[arch-general] Package signature error after updated GPG key

NicoHood archlinux at nicohood.de
Wed Jul 8 19:21:22 UTC 2020


On 7/8/20 9:14 PM, Filipe Laíns via arch-general wrote:
> On Wed, 2020-07-08 at 21:08 +0200, NicoHood wrote:
>> Hey guys,
>> i have recently received the attached email from a user. He cannot
>> install a package from me due to a GPG error. I have recently updated my
>> key and it should have been added to the new keyring. I don't know a
>> better solution, who can help us?
>>
>> Cheers,
>> Nico
> 
> IIRC GPG uses the latest subkey by default, if you crated a new one it
> would be used, I assume this is what happened. If you haven't already
> revoked the older subkey(s), you should be able set GPGKEY in
> makepkg.conf and use it instead.
> 
> Cheers,
> Filipe Laíns
> 

I am not sure if I understood correct. I've simply refreshed the gpg key
(and the subkey) which was included into the new keyring. The package
that causes trouble is older than that change. Since makepkg refers to
package building, I think this does not help here. I expect that I do
not need to rebuild all packages just because the GPG key was renewed.

Is it more clear now?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200708/1296465f/attachment.sig>


More information about the arch-general mailing list