FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

LinkBack Thread Tools
Old 06-03-2008, 11:54 AM
"Dan McGee"
Default Add Keyring/--keyring option in alpm/pacman)

On Tue, Jun 3, 2008 at 1:59 AM, Pierre Schmitz <pierre@archlinux.de> wrote:
> Am Dienstag 03 Juni 2008 01:46:11 schrieb Geoffroy Carrier:
>> We have to think about the default interaction.
>> It would be easy to sign all packages as the first step, so excepting
>> signed packages for the first pacman release including GPG support seems
>> fair to me. I think asking confirmation from the user in case packages
>> are not signed, like apt tools do.
> First: great work and thanks for starting the gpg-signing in pacman. Imho we
> should force devs to sign packages by default. Because the whole thing will
> become useless if only one single package in our repos is not signed.

Keep in mind that this is
1. An Arch decision, not a pacman decision
2. A policy decision, not something that should be enforced by pacman code

Enforcing this at the Arch-specific dbscripts level would be OK, but I
don't think it is wise to force makepkg/pacman to sign all packages,
especially those that are built for local use only. Some people don't
have PGP keys so this would be a pain in the ass.


pacman-dev mailing list

Thread Tools

All times are GMT. The time now is 11:08 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org