Hi, I've been trying to get to grips with the package signing stuff, and have just added my first signed package (choqok) to [community], but am having a problem installing it from the repo, when pacman doesn't already know about my key. I'm probably missing a step somewhere, or maybe I've found a bug, not sure. I followed the instructions on the wiki, with the slight difference that I already had a key, so just used that one. Here's the problem. After successfully building in a chroot and submitting and signing the package, all using devtools, I get this: % sudo pacman -S choqok ... error: choqok: key "22AD5874F39D989F" is unknown error: failed to commit transaction (invalid or corrupted package (PGP signature)) Errors occurred, no packages were upgraded. I tried the obvious cache clearing and -Syy'ing, just to be sure, but that didn't fix it. For other people's packages, after the "key XXX unknown" message, I get the option to get it from the keyserver and add it to pacman's keyring. But I don't get that option for my own key. But: % gpg --homedir gpg-temp --keyserver pgp.mit.edu --recv-keys 22AD5874F39D989F gpg: requesting key F39D989F from hkp server pgp.mit.edu gpg: key E19DAA50: public key "Peter Richard Lewis <pete@xxxxxxxxxxxxx>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 And just to be sure, in my build directory: % gpg --verify choqok-1.2-2-x86_64.pkg.tar.xz.sig gpg: Signature made Sat 05 Nov 2011 05:27:56 PM GMT using RSA key ID F39D989F gpg: Good signature from "Peter Richard Lewis <pete@xxxxxxxxxxxxx>" gpg: aka "Peter Richard Lewis <prlewis@xxxxxxxxxxxxxxx>" gpg: aka "Peter Richard Lewis <p.r.lewis@xxxxxxxxxxxxx>" gpg: aka "Peter Richard Lewis <plewis@xxxxxxxxxxxxxxxxx>" At first I thought that maybe pacman wouldn't support multiple UIDs, but then pacman-key -l shows up that several devs and TUs have this. Did I miss something that I should have done? Thanks, Pete.
