Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update action.yml #56

Merged
merged 1 commit into from
Feb 24, 2024
Merged

Update action.yml #56

merged 1 commit into from
Feb 24, 2024

Conversation

JuckZ
Copy link
Contributor

@JuckZ JuckZ commented Sep 5, 2023

Locally sign a public GPG key in the context of the Pacman.

Locally sign a public GPG key in the context of the Pacman.
Copy link
Collaborator

@boredland boredland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess that makes sense, but how did this even work without it?

@JuckZ
Copy link
Contributor Author

JuckZ commented Sep 5, 2023

If you only run sudo pacman-key --keyserver keys.openpgp.org --recv-key xxx without following it with sudo pacman-key --lsign-key xxx, you will successfully import the public key into your local keyring but it will not be marked as "trusted." As a result, if you try to install a package that is signed with this key, Pacman will reject it, producing an "unknown trust" or similar error message.

@boredland
Copy link
Collaborator

If you only run sudo pacman-key --keyserver keys.openpgp.org --recv-key xxx without following it with sudo pacman-key --lsign-key xxx, you will successfully import the public key into your local keyring but it will not be marked as "trusted." As a result, if you try to install a package that is signed with this key, Pacman will reject it, producing an "unknown trust" or similar error message.

Ah, that makes sense! Thanks for the explanation!

@boredland
Copy link
Collaborator

I am not sure why the test-build fails. Will have to look later...

@boredland boredland merged commit 7d5e554 into manjaro:main Feb 24, 2024
1 of 2 checks passed
joaopauloalbq added a commit to suitlinux/suit-iso-action that referenced this pull request Mar 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants