tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: signed packages documentation



Havard Eidnes <he%NetBSD.org@localhost> writes:

>>   set GPG to /usr/pkg/bin/pgp2
>
> There's a typo there?  Should have been /usr/pkg/bin/gpg2?

you are right.  shows how long I have been using PGP...

> However, if you
>
>>   build packages normally
>
> using pbulk, the above path to gpg2 is problematic, because pbulk
> will remove all installed packages in the "default path" to
> provide a pristine environment with only the required and
> declared dependent packages prior to each pkg build.
>
> So you need to install gpg2 elsewhere, using a different prefix
> and a different pkg database.  If you installed pbulk into
> (chroot)/usr/pbulk, and the pkg database is the same, that could
> be re-used for the gnupg2 package.

I now understand that packages are signed with pkg_admin after creation,
not at pkg_create time, so yes you need it in the path when you sign but
there is no reason to do that in the chroot, so I think this is a
non-issue.


Home | Main Index | Thread Index | Old Index