You are not logged in.

Announcement

Due to heavy spamming of forums registration is going in stages. If you wish to register as a new user with ArchBang Forums, first register and then send an e-mail to: archbangforums at gmail dot com. It should contain the problem you want to discuss or some other AB related content. You will be promoted from registering member with no posting rights to new member with posting rights after that. If your mail is ignored you haven't fulfilled the requirements.

Pages: 1

Topic closed

#1 2012-06-04 16:53:05

xtremyst
ArchBanger
Registered: 2011-11-21
Posts: 176

Having pacman verify packages

moving here the latest news anouncement from Arch homepage

Latest News
RSS Feed
Having pacman verify packages

2012-06-04

For the past six months, pacman's package verification features were turned off by default while we were figuring out the details of our public-key infrastructure.

They have finally been enabled in pacman-4.0.3-2; when you upgrade, you will be prompted to run:

pacman-key --init
pacman-key --populate archlinux

This sets up a local keyring for pacman, and populates it with the data needed to authenticate official packages. This includes five master keys used to authenticate Arch Linux packagers (developers and trusted users), so you do not need to know who joins or leaves the team: you only have to verify those five master keys once and for all. The populate command will prompt you to do so; please do this cautiously by checking the fingerprints displayed against those published on our website.

Then, merge your pacman.conf with pacman.conf.pacnew, that is, enable package verification through the SigLevel option, and you should be good to go.

For details on the development of pacman and archlinux-keyring, see the blog posts of Allan and Pierre.

Offline

#2 2012-06-08 11:41:14

igorka
Member
Registered: 2012-05-21
Posts: 34

Re: Having pacman verify packages

Please, what do you mean with

xtremist wrote:

'merge your pacman.conf with pacman.conf.pacnew

Sorry, I'm not expert with this language... big_smile

Offline

#3 2012-06-08 14:03:05

ratcheer
ArchBanger
Registered: 2011-10-08
Posts: 113

Re: Having pacman verify packages

It is a standard operation in Arch Linux. Since file pacman.conf is maintained by each individual user, if an upgrade simply replaced the file, each user would lose any changes he had made. So, they create new file pacman.conf.pacnew, which you are to inspect for new/changed things that you do not have in your pacman.conf file and add/change them manually.

Tom

Offline

#4 2012-06-09 02:50:13

pablokal
Administrator
From: Nijmegen, Holland
Registered: 2010-10-12
Posts: 2,664
Website

Re: Having pacman verify packages

This is a double with my earlier post: http://bbs.archbang.org/viewtopic.php?id=2911
Thanks for your positive contributions to the forums lately which don't go unnoticed, but please search forums before posting to avoid double posting.

Getting your questions answered here at ArchBang Forums
Please! Always give hardware info, if there is a chance that 's relevant: #lspci -vnn
Quote: What I have learnt from Linux is to minimize dependencies and functionalities for greater independence.
On Arch(bang) and Openbox: http://stillstup.blogspot.com/

Offline

Pages: 1

Topic closed

Board footer

Powered by FluxBB