Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Oct 25 16:05
    marcheschi opened #565
  • Oct 18 12:14

    YanChii on master

    [FIX] Security - use Safeloader… (compare)

  • Oct 18 12:14
    YanChii closed #560
  • Oct 18 12:14
    YanChii commented #560
  • Oct 17 06:30
    b1nslashsh commented #560
  • Oct 12 08:16
    marcheschi opened #564
  • Oct 11 08:44
    marcheschi commented #533
  • Oct 11 07:51
    marcheschi commented #561
  • Oct 09 15:47
    YanChii synchronize #563
  • Oct 09 15:47

    YanChii on issue-561

    print to stderr (compare)

  • Oct 09 14:44
    YanChii milestoned #563
  • Oct 09 14:44
    YanChii assigned #563
  • Oct 09 14:44
    YanChii opened #563
  • Oct 09 14:43

    YanChii on issue-561

    check real disk space before cr… (compare)

  • Oct 09 12:37
    YanChii commented #561
  • Oct 09 12:37
    YanChii commented #561
  • Oct 09 11:18
    YanChii commented #561
  • Oct 07 13:07
    marcheschi commented #561
  • Oct 07 11:43
    marcheschi commented #561
  • Oct 07 10:46
    marcheschi commented #561
FilipFrancis
@FilipFrancis
so trying to figure this out but i am blocked as i can not see what i am doing wrong
or it has something todo with the bootstrap -xx-tar.gz file
FilipFrancis
@FilipFrancis
yes chroot and i can see the same files that coming from the root folder
1 reply
yanchii
@yanchii:matrix.org
[m]
maybe a bit late to the party but I'm sharing my notes to pkgsrc signing. I found the Joyent's howto somehow incomplete.
SIGN PACKAGES                                                        (do within chroot env)                                               - /opt/local/etc/mk.conf:                                            SIGN_PACKAGES=    gpg                                                - /opt/local/etc/pkg_install.conf                                    GPG=/usr/bin/gpg                                                     GPG_SIGN_AS=84C12E2F                                                 - import pubkey:                                                     curl https://pkgsrc.danube.cloud/GPG.key.pub | gpg --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg --import                - import privkey:                                                    gpg --import /data/Erigones\ Package\ Signing.asc                    gpg --list-secret-keys                                               bmake package                                                        - verify                                                             pkg_admin check-signature <pkg.tgz>                                  echo $?                                                              0    <-- OK                                                          1    <-- verify failed                                               # verify uses /opt/local/etc/gnupg/pkgsrc.gpg pubring
crap, no spaces when pasting from mobile terminal
yanchii
@yanchii:matrix.org
[m]
full version:
FilipFrancis
@FilipFrancis
Ok let me check this
Question the creating the key do i need to do this in the sandbox?
Or outside the sandbox
yanchii
@yanchii:matrix.org
[m]
inside the sandbox
that's why I keep the sandbox running in screen after I create it… so I don't need to setup it every time I compile something
FilipFrancis
@FilipFrancis
I also use the screen when i start compiling
ok let me try to create a key
when creating a kye within the sandbox i get
gpg: Sorry, no terminal at all requested - can't get input
this as error
did already export TERM=vt220
but that does not work
yanchii
@yanchii:matrix.org
[m]
i recommend creating a key outside and just import it into the sandbox
FilipFrancis
@FilipFrancis
tried that and i can see the key in the sandbox
but it always complains about a secret key
so no way to sign for the moment
yanchii
@yanchii:matrix.org
[m]
did you import also the secret key?
FilipFrancis
@FilipFrancis
yes i think so
outside the sandbox i can see the secret key
but inside the sandbox it gives me the following error
gpg2 --list-secret-keys
gpg: NOTE: trustdb not writable
yanchii
@yanchii:matrix.org
[m]
try adding
--no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg
FilipFrancis
@FilipFrancis
in the sandbox?
yanchii
@yanchii:matrix.org
[m]
yes
and also with the private key import command
FilipFrancis
@FilipFrancis
hmm not much is happening
gpg2 --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg
gpg: Go ahead and type your message ...
still waiting
yanchii
@yanchii:matrix.org
[m]
I don't remember exactly… it was always pain to setup it… so I try to avoid doing it by keeping the same env running as long as possible
FilipFrancis
@FilipFrancis
yeah i guess man this is a pain in the ....
yanchii
@yanchii:matrix.org
[m]
you miss the subcommand there
gpg --list-secret-keys --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg
FilipFrancis
@FilipFrancis
getting the same error with trustdb
gpg --list-secret-keys --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg
yanchii
@yanchii:matrix.org
[m]
gpg --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg --import secretkey.asc
not sure what's going on
FilipFrancis
@FilipFrancis
gpg2 --list-secret-keys --no-default-keyring --keyring /opt/local/etc/gnupg/pkgsrc.gpg
gpg: NOTE: trustdb not writable
yanchii
@yanchii:matrix.org
[m]
and is the pkgsrc.gpg or /root dir really writable?
FilipFrancis
@FilipFrancis
no i checked and that is not writable
and tried to run sandbox with that /root/.gpg as RW then it does not boot the sandbox
but running outside the sandbox i see the keys and secrets
yanchii
@yanchii:matrix.org
[m]
for some reason you have gpg2 command and I have only gpg