diff -Naur old/pacman.conf new/pacman.conf --- old/pacman.conf 2012-04-30 12:03:12.870704414 +0200 +++ new/pacman.conf 2012-04-30 12:35:33.646325388 +0200 @@ -42,12 +42,6 @@ # you to locally sign and trust packager keys using `pacman-key` for them to be # considered valid. #SigLevel = Optional TrustedOnly -# If you wish to check signatures but avoid local sign and trust issues, use -# the following line. This will treat any key imported into pacman's keyring as -# trusted. -#SigLevel = Optional TrustAll -# For now, off by default unless you read the above. -SigLevel = Never # # REPOSITORIES @@ -77,11 +71,11 @@ #Include = /etc/pacman.d/mirrorlist [core] -#SigLevel = PackageRequired +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist [extra] -#SigLevel = PackageOptional +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist #[community-testing] @@ -89,7 +83,7 @@ #Include = /etc/pacman.d/mirrorlist [community] -#SigLevel = PackageOptional +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for diff -Naur old/pacman.conf.x86_64 new/pacman.conf.x86_64 --- old/pacman.conf.x86_64 2012-04-30 12:03:12.870704414 +0200 +++ new/pacman.conf.x86_64 2012-04-30 12:35:22.966314170 +0200 @@ -42,12 +42,6 @@ # you to locally sign and trust packager keys using `pacman-key` for them to be # considered valid. #SigLevel = Optional TrustedOnly -# If you wish to check signatures but avoid local sign and trust issues, use -# the following line. This will treat any key imported into pacman's keyring as -# trusted. -#SigLevel = Optional TrustAll -# For now, off by default unless you read the above. -SigLevel = Never # # REPOSITORIES @@ -77,11 +71,11 @@ #Include = /etc/pacman.d/mirrorlist [core] -#SigLevel = PackageRequired +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist [extra] -#SigLevel = PackageOptional +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist #[community-testing] @@ -89,7 +83,7 @@ #Include = /etc/pacman.d/mirrorlist [community] -#SigLevel = PackageOptional +SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist # If you want to run 32 bit applications on your x86_64 system, @@ -100,7 +94,7 @@ #Include = /etc/pacman.d/mirrorlist #[multilib] -#SigLevel = PackageOptional +#SigLevel = PackageRequired #Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for diff -Naur old/pacman.install new/pacman.install --- old/pacman.install 2012-04-30 12:03:12.870704414 +0200 +++ new/pacman.install 2012-04-30 12:36:13.366366907 +0200 @@ -9,7 +9,9 @@ if [ "$(vercmp $2 3.5.0)" -lt 0 ]; then _warnupgrade fi - _check_pubring + if [ ! -f "etc/pacman.d/gnupg/pubring.gpg" ] || [ "$(vercmp $2 4.0.3-2)" -lt 0 ]; then + _check_pubring + fi } post_install() { @@ -17,9 +19,9 @@ } _check_pubring() { - if [ ! -f "etc/pacman.d/gnupg/pubring.gpg" ]; then - echo " >>> Run \`pacman-key --init\` to set up your pacman keyring." - fi + echo " >>> Run \`pacman-key --init; pacman-key --populate archlinux\`" + echo " >>> to import the data required by pacman for package verification." + echo " >>> See: https://www.archlinux.org/news/having-pacman-verify-packages" } _warnupgrade() { diff -Naur old/PKGBUILD new/PKGBUILD --- old/PKGBUILD 2012-04-30 12:03:12.870704414 +0200 +++ new/PKGBUILD 2012-04-30 12:36:46.533068001 +0200 @@ -5,14 +5,14 @@ pkgname=pacman pkgver=4.0.3 -pkgrel=1 +pkgrel=2 pkgdesc="A library-based package manager with dependency support" arch=('i686' 'x86_64') url="http://www.archlinux.org/pacman/" license=('GPL') groups=('base') depends=('bash' 'glibc>=2.15' 'libarchive>=3.0.2' 'curl>=7.19.4' - 'gpgme' 'pacman-mirrorlist') + 'gpgme' 'pacman-mirrorlist' 'archlinux-keyring') makedepends=('asciidoc') optdepends=('fakeroot: for makepkg usage as normal user') backup=(etc/pacman.conf etc/makepkg.conf) @@ -24,8 +24,8 @@ makepkg.conf) md5sums=('387965c7125e60e5f0b9ff3b427fe0f9' '1a70392526c8768470da678b31905a6e' - '4605b3490d4fd1e5c6e20db17da9ded6' - 'a0edf98ad1845a4c7d902a86638d5d2d' + '5c0f4b106a4eba6ded854d545762e9a5' + '40479a57e5bd71a6cb7d1ece3af8c61d' '589cd34eb9d5b678455e8289394f523e') build() {