14 Feb
2014
14 Feb
'14
12:05 p.m.
Am 14.02.2014 12:43, schrieb Don deJuan:
wouldn't is make more sense to have a systemd timer/cron job to frequently refresh pacman keyring?
pacman-key --refresh-keys ??
If you are paranoid enough that a former Arch developer or TU will be able to inject a broken package into a mirror, then it certainly helps you to run 'pacman-key --refresh-keys' regularly. You can also do so on the live CD. This will not automatically add new keys, but certainly remove trust from revoked keys.