On Wed, Jun 29, 2016 at 11:46:45PM +0000, Glen Barber wrote: > On Wed, Jun 29, 2016 at 04:38:05PM -0700, Bryan Drewery wrote: > > On 6/29/2016 4:03 PM, Glen Barber wrote: > > > On Wed, Jun 29, 2016 at 03:22:33PM -0700, Yuri wrote: > > >> On 06/29/2016 14:59, Glen Barber wrote: > > >>> If I understand what you mean correctly, that would imply poudriere is > > >>> responsible for the contents of base.txz, which it is not. I think the > > >>> better solution (if I understood correctly) is RE needs to PGP-sign the > > >>> releases/${TARGET}/${TARGET_ARCH}/X.Y-RELEASE/MANIFEST file, and include > > >>> it in the announcement email for the release, as well as on the website. > > >>> > > >>> Please correct me if I did misunderstand. > > >>> > > >>> This way, poudriere could verify the hash of the file against what it > > >>> has downloaded, in addition to verifying the PGP fingerprint. > > >> > > > > FYI since Poudriere 3.1.11, it has compared the checksums in the > > MANIFEST against the downloaded packages. It also now uses > > https://download.freebsd.org by default. It requires > > security/ca_root_nss. I thought I had forced that dependency but it was > > missing. It is added now. > > > > Ah, great, thank you. To those interested, the MANIFEST files included > were obtained in a secure manner, i.e., bootonly.iso was downloaded and > extracted after the checksum was compared to the PGP-signed email. >
Uhm, to lessen confusion, this last sentence... > > Around that time (January 2016), Colin Percival has been maintaining a > > copy of the MANIFESTS in ports-mgmt/poudriere as well. Those get > > installed with Poudriere and used during jail -c after fetching if > > available, so that relying on https isn't required. These were missing > > for ports-mgmt/poudriere-devel until just now. I've moved them to > > misc/freebsd-release-manifests and made both ports depend on it. > > > > I completely forgot about this. Thank you. > ... should have been here. :( Glen
signature.asc
Description: PGP signature