[systemd-devel] arch bootstrapping

Daniel Buch boogiewasthere at gmail.com
Sat Aug 17 08:44:27 PDT 2013


I run with SigLevel = Required DatabaseOptional. And i guess that's
recommended. Have you tried pacman-key --init before you --populate
archlinux?


2013/8/17 Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>

> Hi,
>
> I was trying to get the arch installation example in systemd-spawn
> to work on Fedora. My intent is to package pacman and pacstrap for
> Fedora, to make it easy to play with distributions. Fedora already
> has alien and dpkg/apt-get, so adding pacman seems kind of nice.
>
> The packaging process is going well, but the intallation is not
> as easy, because of gpg key issues. It's possible that I made some
> error, I tried both to add SigLevel=TrustAll in (host's) /etc/pacman.conf,
> and to to import gpg keys with 'pacman-key --populate archlinux'.
> The second solution didn't seem to work, and both have downsides:
> - disabling checking is bad because of security issues,
>   and it also seems to mess up the trust database inside the container,
> - importing the trust database in the host (assuming that I'd get it
>   to work), would require either also packaging the keys for Fedora,
>   or telling the user to trust keys blindly and download them from
>   the internet...
>
> So before I go further, I'd like your opinion on what is the best
> approach to using the Arch trust mechanism on a non-Arch system.
>
> Zbyszek
>
> Packaging tickets:
> https://bugzilla.redhat.com/show_bug.cgi?id=998125,
> https://bugzilla.redhat.com/show_bug.cgi?id=998127.
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20130817/adb59175/attachment.html>


More information about the systemd-devel mailing list