You are not logged in.

#1 2018-10-21 08:14:22

mouseman
Member
From: Outta nowhere
Registered: 2014-04-04
Posts: 291

[Solved] archiso missing key for user repository

I can't believe I am the first to have to ask, but after searching the forums and reading the wiki and official documentation, it is unclear to me what I am missing in my steps to build am archiso with the user repo keys included for archzfs and the zfs-packages.

I've edited the pacman.conf with the archzfs repo. The system I am building the iso on has the repository and keys, and has the zfs packages installed. I edited packages file to include the group. I tried to build it with sudo first, but later with root as in my experience this (rarely but does) makes a difference sometimes. In this case it doesn't tongue.

The iso builds fine and boots, and has the packages installed. zpool and zfs commands work straight after boot. However, when I do pacman -Sy it complains it is missing the key and I need to do issue a pacman-key -r and lsign-key first.

So how do I include the key for archzfs repo on the archiso?

As always, thanks for the help!

:: Edit, to expand, I tried adding the pacman-key --init, pacman-key -r and lsign-key commands in airootfs/root/customize_airootfs.sh but even though it builds and boots, the repo doesn't work.

Last edited by mouseman (2018-10-22 15:37:23)

Offline

#2 2018-10-22 00:06:25

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: [Solved] archiso missing key for user repository

The archiso explicitly does not contain the pacman keyring, as that's a security vulnerability -- it would bake the private key into the ISO image.

Instead see configs/releng/airootfs/etc/systemd/system/pacman-init.service

I guess you'll want to not rely on internet thought -- so instead, store the pubkey.asc on the airootfs, and modify the pacman-init.service to import that too. The most beautiful way to do it would be using a foo-keyring package that installs a complete keyring that can be '--populate'd.


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#3 2018-10-22 15:37:10

mouseman
Member
From: Outta nowhere
Registered: 2014-04-04
Posts: 291

Re: [Solved] archiso missing key for user repository

Thanks for the clarification!

Apparently there's a new kernel so building a new iso right now runs into a dependency issue that I need to figure out how to work around before I can try your solution. I'm sure it will work though thanks wink.

Offline

Board footer

Powered by FluxBB