On 06/24/2012 07:29 PM, Pierre Schmitz wrote:
Am 25.06.2012 00:12, schrieb Gerardo Exequiel Pozzi:
On 06/24/2012 06:24 PM, Pierre Schmitz wrote:
* Initialize pacman keyring on bootup what about leaving pacman-key --init to the user or install script instead of doing things automatically? What is the downside of doing it automatically here? Everybody will have to do it manually otherwise. You wont only need this to install a system but also to use pacman within your live environment.
Greetings,
Pierre
Just to keep, the live-enviroment to the most default possible. I am more fan to setup pacman keyring at build time rather than at runtime, or there are any downside? The downside is that you cannot. It is very important that everybody has its own secret key and that it stays secret. If we ship a private key, everybody would be able to sign any package with it and pacman would accept this.
So we really need to create the key pair at runtime. And as everybody has to do it in order to use pacman (with signature verification enabled) we might as well script it. OK. Thanks for your explanation :)
Maybe in a future, this "rc.d/pacman-init", can be part of the pacman pkg.
I am not sure I get the statement about "default". By default pacman ships no keyring and asks you to create it right after installing. By automating this step the result wont be different.
Greetings,
Pierre
-- Gerardo Exequiel Pozzi \cos^2\alpha + \sin^2\alpha = 1