aboutsummaryrefslogtreecommitdiff
path: root/cnf
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2018-02-01 13:06:26 +0100
committerMichał Górny <mgorny@gentoo.org>2018-02-05 19:43:21 +0100
commit8d99acdb3f4fba258dfcdf3b659e400a8066d296 (patch)
tree84a670bcf008935873228097b40843afb4b9fe5a /cnf
parentrsync: Load and update keys early (diff)
downloadportage-8d99acdb3f4fba258dfcdf3b659e400a8066d296.tar.gz
portage-8d99acdb3f4fba258dfcdf3b659e400a8066d296.tar.bz2
portage-8d99acdb3f4fba258dfcdf3b659e400a8066d296.zip
rsync: Issue an explicit warning if Manifest timestamp is >24hr old
Issue an explicit warning if the Manifest timestamp for Gentoo repository is 24 hours behind the system clock. This is meant to detect attacks based on preventing the user from upgrading. Reviewed-by: Zac Medico <zmedico@gentoo.org>
Diffstat (limited to 'cnf')
-rw-r--r--cnf/repos.conf1
1 files changed, 1 insertions, 0 deletions
diff --git a/cnf/repos.conf b/cnf/repos.conf
index 4a40ff4fc..984ecd220 100644
--- a/cnf/repos.conf
+++ b/cnf/repos.conf
@@ -7,6 +7,7 @@ sync-type = rsync
sync-uri = rsync://rsync.gentoo.org/gentoo-portage
auto-sync = yes
sync-rsync-verify-metamanifest = yes
+sync-rsync-verify-max-age = 24
sync-openpgp-key-path = /var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg
# for daily squashfs snapshots