[pacman-dev] Fwd: Pacman Config File (SigLevel)

Allan McRae allan at archlinux.org
Tue Nov 5 21:29:33 EST 2013


On 06/11/13 07:50, Dave Reisner wrote:
> ----- Forwarded message from Ingenieria Informatica <heyom.student at gmail.com> -----
> 
>> Date: Tue, 5 Nov 2013 22:40:18 +0100
>> From: Ingenieria Informatica <heyom.student at gmail.com>
>> To: dreisner at archlinux.org, dan at archlinux.org, allan at archlinux.org
>> Subject: Pacman Config File (SigLevel)
>>
>> Hello, my name is Hamoud and I have a small question:
>>
>> According to pacman.conf:
>>
>> [options]
>>
>> # By default, pacman accepts packages signed by keys that its local keyring
>> # trusts (see pacman-key and its man page), as well as unsigned packages.
>> SigLevel = Required TrustedOnly
>> LocalFileSigLevel = Required TrustedOnly
>>
>> I understand from the above that signatures will be required from both packages
>> & databases AND If a signature is checked, it must be in the keyring and fully
>> trusted; marginal trust does not meet this criteria.
>>
>> Is that a valid configuration? because I only want to modify the option section
>> as a default control of my packages/databases. I need to harden my system as
>> much as possible specially with signature check (paranoid mode hehe)
>>
>> Thank you very much in advance. :)
>>

Please do not send support emails directly to us.  You are better asking
on public mailing lists and forums if you expect answers.

As to your question "Is that a valid configuration?".   The answer is
yes - perfectly valid.  But it will not work on any distribution using
pacman that I know of.

Allan



More information about the pacman-dev mailing list