[pacman-dev] trustdb locking issues and snippets from the apt changelog

Dan McGee dpmcgee at gmail.com
Fri Apr 22 19:32:54 EDT 2011


Allan and I today, and Denis in the past, noticed some issues with
having a shared public key database and locking that gpg wants to do
when reading from it. Here is an interesting bit from the apt
changelog:

apt (0.6.2) experimental; urgency=low
  * Provide apt-key with a secret keyring and a trustdb, even though we
    would never use them, because it blows up if it doesn't have them

>From what I gather, they don't use the trustdb for the reasons we are
seeing; instead it looks like they have another keyring named
"trusted.gpg" and go forth with the assumption that everything in
there is to be trusted.

-Dan


More information about the pacman-dev mailing list