Date: Sunday, June 3, 2012 @ 01:22:57
Author: bisson
Revision: 160647
upgpkg: pacman 4.0.3-2
- enable signature verification in pacman.conf, pacman.conf.x86_64
- add post_install instructions to create and populate keyring
- add dependency on archlinux-keyring
Modified:
pacman/trunk/PKGBUILD
pacman/trunk/pacman.conf
pacman/trunk/pacman.conf.x86_64
pacman/trunk/pacman.install
+
PKGBUILD |8
pacman.conf| 23 +--
pacman.conf.x86_64 | 25 ++---
pacman.install | 10 ++
4 files changed, 29 insertions(+), 37 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2012-06-03 04:02:31 UTC (rev 160646)
+++ PKGBUILD2012-06-03 05:22:57 UTC (rev 160647)
@@ -5,14 +5,14 @@
pkgname=pacman
pkgver=4.0.3
-pkgrel=1
+pkgrel=2
pkgdesc=A library-based package manager with dependency support
arch=('i686' 'x86_64')
url=http://www.archlinux.org/pacman/;
license=('GPL')
groups=('base')
depends=('bash' 'glibc=2.15' 'libarchive=3.0.2' 'curl=7.19.4'
- 'gpgme' 'pacman-mirrorlist')
+ 'gpgme' 'pacman-mirrorlist' 'archlinux-keyring')
makedepends=('asciidoc')
optdepends=('fakeroot: for makepkg usage as normal user')
backup=(etc/pacman.conf etc/makepkg.conf)
@@ -24,8 +24,8 @@
makepkg.conf)
md5sums=('387965c7125e60e5f0b9ff3b427fe0f9'
'1a70392526c8768470da678b31905a6e'
- '4605b3490d4fd1e5c6e20db17da9ded6'
- 'a0edf98ad1845a4c7d902a86638d5d2d'
+ '99734ea46795f466d41c503e9e23b6d4'
+ '556d49489e82b5750cf026d3b18c8f4f'
'589cd34eb9d5b678455e8289394f523e')
build() {
Modified: pacman.conf
===
--- pacman.conf 2012-06-03 04:02:31 UTC (rev 160646)
+++ pacman.conf 2012-06-03 05:22:57 UTC (rev 160647)
@@ -36,19 +36,14 @@
CheckSpace
#VerbosePkgLists
-# PGP signature checking
-# NOTE: None of this will work without running `pacman-key --init` first.
-# The compiled in default is equivalent to the following line. This requires
-# you to locally sign and trust packager keys using `pacman-key` for them to be
-# considered valid.
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
#SigLevel = Optional TrustedOnly
-# If you wish to check signatures but avoid local sign and trust issues, use
-# the following line. This will treat any key imported into pacman's keyring as
-# trusted.
-#SigLevel = Optional TrustAll
-# For now, off by default unless you read the above.
-SigLevel = Never
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
#
# REPOSITORIES
# - can be defined here or included from another file
@@ -77,11 +72,11 @@
#Include = /etc/pacman.d/mirrorlist
[core]
-#SigLevel = PackageRequired
+SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist
[extra]
-#SigLevel = PackageOptional
+SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist
#[community-testing]
@@ -89,7 +84,7 @@
#Include = /etc/pacman.d/mirrorlist
[community]
-#SigLevel = PackageOptional
+SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist
# An example of a custom package repository. See the pacman manpage for
Modified: pacman.conf.x86_64
===
--- pacman.conf.x86_64 2012-06-03 04:02:31 UTC (rev 160646)
+++ pacman.conf.x86_64 2012-06-03 05:22:57 UTC (rev 160647)
@@ -36,19 +36,14 @@
CheckSpace
#VerbosePkgLists
-# PGP signature checking
-# NOTE: None of this will work without running `pacman-key --init` first.
-# The compiled in default is equivalent to the following line. This requires
-# you to locally sign and trust packager keys using `pacman-key` for them to be
-# considered valid.
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
#SigLevel = Optional TrustedOnly
-# If you wish to check signatures but avoid local sign and trust issues, use
-# the following line. This will treat any key imported into pacman's keyring as
-# trusted.
-#SigLevel = Optional TrustAll
-# For now, off by default unless you read the above.
-SigLevel = Never
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
#
# REPOSITORIES
# - can be defined here or included from another file
@@ -77,11 +72,11 @@
#Include = /etc/pacman.d/mirrorlist
[core]
-#SigLevel = PackageRequired
+SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist