[pacman-dev] Tested pacman 4.0.0rc2-1 - the results

Dave Reisner d at falconindy.com
Fri Oct 7 22:18:20 EDT 2011

On Sat, Oct 08, 2011 at 04:00:33AM +0200, Daniel Nilsson wrote:
> Hi.
> I've tested pacman 4.0.0rc2-1 on a fresh arch netinstall in virtualbox to test the new signature checking.
> I followed the instructions on this page (the rc2 announcement):
> http://mailman.archlinux.org/pipermail/arch-dev-public/2011-September/021632.html
> First I did a full system upgrade with:
> # pacman -Syyu
> then I installed pacman rc2 with:
> # pacman -U pacman-4.0.0rc2-1-i686.pkg.tar.gz  
> install finished without errors.
> Then I did:
> # pacman-key --init
> which yielded the following:
> "gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb createdgpg: no ultimately trusted keys foundgpg: Generating pacman keychain master key...
> Not enough random bytes available. Please do some other work to givethe OS a chance to collect more entropy! (Need 284 more bytes)"
> I waited for a while but the command never finished.
> I tried to reboot, ran "pacman-key --init" once again and got the same message as above but with "(Need 282 more bytes)" instead.Waited for a while to see if it would finish but there was no progress.
> I hope this feedback will help pacman development. Please let me know if I should provide more info.
> (I've not tested the x86-64 version yet).   

The simple solution here is to generate the keyring on your actual
dekstop, rather than on the VM. gpg relies on /dev/random, which will
block until it has sufficient entropy to generate enough data for gpg.
It's usually easy enough to generate on real hardware because you can
just mash your face on the keyboard or jiggle the mouse to create the
randomness needed.


More information about the pacman-dev mailing list