[arch-general] Pacman and package signing
Gaetan Bisson
bisson at archlinux.org
Mon Aug 29 15:04:49 EDT 2011
[2011-08-29 13:51:07 -0500] Myra Nelson:
> If I use gpg --sign instead of gpg --detach-sign the package verifies
> and installs just fine. That's what stumped me.
That's because since its suffix is not sig (in that case, a gpg file is
created containing both the package and the signature) the signature
file is ignored by repo-add and pacman just sees an unsigned package.
--
Gaetan
More information about the arch-general
mailing list