[pacman-dev] [PATCH] Add Keyring/--keyring option in alpm/pacman

Geoffroy Carrier geoffroy.carrier at koon.fr
Mon Jun 2 19:59:26 EDT 2008

Excerpts from Geoffroy Carrier's message of Tue Jun 03 01:46:11 +0200 2008:
> Now that I have a keyring, I'd like to start using it :)

Some more throught about the whole system-based keyring and how it could
be used:
in [core], archlinux-keyring which provides /etc/pacman.d/archlinux.gpg
Used by default by pacman.

in [anyrepo], anyrepo-keyring which provides /etc/pacman.d/anyrepo.gpg

If you want to check packages on many repos, you should know who you
trust, wherever their packages come from.
So basically, you change Keyring to /etc/pacman.d/mybelovedsystem.gpg in
pacman.conf, and then merge keyrings in it.
We could provide a few small bash scripts that basically permit such easy
gpg-merge-keyrings /etc/pacman.d/{archlinux,anyrepo,anyotherepo,mybelovedsystem}.gpg
gpg-add-keyring /etc/pacman.d/{kdemod,mybelovedsystem}.gpg

Actually, that seems the KISSer way to me. But clearly user-centric, not
user-friendly :)

Geoffroy Carrier

More information about the pacman-dev mailing list