On Sat, Nov 5, 2011 at 18:40, Peter Lewis <plewis@xxxxxxxxxxxxxxxxx> wrote: > Hi, > > I've been trying to get to grips with the package signing stuff, and have > just > added my first signed package (choqok) to [community], but am having a > problem > installing it from the repo, when pacman doesn't already know about my > key. I'm > probably missing a step somewhere, or maybe I've found a bug, not sure. > > I followed the instructions on the wiki, with the slight difference that I > already had a key, so just used that one. > > Here's the problem. After successfully building in a chroot and submitting > and > signing the package, all using devtools, I get this: > > % sudo pacman -S choqok > > ... > > error: choqok: key "22AD5874F39D989F" is unknown > error: failed to commit transaction (invalid or corrupted package (PGP > signature)) > Errors occurred, no packages were upgraded. > > I tried the obvious cache clearing and -Syy'ing, just to be sure, but that > didn't fix it. > > For other people's packages, after the "key XXX unknown" message, I get the > option to get it from the keyserver and add it to pacman's keyring. But I > don't > get that option for my own key. > > But: > > % gpg --homedir gpg-temp --keyserver pgp.mit.edu --recv-keys > 22AD5874F39D989F > gpg: requesting key F39D989F from hkp server pgp.mit.edu > gpg: key E19DAA50: public key "Peter Richard Lewis <pete@xxxxxxxxxxxxx>" > imported > gpg: no ultimately trusted keys found > gpg: Total number processed: 1 > gpg: imported: 1 > > And just to be sure, in my build directory: > > % gpg --verify choqok-1.2-2-x86_64.pkg.tar.xz.sig > gpg: Signature made Sat 05 Nov 2011 05:27:56 PM GMT using RSA key ID > F39D989F > gpg: Good signature from "Peter Richard Lewis <pete@xxxxxxxxxxxxx>" > gpg: aka "Peter Richard Lewis <prlewis@xxxxxxxxxxxxxxx>" > gpg: aka "Peter Richard Lewis <p.r.lewis@xxxxxxxxxxxxx>" > gpg: aka "Peter Richard Lewis <plewis@xxxxxxxxxxxxxxxxx>" > > > At first I thought that maybe pacman wouldn't support multiple UIDs, but > then > pacman-key -l shows up that several devs and TUs have this. > > Did I miss something that I should have done? > > Thanks, > > Pete. > Pete: You need to import your key into the pacman-key database with sudo pacman-key --keysever pgp.mit.edu -r 22AD5874F39D989F, then everything shoud work fine. You can also put keyserver hkp://pgp.mit.edu in /etc/pacman.d/gnupg/gnupg.conf and pacman-key will use pgp.mit.eduautomatically. Myra -- Life's fun when your sick and psychotic!
