[arch-general] Package are signed... but pacman doesn't like them...?

Giovanni 'ItachiSan' Santini itachi.sama.amaterasu at gmail.com
Mon Jul 4 09:58:54 UTC 2016 

Il 03/07/2016 23:50, Christian Hesse ha scritto:
> 
> The db file is just a simple tar archive, compressed with gzip. Unzip it and
> you will find a directory for every package. Every directory contains the
> file 'desc' at least. Within the file you should find a line '%PGPSIG%',
> followed by a single line containing the signature.
> Looks like the build service breaks this line, which confuses pacman.
> 

I've opened an issue and created a pull request, as I made some
experiments with perl in order to have the script working; the issue
(now closed) is here:
https://github.com/openSUSE/open-build-service/issues/1907

Now, pacman recognises the key and accepts the package, but it still
complains a little, saying that the signature format is unsupported:

--- Terminal output starts here
$ LANG=C sudo pacman -Sy dpkg
:: Synchronizing package databases...
 ... sync stuff here ...
resolving dependencies...
looking for conflicting packages...

Packages (1) dpkg-1.17.25-1

Total Download Size:   1.46 MiB
Total Installed Size:  9.20 MiB

:: Proceed with installation? [Y/n]
:: Retrieving packages...
 dpkg-1.17.25-1-x86_64   1492.1 KiB   $speed 00:00 [--------------] 100%
(1/1) checking keys in keyring                     [--------------] 100%
error: dpkg: unsupported signature format(0/1)
checking package integrity                         [co  o  o  o  o  o
(1/1) checking package integrity                   [--------------] 100%
(1/1) loading package files                        [--------------] 100%
 ... installation stuff here ...
--- Terminal output ends here

Why does pacman give that error?
As it marks it as an error, but it install the package anyways...!

-- 
Giovanni Santini
My blog: http://giovannisantini.tk
My code: https://github.com/ItachiSan
My code, again: https://gitlab.com/u/ItachiSan
My Twitter: https://twitter.com/santini__gio
My Facebook: https://www.facebook.com/giovanni.santini
My Google+: https://plus.google.com/+GiovanniSantini/
My GPG: 2FADEBF5

More information about the arch-general mailing list