[systemd-devel] arch bootstrapping
Daniel Buch
boogiewasthere at gmail.com
Sat Aug 17 08:44:27 PDT 2013
I run with SigLevel = Required DatabaseOptional. And i guess that's
recommended. Have you tried pacman-key --init before you --populate
archlinux?
2013/8/17 Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
> Hi,
>
> I was trying to get the arch installation example in systemd-spawn
> to work on Fedora. My intent is to package pacman and pacstrap for
> Fedora, to make it easy to play with distributions. Fedora already
> has alien and dpkg/apt-get, so adding pacman seems kind of nice.
>
> The packaging process is going well, but the intallation is not
> as easy, because of gpg key issues. It's possible that I made some
> error, I tried both to add SigLevel=TrustAll in (host's) /etc/pacman.conf,
> and to to import gpg keys with 'pacman-key --populate archlinux'.
> The second solution didn't seem to work, and both have downsides:
> - disabling checking is bad because of security issues,
> and it also seems to mess up the trust database inside the container,
> - importing the trust database in the host (assuming that I'd get it
> to work), would require either also packaging the keys for Fedora,
> or telling the user to trust keys blindly and download them from
> the internet...
>
> So before I go further, I'd like your opinion on what is the best
> approach to using the Arch trust mechanism on a non-Arch system.
>
> Zbyszek
>
> Packaging tickets:
> https://bugzilla.redhat.com/show_bug.cgi?id=998125,
> https://bugzilla.redhat.com/show_bug.cgi?id=998127.
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20130817/adb59175/attachment.html>
More information about the systemd-devel
mailing list