[Dev] [PATCH] libretools: fix i686 gpg signature failures

Andreas Grapentin andreas at grapentin.org
Wed Mar 21 07:56:19 GMT 2018

On Wed, Mar 21, 2018 at 12:58:28AM -0600, Isaac David wrote:
> more precisely, Arch's arch=(any) packages may override
> existing ALARM or Arch32 pkgnames -- they are given priority
> and all architectures are meant to use archlinux-keyring.
> i don't expect this scenario to surface often in practice,
> since both ALARM and Arch32 follow Arch, not the other way
> around.
> on the other hand, ALARM and Arch32's arch=(any) packages aren't
> allowed to override Arch's arch=(any) stuff, nor each other's.
> this is the relevant code:
> https://git.parabola.nu/packages/dbscripts.git/tree/db-import-pkg?id=78fd5a0ca15cedc369ffd6c8035fd573ca253d76#n124
> https://git.parabola.nu/packages/dbscripts.git/tree/db-import-pkg?id=78fd5a0ca15cedc369ffd6c8035fd573ca253d76#n304

Isn't this asking for trouble when arch32 or alarm make significant
changes to an -any package, required for it to function correctly on the
respective platforms?

This might never happen though, so it's probably okay, but one of these
days we should probably check for this, to be safe :)



my GPG Public Key:                 https://files.grapentin.org/.gpg/public.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20180321/3b8548e2/attachment.sig>

More information about the Dev mailing list