
  • updates the tree
  • removes '/usr/portage/.tmp-unverified-download-quarantine' and all the links it created
On my desktop machine (/usr/portage is mounted via NFS), that slows down 'emerge -sync' from 30 seconds to over 8 minutes!!!

That's ridiculous!


set
Code:
sync-allow-hardlinks = no

in /etc/portage/repos.conf/gentoo.conf in the default area (top of file) that stops the .tmp-unverified-download-quarantine nonsense.
_________________
Asus m5a99fx, FX 8320 - nouveau, oss4, rx550 for qemu passthrough
Acer laptop E5-575, i3-7100u - i965, alsa
---both---
5.0.13 zen kernel, profile 17.1 (no-pie & modified) amd64-no-multilib
gcc 8.2.0, eudev, openrc, openbox, palemoon
Back to top
View user's profile Send private message
mike155
Veteran
Veteran


Joined: 17 Sep 2010
Posts: 1413
Location: Frankfurt, Germany

PostPosted: Fri Aug 09, 2019 5:14 pm    Post subject: Reply with quote

Anon-E-moose wrote:
set
Code:
sync-allow-hardlinks = no

in /etc/portage/repos.conf/gentoo.conf in the default area (top of file) that stops the .tmp-unverified-download-quarantine nonsense.

Thanks, Anon-E-moose. That's exactly what I do - and that's what I recommend. See: https://forums.gentoo.org/viewtopic-p-8358476.html#8358476

But some users in this thread complain: 'That's insecure! We want tree verification!'. And then they complain: 'I get this error message: gpg: keyserver refresh failed: General error. What should I do?'.

That leads me to the conclusion that something is totally wrong with the current version of 'emerge --sync'. And it's not only a bug, as NeddySeagoon suggests - it's broken by design.
Back to top
View user's profile Send private message
Anon-E-moose
Advocate
Advocate


Joined: 23 May 2008
Posts: 4122
Location: Dallas area

PostPosted: Fri Aug 09, 2019 6:24 pm    Post subject: Reply with quote

The hardlinks doesn't really stop verification, it just keeps the .tmp* directory from being created.
If it's creating the .tmp* directory and any part of the manifest verification fails, then the real portage doesn't get updated and the .tmp* directory is left there, with all the files in it.

I prefer to not have the .tmp* directory, worst case (typically) only a single ebuld fails manifest verification, but the next sync it should be fine.
_________________
Asus m5a99fx, FX 8320 - nouveau, oss4, rx550 for qemu passthrough
Acer laptop E5-575, i3-7100u - i965, alsa
---both---
5.0.13 zen kernel, profile 17.1 (no-pie & modified) amd64-no-multilib
gcc 8.2.0, eudev, openrc, openbox, palemoon
Back to top
View user's profile Send private message
Josef.95
Advocate
Advocate


Joined: 03 Sep 2007
Posts: 3649
Location: Germany

PostPosted: Wed Aug 14, 2019 4:55 am    Post subject: Re: emerge --sync error Reply with quote

wenzi wrote:
I install gentoo follow the wiki, at this step emerge-webrsync,it's OK but emerge --sync, I get this error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://keys.gentoo.org
gpg: keyserver refresh failed: General error
sorry for my poor English.


Hi,
rebuild the net-libs/gnutls package should probably help, see Bug 690760

Code:
emerge -av --oneshot net-libs/gnutls
Back to top
View user's profile Send private message
vcmota
Tux's lil' helper
Tux's lil' helper


Joined: 19 Jun 2017
Posts: 141

PostPosted: Thu Aug 15, 2019 12:49 pm    Post subject: Re: emerge --sync error Reply with quote

Josef.95 wrote:
wenzi wrote:
I install gentoo follow the wiki, at this step emerge-webrsync,it's OK but emerge --sync, I get this error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://keys.gentoo.org
gpg: keyserver refresh failed: General error
sorry for my poor English.


Hi,
rebuild the net-libs/gnutls package should probably help, see Bug 690760

Code:
emerge -av --oneshot net-libs/gnutls


It worked, fantastic! Thank you Josef.95!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum