[arch-general] Problem automatically importing key for signed package.

Peter Lewis plewis at aur.archlinux.org
Sat Nov 5 19:40:55 EDT 2011


I've been trying to get to grips with the package signing stuff, and have just
added my first signed package (choqok) to [community], but am having a problem
installing it from the repo, when pacman doesn't already know about my key. I'm
probably missing a step somewhere, or maybe I've found a bug, not sure.

I followed the instructions on the wiki, with the slight difference that I
already had a key, so just used that one.

Here's the problem. After successfully building in a chroot and submitting and
signing the package, all using devtools, I get this:

% sudo pacman -S choqok


error: choqok: key "22AD5874F39D989F" is unknown
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

I tried the obvious cache clearing and -Syy'ing, just to be sure, but that
didn't fix it.

For other people's packages, after the "key XXX unknown" message, I get the
option to get it from the keyserver and add it to pacman's keyring. But I don't
get that option for my own key.


% gpg --homedir gpg-temp --keyserver pgp.mit.edu --recv-keys 22AD5874F39D989F
gpg: requesting key F39D989F from hkp server pgp.mit.edu
gpg: key E19DAA50: public key "Peter Richard Lewis <pete at muddygoat.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

And just to be sure, in my build directory:

% gpg --verify choqok-1.2-2-x86_64.pkg.tar.xz.sig
gpg: Signature made Sat 05 Nov 2011 05:27:56 PM GMT using RSA key ID F39D989F
gpg: Good signature from "Peter Richard Lewis <pete at muddygoat.org>"
gpg:                 aka "Peter Richard Lewis <prlewis at letterboxes.org>"
gpg:                 aka "Peter Richard Lewis <p.r.lewis at cs.bham.ac.uk>"
gpg:                 aka "Peter Richard Lewis <plewis at aur.archlinux.org>"

At first I thought that maybe pacman wouldn't support multiple UIDs, but then
pacman-key -l shows up that several devs and TUs have this.

Did I miss something that I should have done?



More information about the arch-general mailing list