10.2-RELEASE-p2 lost ability to bootstrap pkg with signature_type="pubkey"
Bryan Drewery
bdrewery at FreeBSD.org
Mon Sep 14 22:44:03 UTC 2015
On 9/9/15 12:14 AM, Marko Cupać wrote:
> On Tue, 8 Sep 2015 23:28:59 +0200
> Baptiste Daroussin <bapt at FreeBSD.org> wrote:
>
>> On Tue, Sep 08, 2015 at 12:38:38PM +0200, Marko Cupać wrote:
>>> Hi,
>>>
>>> I just found out that 10.2-RELEASE-p2 lost ability to bootstrap pkg
>>> with signature_type="pubkey".
>>>
>>> Quick search returns:
>>> https://github.com/freebsd/pkg/issues/1309
>>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202622
>>>
>>> I guess it is not hard to switch repo to fingerprints, however I
>>> would not expect to lose this functionality by updating to
>>> patchlevel.
>>>
>> Implemented in head: r287579 I will MFC it asap. And see if it cannot
>> be added asap to a next patchlevel update.
>>
>> Best regards,
>> Bapt
>
> Thanx!
>
> Just a few quick not-completely-related questions: poudriere has the
> ability to sign repos with PKG_REPO_SIGNING_KEY, but not with external
> command, right?
Poudriere already has SIGNING_COMMAND support for external command. It
is used for the fingerprints signing on pkg.FreeBSD.org.
What is lacking is signing pkg with the new format added in r287579 when
using pubkey.
I am adding it in now for the next release.
>
Is there a plan to support it? Can I build packages in
> poudriere without PKG_REPO_SIGNING_KEY, and sign repo later on with
> external command?
>
> Regards,
>
--
Regards,
Bryan Drewery
More information about the freebsd-stable
mailing list