On 5/6/25 6:17 AM, Markus Schaaf wrote:
Am 04.05.25 um 19:13 schrieb Pocket:
gpg —full-gen-key
gpg —export —armor —output public-key.asc pocket
gpg —export-secret-keys —armor —output private-key.asc pocket
The key id is pocket.
For each key/attempt I imported each key into Pacman-key and signed
with Pacman-key —lsign pocket
Then I tried this.
repo-add —sign —key pocket custom.db.tar.xz “file spec”
It failed with the error invalid key/doesn’t know the key.
makepkg and repo-add need the key in the callers keyring. They simply
call gpg --detach-sign. Pacman's keyring is only for installing packages.
HTH & BR
I am going to remake my gpg key and start over.
I will want to use the keying in signing packages and installation.
My current project is to compile all the packages (optimizing them for
-mcpu=cortex-a72) for all my systems workstations and servers for the
rpi4 and rpi 5 desktop using the PKGBUILD from archlinux, not
archlinuxarm as I currently do.
I am about 1/3 of the way done.
Still working at the package signing.......
Thanks
--
Hindi madali ang maging ako
