You are not logged in.
Pages: 1
So I've managed to set up pacman with package signing after the latest upgrade (spending a lot more effort than I think should be necessary).
I'm now able to update all my packages from the main repositories like I used to. However, I still need to manually compile some of my programs from AUR package builds. I figured since I've already set up my private key with:
pacman-key --init
I should be able to run makepkg with the --sign flag just fine, but I get an error after it creates the package and tries to sign:
==> Signing package...
==> WARNING: Failed to sign package file.
Obviously I'm doing something wrong, but for all my searching I can't figure out what to do. Thanks for help in advance.
Oh and the reason I'm doing this is because pacman won't let me install the package unless it's signed.
Offline
The key setup with pacman-key --init is just for managing your pacman keyring. To sign AUR packages you will need to setup a key with gnupg.
What is your default SigLevel that "pacman -U <file>" does not work?
Offline
I think I had the SigLevel at TrustedOnly but now I'm using "Optional TrustAll" which fixes my problem (in a more indirect way).
Is there some resource I could refer to so that I could sign my own packages? Or is it really not worth it?
Offline
I think I had the SigLevel at TrustedOnly but now I'm using "Optional TrustAll" which fixes my problem (in a more indirect way).
Is there some resource I could refer to so that I could sign my own packages? Or is it really not worth it?
Is someone likely to be able to access your built packages and modify/replace them in between your building them and your installing (or reinstalling) them?
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
Is someone likely to be able to access your built packages and modify/replace them in between your building them and your installing (or reinstalling) them?
Highly unlikely.
Offline
Pages: 1