Hi Tobias, Thanks for the explanation. A few questions though -- sorry. On Mon, Sep 15, 2014 at 09:37:40PM +0200, Tobias Hunger wrote:
Well, I do not put the secret keyring into the images, so everything should be fine.
So, you never run pacman from within an image, or have sig. validation disabled in pacman.conf?
Pacman can still validate images, so everything is well.
Do you mean packages in an image?
Local installs are not possible anyway.
What's a local install? I mean, if you treat images atomically, why do you need pacman (and associated DB) at all? You should have it only on the buildhost that generates the images (I couldn't find details in your previous emails in this thread).
In the general case 'pristine' is probably the settings shipped by the various arch linux packages.
But those do not usually provide sane defaults, e.g. smartd.conf, dnsmasq.conf, syslog-ng.conf, wpa_supplicant.conf, and must be edited anyway. Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D