[Dev] GPG keys not recognized by Winstone
Andreas Grapentin
andreas at grapentin.org
Mon May 1 06:48:31 GMT 2017
I did some more digging, and it seems that pacman-key on winston needs a
trustdb update. pacman-key is unable to verify on its own:
[repo at winston ~]$ GNUPGHOME=/etc/pacman.d/gnupg/ gpg --verify staging/andi/staging/libre/cups-filters-1.13.4-1.parabola3-x86_64.pkg.tar.xz.sig
gpg: WARNING: unsafe ownership on homedir '/etc/pacman.d/gnupg/'
gpg: assuming signed data in 'staging/andi/staging/libre/cups-filters-1.13.4-1.parabola3-x86_64.pkg.tar.xz'
gpg: Signature made Mon 01 May 2017 06:33:03 AM GMT
gpg: using RSA key BFA8008A8265677063B11BF47171986E4B745536
gpg: Note: trustdb not writable
gpg: checking the trustdb
gpg: trustdb rec 30: write failed (n=-1): Bad file descriptor
gpg: trustdb: sync failed: Bad file descriptor
once you add --no-auto-check-trustdb, it seems to work:
[repo at winston ~]$ GNUPGHOME=/etc/pacman.d/gnupg/ gpg --no-auto-check-trustdb --verify staging/andi/staging/libre/cups-filters-1.13.4-1.parabola3-x86_64.pkg.tar.xz.sig
gpg: WARNING: unsafe ownership on homedir '/etc/pacman.d/gnupg/'
gpg: assuming signed data in 'staging/andi/staging/libre/cups-filters-1.13.4-1.parabola3-x86_64.pkg.tar.xz'
gpg: Signature made Mon 01 May 2017 06:33:03 AM GMT
gpg: using RSA key BFA8008A8265677063B11BF47171986E4B745536
gpg: Note: trustdb not writable
gpg: please do a --check-trustdb
gpg: Good signature from "Andreas Grapentin <andreas.grapentin at hpi.uni-potsdam.de>" [unknown]
gpg: aka "Andreas Grapentin <andreas at grapentin.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: BFA8 008A 8265 6770 63B1 1BF4 7171 986E 4B74 5536
trustdb updates need root powers though, so someone with the required
permissions needs to do it :)
-A
On Sun, Apr 30, 2017 at 05:46:14PM -0300, Megver83 wrote:
> Hi everyone. Some days ago ovruni told us he had problems with his GPG
> key and he couldn't upload anything to the repositories. Recently I
> noted that I was having the same issue, and oaken-source also (he said
> it on IRC). Looks like our keys are untrusted (or not recognized?) -->
> https://dpaste.de/Rkue/raw
> this is the output of 'librerelase' --> https://dpaste.de/vOD1/raw
>
> I hope this fixes soon, right now there are some urgent packages to
> upload. Thanks in advance.
>
> Cheers.
>
> --
> SIP: megver83 at sip.linphone.org
> XMPP: megver83 at diasp.org
> Tox: megver83 at toxme.io
> GPG: 0x227CA7C556B2BA78
> GNUSocial: @megver83 at quitter.cl
> Diaspora*: David P. (same XMPP ID)
> _______________________________________________
> Dev mailing list
> Dev at lists.parabola.nu
> https://lists.parabola.nu/mailman/listinfo/dev
--
------------------------------------------------------------------------------
my GPG Public Key: https://files.grapentin.org/.gpg/public.key
------------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20170501/7bccc3a3/attachment.sig>
More information about the Dev
mailing list