[arch-dev-public] Pacman 4.0.0 RC1 "release"
For the daring, pick your poison (by architecture): * pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-i686.pkg.tar.gz * pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-x86_64.pkg.tar.gz Allan, Dave, and I (and probably a few others) run pacman-git on most of our systems with no problems, so their should be no real shockers or problems if you give this a spin. There are no database upgrades or changes this time so downgrading later should work fine if truly necessary. What we're looking for feedback on: * any build failures in makepkg you may see * if you manage a custom repo, how does repo-add work for you * does pacman behave as it did before * if you want to sign packages, does the functionality in makepkg and the documentation make sense * same for signing repos- does it work for you What we know isn't there yet: * translations * a developer keyring (or keyring package)- if you delve into this, you will need to look at pacman-key for now * great error messages on verification failure, or ability to import keys on the fly if it is unknown Note that we'd love testing even if you don't plan on touching any of the new signing stuff- there were 500+ commits worth of changes in this release, including a switch to curl as the download library, so anything out of the ordinary should be reported. Please choose -git as the version in the bugtracker if you do it that way, otherwise email pacman-dev. Happy testing! -Dan
On Thu, Aug 11, 2011 at 12:28 PM, Dan McGee <dpmcgee@gmail.com> wrote:
For the daring, pick your poison (by architecture):
* pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-i686.pkg.tar.gz * pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-x86_64.pkg.tar.gz
Allan, Dave, and I (and probably a few others) run pacman-git on most of our systems with no problems, so their should be no real shockers or problems if you give this a spin. There are no database upgrades or changes this time so downgrading later should work fine if truly necessary.
What we're looking for feedback on:
* any build failures in makepkg you may see * if you manage a custom repo, how does repo-add work for you * does pacman behave as it did before * if you want to sign packages, does the functionality in makepkg and the documentation make sense * same for signing repos- does it work for you
What we know isn't there yet: * translations * a developer keyring (or keyring package)- if you delve into this, you will need to look at pacman-key for now * great error messages on verification failure, or ability to import keys on the fly if it is unknown
Note that we'd love testing even if you don't plan on touching any of the new signing stuff- there were 500+ commits worth of changes in this release, including a switch to curl as the download library, so anything out of the ordinary should be reported. Please choose -git as the version in the bugtracker if you do it that way, otherwise email pacman-dev.
Happy testing!
Darn it- forgot to link to this if you want to see the glorious changelog: http://mailman.archlinux.org/pipermail/pacman-dev/2011-August/014039.html
[2011-08-11 12:28:20 -0500] Dan McGee:
What we're looking for feedback on:
* any build failures in makepkg you may see * if you manage a custom repo, how does repo-add work for you * does pacman behave as it did before * if you want to sign packages, does the functionality in makepkg and the documentation make sense * same for signing repos- does it work for you
My custom repo now has both its packages and db signed; after a few pacman-key invocations, pacman started verifying packages' signatures seamlessly. Great work, guys! I only had a minor issue with repo-add: if it is not run from the repo directory, repo.db.sig is not symlinked to repo.db.tar.gz.sig; so I patched it as follows: diff -aur old/scripts/repo-add.sh.in new/scripts/repo-add.sh.in --- old/scripts/repo-add.sh.in 2011-08-15 16:12:42.000000000 -0700 +++ new/scripts/repo-add.sh.in 2011-08-15 16:31:01.595136037 -0700 @@ -661,7 +661,7 @@ ln -s "$target" "$dblink" 2>/dev/null || \ ln "$target" "$dblink" 2>/dev/null || \ cp "$REPO_DB_FILE" "$dblink" - if [[ -f "$target.sig" ]]; then + if [[ -f "${REPO_DB_FILE%/*}/$target.sig" ]]; then ln -s "$target.sig" "$dblink.sig" 2>/dev/null || \ ln "$target.sig" "$dblink.sig" 2>/dev/null || \ cp "$REPO_DB_FILE.sig" "$dblink.sig" Cheers. -- Gaetan
On 16/08/11 09:38, Gaetan Bisson wrote:
[2011-08-11 12:28:20 -0500] Dan McGee:
What we're looking for feedback on:
* any build failures in makepkg you may see * if you manage a custom repo, how does repo-add work for you * does pacman behave as it did before * if you want to sign packages, does the functionality in makepkg and the documentation make sense * same for signing repos- does it work for you
My custom repo now has both its packages and db signed; after a few pacman-key invocations, pacman started verifying packages' signatures seamlessly. Great work, guys!
I only had a minor issue with repo-add: if it is not run from the repo directory, repo.db.sig is not symlinked to repo.db.tar.gz.sig; so I patched it as follows:
diff -aur old/scripts/repo-add.sh.in new/scripts/repo-add.sh.in --- old/scripts/repo-add.sh.in 2011-08-15 16:12:42.000000000 -0700 +++ new/scripts/repo-add.sh.in 2011-08-15 16:31:01.595136037 -0700 @@ -661,7 +661,7 @@ ln -s "$target" "$dblink" 2>/dev/null || \ ln "$target" "$dblink" 2>/dev/null || \ cp "$REPO_DB_FILE" "$dblink" - if [[ -f "$target.sig" ]]; then + if [[ -f "${REPO_DB_FILE%/*}/$target.sig" ]]; then
Nice spotting. The fix I applied: if [[ -f "${REPO_DB_FILE}.sig" ]]; then Patch sent to pacman-dev. Allan
Any more feedback from anyone that we should roll into rc2, coming "soon"? -Dan On Thu, Aug 11, 2011 at 12:28 PM, Dan McGee <dpmcgee@gmail.com> wrote:
For the daring, pick your poison (by architecture):
* pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-i686.pkg.tar.gz * pacman -U http://dev.archlinux.org/~dan/pacman-4.0.0rc1-1-x86_64.pkg.tar.gz
Allan, Dave, and I (and probably a few others) run pacman-git on most of our systems with no problems, so their should be no real shockers or problems if you give this a spin. There are no database upgrades or changes this time so downgrading later should work fine if truly necessary.
What we're looking for feedback on:
* any build failures in makepkg you may see * if you manage a custom repo, how does repo-add work for you * does pacman behave as it did before * if you want to sign packages, does the functionality in makepkg and the documentation make sense * same for signing repos- does it work for you
What we know isn't there yet: * translations * a developer keyring (or keyring package)- if you delve into this, you will need to look at pacman-key for now * great error messages on verification failure, or ability to import keys on the fly if it is unknown
Note that we'd love testing even if you don't plan on touching any of the new signing stuff- there were 500+ commits worth of changes in this release, including a switch to curl as the download library, so anything out of the ordinary should be reported. Please choose -git as the version in the bugtracker if you do it that way, otherwise email pacman-dev.
Happy testing!
-Dan
participants (3)
-
Allan McRae
-
Dan McGee
-
Gaetan Bisson