poudriere/pkg signing issue
- Reply: Jan Bramkamp : "Re: poudriere/pkg signing issue"
- Reply: Baptiste Daroussin : "Re: poudriere/pkg signing issue"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 27 Jun 2023 08:50:53 UTC
Hej there, I hope someone has an idea regarding this: I've just encountered something pretty odd. We've been using poudriere since quite some time, so we automated the cert deployment of our pkg repository on all consuming machines. As of today, pkg refuses to play ball: # pkg update Updating pkg.myrepo repository catalogue... Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 Fetching packagesite.pkg: 100% 365 KiB 374.2kB/s 00:01 pkg: -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5NRaOU1YuSKe9GXIu0IU xrGWnDPS/r68v9u6GPw+7FbwNo8J9Xl06zZW6u4zuSOgyVbxo1w7bnvNQNwPoPYs UIqR8KLHdUm1qpj1FGC3db8Bmhjk/dc8hIS72f15B+G9zsdRzTMNsvQzTvPgWAWX buFF39bxnnElhxOGAiw1dgGRKNuHTNNWga7yyMcMsB8f+6Uc8tqIRUX+gOSzZy2B FpocZ1vnQg1V2JctvSRzriS9spxcEko7mxDYjo3jRuVHU6omwOuwH2DEkO8fPkLg yhzBM6HDYE8O/Z+Ma7gD2++keSDJgTynzEVgv5mTGys2OkcWgshjjyqlE4TkRqXu Sjeyk/V+vGPAmWJYQcG0fSXUjIgaOMRPKpOKrR2nAjNDsQW6Ljjh6/IgDiF33vz6 9ORC6r8V8uLGkvYDWS1tja657qKHWP6pitBm/vQNmoTF2FotES36+dH0YD2i4vZ+ VQNjqvLzjt88Oyq7v5QjeAoeicyLMNzp5CodWgXeiRvN8wkAgU+5C0esMaUmk9CA P83kY/sXjxis0ISYe6Nic9z6AsfJPA9BSS2wP0TNxQ4sdvXwZmF/rZ9xX7SQVoL3 opjLiCNQwX2UjwlJe27A6M46Hp4DDtWYFZ6w+K/hdn7MTI26MWzhlGIyD/Hx0IRu Ii5RX8o2S8TctAxUJb1qxxkCAwEAAQ== -----END PUBLIC KEY-----: rsa signature verification failure pkg: Invalid signature, removing repository. Unable to update repository pkg.myrepo Error updating repositories! When I switch back to the .real_xxx directory of the day before, everything works fine. I can't quite figure out what caused this thing to break. It seems, as of today, we're shipping a different pkg.pkg.pubkeysig in the Latest folder, but the key configured in PKG_REPO_SIGNING_KEY hasn't moved since forever and I also compared it to backups, so nothing changed. Cheers, Philip