View previous topic :: View next topic |
Author |
Message |
sigra Tux's lil' helper
Joined: 03 Feb 2006 Posts: 118
|
Posted: Mon Jun 18, 2018 10:50 pm Post subject: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net |
|
|
Since a few weeks, Gentoo syncs no more. It only says forever: Code: | OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: Server indicated a failure | The system will be outdated and vulnerable in a while and therefore unusable. |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Tue Jun 19, 2018 5:14 pm Post subject: |
|
|
There are many, many, many people having this problem right now, so you're not the only one.
Recommend changing your sync method to webrsync-gpg until gentoo's critical infrastructure becomes a bit more dependable. |
|
Back to top |
|
|
araxon Tux's lil' helper
Joined: 25 May 2011 Posts: 83
|
Posted: Wed Jun 27, 2018 9:00 am Post subject: |
|
|
I'm experiencing the same issue on one of my many gentoo installations. The decision to push this feature on users seems to be rushed and unnecessary. |
|
Back to top |
|
|
sigra Tux's lil' helper
Joined: 03 Feb 2006 Posts: 118
|
Posted: Wed Jun 27, 2018 5:03 pm Post subject: |
|
|
I was able to sync with . (It seems to use a daily snapshot. So it will not work to get a particular fix as soon as it is committed.) |
|
Back to top |
|
|
cjmayo n00b
Joined: 05 Nov 2004 Posts: 29
|
|
Back to top |
|
|
araxon Tux's lil' helper
Joined: 25 May 2011 Posts: 83
|
Posted: Sun Jul 08, 2018 4:42 pm Post subject: |
|
|
Thank you, but I'm not using systemd.
Sadly, the error on the particular computer still persists, even without systemd. |
|
Back to top |
|
|
araxon Tux's lil' helper
Joined: 25 May 2011 Posts: 83
|
Posted: Wed Aug 08, 2018 11:59 am Post subject: |
|
|
Well, this is new (now it is "General error" instead of "Server indicated a failure"):
Code: | smrek ~ # emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
* Using keys from /usr/share/openpgp-keys/gentoo-release.asc
* Refreshing keys from keyserver ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
... |
The error is spreading to more of my servers. |
|
Back to top |
|
|
nvertigo n00b
Joined: 01 Aug 2014 Posts: 9
|
Posted: Thu Aug 09, 2018 8:05 am Post subject: |
|
|
araxon wrote: | Well, this is new (now it is "General error" instead of "Server indicated a failure"):
Code: | smrek ~ # emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
* Using keys from /usr/share/openpgp-keys/gentoo-release.asc
* Refreshing keys from keyserver ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
... |
The error is spreading to more of my servers. |
After over 15 years of using gentoo, this is the first time something preventing portage syncing for more then a week. Though this is really annoying and I completely agree new features should only be shipped if working, we can still sync without it (last line):
Code: |
adler ~ # cat /etc/portage/repos.conf/gentoo.conf
[DEFAULT]
main-repo = gentoo
[gentoo]
location = /usr/portage
sync-type = rsync
auto-sync = yes
sync-uri = rsync://rsync.de.gentoo.org/gentoo-portage
sync-rsync-verify-metamanifest = no
|
With "sync-rsync-verify-metamanifest = no" not only the verification itself is skiped, but also the key updates. Voila, working like before.
EDIT:
This doesn't mean gentoo does not need to fix this. Ensuring data integrity gets more important every day!
EDIT2: For completeness: I'm using openrc. |
|
Back to top |
|
|
araxon Tux's lil' helper
Joined: 25 May 2011 Posts: 83
|
Posted: Thu Aug 09, 2018 8:59 am Post subject: |
|
|
Quote: | sync-rsync-verify-metamanifest = no |
Sadly, that is slowly becoming my default setting. From my point of view, the feature is broken and released prematurely.
Maybe there is something wrong with my configuration, but after many search attempts I have no clue what, and the error message itself is so cryptic that it does not help either. |
|
Back to top |
|
|
Leio Developer
Joined: 27 Feb 2003 Posts: 494 Location: Estonia
|
Posted: Fri Aug 10, 2018 9:45 am Post subject: |
|
|
This should work better with >=app-portage/gemato-14.0 _________________ GNOME team lead; GStreamer; MIPS/ARM64 |
|
Back to top |
|
|
yoshi314 l33t
Joined: 30 Dec 2004 Posts: 850 Location: PL
|
Posted: Tue Oct 02, 2018 7:33 am Post subject: |
|
|
i'm been having this breakage for the last week.
There should be a fallback in case key server is not available. _________________ ~amd64
shrink your /usr/portage with squashfs+aufs |
|
Back to top |
|
|
CitizenKepler n00b
Joined: 20 Jul 2012 Posts: 3 Location: Houston, TX
|
Posted: Wed Oct 10, 2018 8:41 pm Post subject: |
|
|
I also have come by this on one of my cloud installs. I would love to see an option to emerge such as --skip-verify to workaround this issue when it does occur |
|
Back to top |
|
|
bigmonk n00b
Joined: 16 Nov 2004 Posts: 47 Location: china
|
Posted: Thu Mar 28, 2019 10:45 am Post subject: |
|
|
I still get this error.
Code: | [I] app-portage/gemato
Available versions: 14.0 [M]~14.0m **9999 [M]**9999m {+blake2 bzip2 +gpg lzma sha3 test tools PYTHON_TARGETS="pypy python2_7 python3_4 python3_5 python3_6 python3_7"}
Installed versions: 14.0(22时22分31秒 2019年03月20日)(blake2 bzip2 gpg -lzma -sha3 -test -tools PYTHON_TARGETS="python2_7 python3_6 -pypy -python3_4 -python3_5 -python3_7")
Homepage: https://github.com/mgorny/gemato
Description: Stand-alone Manifest generation & verification tool |
[Moderator edit: added [code] tags to preserve output layout. -Hu] _________________ http://gentoogle.blogspot.com/ |
|
Back to top |
|
|
|