On Mon, Aug 29, 2011 at 12:42, Gaetan Bisson <bisson@xxxxxxxxxxxxx> wrote: > [2011-08-29 12:13:29 -0500] Myra Nelson: >> If I sign the >> package with makepkg or manually with gpg --detach-sign, it creates a >> it creates a detached signature, .sig file. I have my key using >> pacman-key. When I attempt to install the package I get an error >> message "invalid or corrupted package (PGP signature)". > > You also need to `pacman-key --edit-key` your key and put its trust > level to ultimate. > >> If I manually >> sign the package with gpg --sign, every thing is fine. > > Not sure I understand what you mean here... > > Cheers. > > -- > Gaetan > If I use gpg --sign instead of gpg --detach-sign the package verifies and installs just fine. That's what stumped me. Myra -- Life's fun when your sick and psychotic!
