[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Packaging packages with GPG signed source archives
From: |
Arun Isaac |
Subject: |
Re: Packaging packages with GPG signed source archives |
Date: |
Thu, 01 Sep 2016 00:07:56 +0530 |
User-agent: |
mu4e 0.9.16; emacs 24.5.1 |
> Does Parabola have some sort of keyring that all the upstream keys go
> into? Or did I misinterpret your suggestion? I'm not familiar with the
> Parabola package management system.
No, Parabola does not collect upstream keys into any centralized keyring.
When you are building a package from source, the Parabola build system
verifies the GPG signature of the source archive if the developer's key
is in your keyring. Else, it raises an error and asks you to get the
required key manually. There is also an option that tells the build
system to automatically fetch the key if it is not in your keyring.
signature.asc
Description: PGP signature
- Packaging packages with GPG signed source archives, Arun Isaac, 2016/08/31
- Re: Packaging packages with GPG signed source archives, Alex Kost, 2016/08/31
- Re: Packaging packages with GPG signed source archives, Arun Isaac, 2016/08/31
- Re: Packaging packages with GPG signed source archives, ng0, 2016/08/31
- Re: Packaging packages with GPG signed source archives, Leo Famulari, 2016/08/31
- Re: Packaging packages with GPG signed source archives,
Arun Isaac <=
- Re: Packaging packages with GPG signed source archives, Ludovic Courtès, 2016/08/31
- Re: Packaging packages with GPG signed source archives, ng0, 2016/08/31
- Re: Packaging packages with GPG signed source archives, Troy Sankey, 2016/08/31