search

alexheretic / aurto

Arch Linux AUR tool for managing an auto-updating local 'aurto' package repository
MIT License
134 stars 9 forks source link

Signing packages? #73

Open BrianAllred opened 2 years ago

BrianAllred commented 2 years ago

How do you correctly configure package signing? I've edited /etc/aurto/makepkg-chroot.conf and set BUILDENV to sign and I generated a new gpg key with gpg --gen-key with the same user that aurto runs operations as, but adding packages fails at the signing step.

Signing works correctly with the same configuration in /etc/makepkg.conf and running makepkg.

alexheretic commented 2 years ago

The issue is probably related to chroot building. I haven't looked into signing in chroot with aurutils, so I'm not sure how hard a barrier it is.

The other option is to disable chroot building which should work, though loses the advantages of chroot.

On Fri, 25 Mar 2022, 15:39 Brian Allred, @.***> wrote:

How do you correctly configure package signing? I've edited /etc/aurto/makepkg-chroot.conf and set BUILDENV to sign and I generated a new gpg key with gpg --gen-key with the same user that aurto runs operations as, but adding packages fails at the signing step.

Signing works correctly with the same configuration in /etc/makepkg.conf and running makepkg.

— Reply to this email directly, view it on GitHub https://github.com/alexheretic/aurto/issues/73, or unsubscribe https://github.com/notifications/unsubscribe-auth/AARZHV4YVTO53AS24BF2M6TVBXM2VANCNFSM5RUQDPPA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

AladW commented 2 years ago

makepkg --sign doesn't work inside the container, because it has no access to the necessary environment variables. aurutils just runs gpg manually on the host.