Hi again, > On 17 Mar 2017, at 14:22, Panagiotis Atmatzidis <a...@convalesco.org> wrote: > > Hi, > > I managed to create proper packages using "pkg_create" for two versions > of "mypkg". Now I'm trying to handle upgrades and signatures. > > Although I'm setting the "FULLPKGPATH" options, upgrades are not handled > cleanly: > > ---- > sudo pkg_add -D unsigned -Uvv -i mypkg-3.99.2228-obsd6.tgz > Update candidates: quirks-2.241 -> quirks-2.241 > quirks-2.241 signed on 2016-07-26T16:56:10Z > No change in quirks-2.241 > parsing mypkg-3.99.2228-obsd6 > Skipping mypkg-3.0.1865-obsd6 (update candidate for > mypkg-3.0.1865-obsd6) > mypkg-3.0.1865-obsd6 pkgpaths: > mypkg-3.0.1865-obsd6 pkgpaths: > Skipping mypkg-3.99.2228-obsd6 (update candidate for > mypkg-3.0.1865-obsd6) > mypkg-3.0.1865-obsd6 pkgpaths: > mypkg-3.99.2228-obsd6 pkgpaths: > No need to update mypkg-3.0.1865-obsd6 > [mypkg-3.0.1865-obsd6]mypkg-3.99.2228-obsd6: internal conflict between > mypkg-3.99.2228-obsd6 and mypkg-3.0.1865-obsd6 > ---- > > How does "pkg_add" handle updates? The creation of the package is made > using the following command: > > ---- > pkg_create -A $arch \ > -d $pkg_desc \ > -f $pkg_list \ > -B $base \ > -p $prefix \ > -D COMMENT="$comment" -D MAINTAINER="$maintainer" -D > FULLPKGPATH=$prefix \ > "nxlog-$version-$osrel.tgz" > ---- > > Note that prefix is "/opt/mypkg" in my case. I thought that setting " > FULLPKGPATH=" pkg_add will handle updates based on version numbers > alone. I don't use any "conflict" keywords. > > I'm trying to use signify to distribute packages as safely as possible. > First off, thanks to Ted for signify, it's very easy to work with. > > Apart from creating and signings SHA files I'd like to know why OpenBSD > complains with "Couldn't check signature" since the pub key is under > "/etc/signify/" ? > > [â¦]
I figured this part. Signify is very picky about filename structure. I had used the extension â.keyâ instead of âsecâ. The docs[1] and a bit of experimenting helped me a bit. I still canât figure out how to handle upgrades using the -U flag. [1] https://www.openbsd.org/faq/faq15.html#PkgSig <https://www.openbsd.org/faq/faq15.html#PkgSig> -- Panagiotis (atmosx) Atmatzidis email: a...@convalesco.org URL: http://www.convalesco.org GnuPG ID: 0x1A7BFEC5 gpg --keyserver pgp.mit.edu --recv-keys 1A7BFEC5 "Everyone thinks of changing the world, but no one thinks of changing himself.â - Leo Tolstoy [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]