[arch-releng] [PATCH] Initialize pacman keyring on bootup

Tom Gundersen teg at jklm.no
Sun Jun 24 18:19:39 EDT 2012

On Mon, Jun 25, 2012 at 12:12 AM, Gerardo Exequiel Pozzi
<vmlinuz386 at yahoo.com.ar> wrote:
> On 06/24/2012 06:24 PM, Pierre Schmitz wrote:
>>> * Initialize pacman keyring on bootup
>>> what about leaving pacman-key --init to the user or install script
>>> instead of doing things automatically?
>> What is the downside of doing it automatically here? Everybody will
>> have to do it manually otherwise. You wont only need this to install a
>> system but also to use pacman within your live environment.
>> Greetings,
>> Pierre
> Just to keep, the live-enviroment to the most default possible.
> I am more fan to setup pacman keyring at build time rather than at runtime,
> or there are any downside?

We can't do it at runtime. Unless I'm misunderstanding something, that
would mean we would ship the private keys needed to sign any packaging

To turn it around (I'm inclined to agree with Pierre on this): is
there any use-case where we don't need to be able to install packages
from the live-environment (and hence don't need to generate the key)?


More information about the arch-releng mailing list