Passing --skippgpcheck to makepkg from makechrootpkg

daniel_shub · 2015-10-09 15:17:00

I am trying to build a package while skipping the PGP verification of the source files. The package builds fine with

makepkg --skippgpcheck

and the output of makepkg, as I would expect, gives me

==> WARNING: Skipping verification of source file PGP signatures.

From my understanding of the documentation of makechrootpkg, everything after -- is passed to makepkg. When I run

makechrootpkg -cr /chroot/base-devel/ -- --skippgpcheck

the build fails and the output says

==> Verifying source file signatures with gpg...
==> ERROR: One or more PGP signatures could not be verified!

It appears that the --skippgpcheck option has not been passed to makepkg. Am I missing something? Is this the intended behaviour or a bug?

Is there another way to skip the PGP verification? I looked in makepkg.conf, but did not see an option.

Last edited by daniel_shub (2015-10-09 15:27:21)

Scimmia · 2015-10-09 15:19:22

Try "-- --skippgpcheck"

daniel_shub · 2015-10-09 15:29:12

@Scimmia that was what I was using. I just edited the post to make that clear. Sorry for the confusion.

mauritiusdadd · 2015-10-09 18:15:58

The problem is that makechrootpkg invokes makepkg two times: the first time outside the chroot in order to download the sources, and a second time inside the chroot to actually build the package. You can only pass the option to the instance invoked inside the chroot (using -- <options>), but you cannot pass any option to the instance of makepkg which is executed outside the chroot. For this reason, you cannot fully skip the pgp check and you need the correct gpg keys. Note however that the keys are *not* passed to gpg inside the chroot so you still need to use "-- --skippgpcheck" in order to compile the package.

ArchyMacLean · 2021-05-31 08:46:49

Sorry, I know this is an old thread. But I found it via google having the same problem as the author of the OP. I thought my findings might be useful for other users having the same problem.

If you build in a fakeroot scenario like makechrootpkg or using the helper scripts (e.g. extra-x86_64-build, testing-x86_64-build, multilib-build) you can edit

/usr/bin/makepkg

directly using vim or nano and change

SKIPPGPCHECK=0

to

SKIPPGPCHECK=1

This will skip signature check globally for all build scenarios. Don't forget to reset this value to 0 after your project has been build successfully - safety first. ;-)

V1del · 2021-05-31 08:55:46

Thanks for the contextual contribution albeit I really hope no one finds themselves in that situation often.

Closing this old thread.

Arch Linux

#1 2015-10-09 15:17:00

Passing --skippgpcheck to makepkg from makechrootpkg

#2 2015-10-09 15:19:22

Re: Passing --skippgpcheck to makepkg from makechrootpkg

#3 2015-10-09 15:29:12

Re: Passing --skippgpcheck to makepkg from makechrootpkg

#4 2015-10-09 18:15:58

Re: Passing --skippgpcheck to makepkg from makechrootpkg

#5 2021-05-31 08:46:49

Re: Passing --skippgpcheck to makepkg from makechrootpkg

#6 2021-05-31 08:55:46

Re: Passing --skippgpcheck to makepkg from makechrootpkg

Board footer