From a616a245190a899890a514ad2912e128933387b3 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 18 Jun 2014 12:03:52 -0700 Subject: [PATCH] gentoo-portage/Dockerfile.template: Remove 'emerge --sync' call specing points out that the rsync behind 'emerge --sync' is vulnerable to man-in-the-middle attacks. In any event, it's probably more reproducible to stick to the daily snapshot releases used by webrsync and ignore any changes that have since landed in the rsync mirrors. --- gentoo-portage/Dockerfile.template | 1 - 1 file changed, 1 deletion(-) diff --git a/gentoo-portage/Dockerfile.template b/gentoo-portage/Dockerfile.template index cc1df4d..5f0f3e1 100644 --- a/gentoo-portage/Dockerfile.template +++ b/gentoo-portage/Dockerfile.template @@ -30,5 +30,4 @@ RUN echo 'GENTOO_MIRRORS="http://distfiles.gentoo.org/"' >> /etc/portage/make.co RUN mkdir -p /usr/portage RUN chown -R portage:portage /usr/portage RUN emerge-webrsync -RUN emerge --sync --quiet RUN eselect news read new -- 2.26.2