On Mon, 10 Aug 2015 22:13:23 +0200 hasufell wrote: > On 08/10/2015 05:09 PM, Rich Freeman wrote: > > On Mon, Aug 10, 2015 at 11:04 AM, Mike Gilbert <flop...@gentoo.org> wrote: > >> > >> Expanding on this: the rsync master creates the following > >> files/directories under metatdata. On my own system, I like to symlink > >> them to locations outside my repo so that related portage features > >> continue to work. > >> > >> I would like to have these added in .gitignore. > >> > >> metadata/dtd/ # used by something? > >> metadata/glsa/ # used by the GLSA utilities? > >> matadata/herds.xml # used by equery from gentoolkit > >> metadata/news/ # used by eselect news > >> > > > > As a side note, it probably wouldn't hurt to set up a guide for > > running git on /usr/portage, including setting up these symlinks, > > running egencache after emerge --sync, etc. I imagine that this is a > > configuration that many developers will tend to use, and with the > > advent of git we may see more users who tend to contribute doing the > > same. > > > > In fact, this should be the recommended way of running gentoo for > everyone. Our rsync methods are still inherently insecure (unless I > missed something), because: > 1. machine key > 2. profiles, eclasses and so on are not covered with a > signature/Manifest anyway Not unless metadata cache will be synced too from a trusted source. It takes too much time to generate, especially on non-brand-new hardware.
Best regards, Andrew Savchenko
pgp1HcAyNrAU_.pgp
Description: PGP signature
