I don't know what you think I asserted, but what I actually asserted is that either: Well it's easy to see that assertion is wrong, since ~/.gnupg/gpg.conf is completely default (only contains commented lines and blank lines, verified using `grep -Ev '^' ~/.gnupg/gpg.conf`) It sounds like you have specified "keyring /etc/pacman.d/gnupg/pubring.gpg" in your ~/.gnupg/gpg.conf - and therefore gpg has included your pacman-key keyring.īecause, there is absolutely no other explanation for adding a key to pacman-key and then having access to it in gpg. a package that fails to build due to missing keys that subsequently builds after a refresh with pacman-key). Before doing that though, it would be good to double-check the assumptions made so far with working examples (i.e. In either case, this is not a mimeo issue or an issue with my key so I suggest that further discussion of the issue be moved to a new thread. perhaps yaourt reports missing keys for the downloads pacman packages and not the source files). That is either due to yaourt's funky special sauce or perhaps some confusion about the error messages (e.g. The mystery here is that you were somehow able to refresh keys with pacman-key and get it to work when building the package. You should need to download all keys used to check signatures with makepkg. Other keys are fine and, as I pointed out, there is no custom gpg configuration confusing the issue. I don't see why Xyne's key should be special either (or why I should need to manually download it at all seeing as he's TU), but there you go. Incidentally, my signing key on the AUR is the same as my TU signing key so it should already be in pacman-key (you can test it by using "pacman-key -verify" on the Mimeo source files). Installing packages from the repos uses the system-wide keyring provided by the archlinux-keyring package via pacman-key. Building packages via makepkg uses the user's keyring for verification via gpg, which is why you need to import those keys to your user keyring. I suspect that you are confusing package installation from the official repos via pacman with building packages via makepkg. You are comparing gpg, which uses the user's keyring and configuration, to pacman-key, which uses its own keyring and configuration (including a key server). This makes me wonder whether we are really discussing the same problem I've already installed a few such packages by simply using `pacman-key -r $KEYID` before building, but that doesn't work with this package. Not all packages with PGP signing require specification of the keyserver.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |