[pacman-dev] packages not signed

Allan McRae allan at archlinux.org
Wed Sep 26 17:07:33 EDT 2012

On 27/09/12 02:13, Christian Hesse wrote:
> Dave Reisner <d at falconindy.com> on Wed, 2012/09/26 11:37:
>> On Wed, Sep 26, 2012 at 04:54:04PM +0200, Christian Hesse wrote:
>>> Hello everybody,
>>> I have just installed pacman-git v4.0.3.402.g2abe1f1-1. Everything works
>>> just fine except one thing: package signing does not work though it is
>>> requested in makepkg.conf with BUILDENV=(... sign). Giving --sign to
>>> makepkg works, however. What is wrong with the BUILDENV array in
>>> makepkg.conf?
>> This isn't git specific -- signing behaves the same way in 4.0.3. You
>> need to specify your key shorthash, e.g. GPGKEY=F56C0C53 in makepkg.conf
>> as well. The setting is just below the 'PACKAGER' variable in the
>> default shipped config.
> I have tried with my mail address as well as the shorthash, both do not
> work. No problem with pacman 4.0.3.
> Just took a look at the source code... create_signature() at line 1806 returns
> without any action if SIGNPKG does not equal to "y". But SIGNPKG is only set
> to "y" with --sign, no matter what check_buildenv returns.
> The attached patch fixes this for me.

@Dave: this is fallout of 9dd42dc0.   Can you take a look?


More information about the pacman-dev mailing list