On Sat, Oct 11, 2014 at 12:15:54AM +0200, Michelle Sullivan wrote: > Mark Felder wrote: > > On Fri, Oct 10, 2014, at 14:47, Bryan Drewery wrote: > > > >> On 10/10/2014 1:12 PM, scratch65...@att.net wrote: > >> > >>> On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote: > >>> > >>> > >>>> find /usr/share/keys/pkg -exec sha256 {} + > >>>> > >>> No such file > >>> > >> That's your problem. You are missing the signature fingerprints to > >> compare against. As such Pkg is refusing to do anything to prevent MITM > >> attacks. > >> > >> You are missing this: > >> https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc > >> > >> freebsd-update can provide it. > >> > >> > >> > > > > Ahh, good point. This is better advice. Even if your system was > > supposedly fully up to date freebsd-update would detect this is missing > > and repair it as it was part of an SA. This is better advice than my > > manual creation method :-) > > > > Didn't on mine, I ran into the same problem - though it wasn't a show > stopper for me as I was trying to use my own repo - which also failed > using the docs... and nothing in the debug gave any clues or additional > information to the problem. Fortunately, I can read/write code, so I > fixed things myself.
Thanks for creating an PR.
pgpuYQLYjI3tQ.pgp
Description: PGP signature