You are not logged in.
- Topics: Active | Unanswered
#1 2016-07-06 18:34:43
- shashurup
- Member
- Registered: 2013-05-26
- Posts: 21
[solved] makepkg -s fails to verify signature
It looks like makepkg script invokes gpg --verify without specifying homedir (/etc/pacman.d/gnupg). This leads to aurget failure to verify any signed package due to not found public key. am I the first to face the issue?
Last edited by shashurup (2016-07-06 19:46:22)
Offline
#2 2016-07-06 18:58:27
- alphaniner
- Member
- From: Ancapistan
- Registered: 2010-07-12
- Posts: 2,810
Re: [solved] makepkg -s fails to verify signature
Makepkg is not intended to use pacman keyring. See eg. https://bbs.archlinux.org/viewtopic.php?id=152337 particularly https://bbs.archlinux.org/viewtopic.php … 2#p1490032
But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist.
-Lysander Spooner
Offline
#3 2016-07-06 19:26:39
- shashurup
- Member
- Registered: 2013-05-26
- Posts: 21
Re: [solved] makepkg -s fails to verify signature
I should have searched a bit more rigorously.
Offline
#4 2016-07-06 19:29:37
- alphaniner
- Member
- From: Ancapistan
- Registered: 2010-07-12
- Posts: 2,810
Re: [solved] makepkg -s fails to verify signature
Since you mention it, that thread was the first google result for 'makepkg unknown key', a saved search presumably from when I first encountered the issue 
Proveded you get things worked out, be sure to mark the thread solved.
Last edited by alphaniner (2016-07-06 19:31:23)
But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist.
-Lysander Spooner
Offline
#5 2016-07-06 19:46:04
- shashurup
- Member
- Registered: 2013-05-26
- Posts: 21
Re: [solved] makepkg -s fails to verify signature
Anyway, it is still quite strainge, pacman uses exclusively /etc/pacman.d/gnupg, but makepkg (part of a pacman package, BTW) uses users keyring.
Offline
#6 2016-07-06 20:10:29
- alphaniner
- Member
- From: Ancapistan
- Registered: 2010-07-12
- Posts: 2,810
Re: [solved] makepkg -s fails to verify signature
Not really. Read Allan's post more closely. Makepkg sig checking is intended for verifying sources signed by upstream developers. Samba, for example.
Connecting pacman keyring and user keyring only works for sources that happen to be signed by (ie. developed by) Arch devs/packagers.
But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist.
-Lysander Spooner
Offline
#7 2016-07-07 04:26:50
- shashurup
- Member
- Registered: 2013-05-26
- Posts: 21
Re: [solved] makepkg -s fails to verify signature
Aha, it seems that I've got the distinction. It sounds reasonable then. Thank you!
Offline