[pacman-dev] Pacman 4.0.0rc2

Dan McGee dpmcgee at gmail.com
Thu Sep 29 17:39:24 EDT 2011


On Thu, Sep 29, 2011 at 1:37 PM, Denis A. Altoé Falqueto
<denisfalqueto at gmail.com> wrote:
> On Thu, Sep 22, 2011 at 2:27 PM, Dan McGee <dpmcgee at gmail.com> wrote:
>> Please report any issues you may find with this package, as it is
>> getting very close to being an actual releasable version. These are
>> debug builds with symbols, so getting stack traces and helpful logging
>> should be relatively straight forward if necessary.
>
> I'm using it in a daily basis and it is very good! I just have one
> issue with pacman-key.
>
> I'm using --lsign-key to sign keys locally, so gpg trusts them for
> validating signatures. But pacman-key is confirming the process
> without asking me. It just feeds 'y's to gpg, so it signs the keys
> without I having the chance of doing manual validation of
> fingerprints. I think pacman-key should just let gpg handle the
> process, showing information about the key and asking if I agree with
> that. For example, if one uses --edit-key to sign keys, a manual
> confirmation is needed to get a key signed.
>
> Do you agree? I can send a patch, if that's the case.
If you want this level of control, why wouldn't you just use
`pacman-key --edit-key`?


More information about the pacman-dev mailing list