You are not logged in.
I run my own repository. Among others, it contains the following two files:
libpng-1.6.28-1-x86_64.pkg.tar.xz
libpng-1.6.28-1-x86_64.pkg.tar.xz.sig
On my client, I attempt to install but it fails:
sudo pacman -S libpng
resolving dependencies...
looking for conflicting packages...
Packages (1) libpng-1.6.28-1
Total Installed Size: 0.54 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [######################################################] 100%
(1/1) checking package integrity [######################################################] 100%
error: libpng: missing required signature
error: failed to commit transaction (package missing required signature)
Errors occurred, no packages were upgraded.
In my web server log, I see a request for the tar file, but not for the .sig file:
1.2.3.4 host - [15/Jan/2017:04:21:54 +0000] "GET /.../libpng-1.6.28-1-x86_64.pkg.tar.xz HTTP/1.1" 200 220136
pacman.conf has:
SigLevel = Required TrustedOnly
LocalFileSigLevel = Optional
RemoteFileSigLevel = Required TrustedOnly
What might be going on here? Is there some cache other than /var/cache/pacman, which I have emptied?
Last edited by jernst (2017-01-15 04:43:05)
Offline
When you add the package to the Pacman repository database with repo-add, it stores the signature in the database entry. Pacman will not download signature files for each package which is why you are not seeing requests for package signatures (it will of course download database signatures).
How are you creating your repo database?
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Ahhh ... thank you!
Offline