FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 11-05-2011, 10:40 PM
Peter Lewis
 
Default Problem automatically importing key for signed package.

Hi,

I've been trying to get to grips with the package signing stuff, and have just
added my first signed package (choqok) to [community], but am having a problem
installing it from the repo, when pacman doesn't already know about my key. I'm
probably missing a step somewhere, or maybe I've found a bug, not sure.

I followed the instructions on the wiki, with the slight difference that I
already had a key, so just used that one.

Here's the problem. After successfully building in a chroot and submitting and
signing the package, all using devtools, I get this:

% sudo pacman -S choqok

...

error: choqok: key "22AD5874F39D989F" is unknown
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

I tried the obvious cache clearing and -Syy'ing, just to be sure, but that
didn't fix it.

For other people's packages, after the "key XXX unknown" message, I get the
option to get it from the keyserver and add it to pacman's keyring. But I don't
get that option for my own key.

But:

% gpg --homedir gpg-temp --keyserver pgp.mit.edu --recv-keys 22AD5874F39D989F
gpg: requesting key F39D989F from hkp server pgp.mit.edu
gpg: key E19DAA50: public key "Peter Richard Lewis <pete@muddygoat.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

And just to be sure, in my build directory:

% gpg --verify choqok-1.2-2-x86_64.pkg.tar.xz.sig
gpg: Signature made Sat 05 Nov 2011 05:27:56 PM GMT using RSA key ID F39D989F
gpg: Good signature from "Peter Richard Lewis <pete@muddygoat.org>"
gpg: aka "Peter Richard Lewis <prlewis@letterboxes.org>"
gpg: aka "Peter Richard Lewis <p.r.lewis@cs.bham.ac.uk>"
gpg: aka "Peter Richard Lewis <plewis@aur.archlinux.org>"


At first I thought that maybe pacman wouldn't support multiple UIDs, but then
pacman-key -l shows up that several devs and TUs have this.

Did I miss something that I should have done?

Thanks,

Pete.
 
Old 11-05-2011, 11:01 PM
Myra Nelson
 
Default Problem automatically importing key for signed package.

On Sat, Nov 5, 2011 at 18:40, Peter Lewis <plewis@aur.archlinux.org> wrote:

> Hi,
>
> I've been trying to get to grips with the package signing stuff, and have
> just
> added my first signed package (choqok) to [community], but am having a
> problem
> installing it from the repo, when pacman doesn't already know about my
> key. I'm
> probably missing a step somewhere, or maybe I've found a bug, not sure.
>
> I followed the instructions on the wiki, with the slight difference that I
> already had a key, so just used that one.
>
> Here's the problem. After successfully building in a chroot and submitting
> and
> signing the package, all using devtools, I get this:
>
> % sudo pacman -S choqok
>
> ...
>
> error: choqok: key "22AD5874F39D989F" is unknown
> error: failed to commit transaction (invalid or corrupted package (PGP
> signature))
> Errors occurred, no packages were upgraded.
>
> I tried the obvious cache clearing and -Syy'ing, just to be sure, but that
> didn't fix it.
>
> For other people's packages, after the "key XXX unknown" message, I get the
> option to get it from the keyserver and add it to pacman's keyring. But I
> don't
> get that option for my own key.
>
> But:
>
> % gpg --homedir gpg-temp --keyserver pgp.mit.edu --recv-keys
> 22AD5874F39D989F
> gpg: requesting key F39D989F from hkp server pgp.mit.edu
> gpg: key E19DAA50: public key "Peter Richard Lewis <pete@muddygoat.org>"
> imported
> gpg: no ultimately trusted keys found
> gpg: Total number processed: 1
> gpg: imported: 1
>
> And just to be sure, in my build directory:
>
> % gpg --verify choqok-1.2-2-x86_64.pkg.tar.xz.sig
> gpg: Signature made Sat 05 Nov 2011 05:27:56 PM GMT using RSA key ID
> F39D989F
> gpg: Good signature from "Peter Richard Lewis <pete@muddygoat.org>"
> gpg: aka "Peter Richard Lewis <prlewis@letterboxes.org>"
> gpg: aka "Peter Richard Lewis <p.r.lewis@cs.bham.ac.uk>"
> gpg: aka "Peter Richard Lewis <plewis@aur.archlinux.org>"
>
>
> At first I thought that maybe pacman wouldn't support multiple UIDs, but
> then
> pacman-key -l shows up that several devs and TUs have this.
>
> Did I miss something that I should have done?
>
> Thanks,
>
> Pete.
>

Pete:

You need to import your key into the pacman-key database with sudo
pacman-key --keysever pgp.mit.edu -r 22AD5874F39D989F, then everything
shoud work fine.

You can also put keyserver hkp://pgp.mit.edu in
/etc/pacman.d/gnupg/gnupg.conf and pacman-key will use pgp.mit.eduautomatically.

Myra

--
Life's fun when your sick and psychotic!
 

Thread Tools




All times are GMT. The time now is 01:00 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org