Date: Sat, 11 Oct 2014 09:36:05 -0400 From: <scratch65535@att.net> To: freebsd-ports <freebsd-ports@freebsd.org> Subject: Re: PKG not quite ready for prime time Message-ID: <jnbi3ah4tu2o2n1bnqtjuljiplu9mt3kmh@4ax.com> In-Reply-To: <1412966994.2380548.177575969.33769181@webmail.messagingengine.com> References: <sl4g3adpms8lkd2rr38n3666et8eptsp9i@4ax.com> <543817AA.8080305@gmx.de> <he6g3apojoln19fd9d8gr2rs0koq3a6940@4ax.com> <54381F2B.7020800@gmx.de> <079g3al8tmta89l8b471esttb0et8av02b@4ax.com> <1412966994.2380548.177575969.33769181@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 10 Oct 2014 13:49:54 -0500, you wrote:
>On Fri, Oct 10, 2014, at 13:29, Auld Besom wrote:
>>
>> I had it as ${ABI} to begin with, but had no luck that way either
>> (see below). Then I changed it, unaware that that first 8 was
>> the version, or even that there are o/s version-dependent
>> versions of pkg.
>>
>Pkg itself is compiled, not interpreted like Yum which is Python, so it
>does matter.
> And you of course want to ensure you're installing packages
>built for FreeBSD 9 on your FreeBSD 9 server.
[sigh] Yes. I'm old enough that I'm always sleep-deprived, and
after 8-10 hours of concentrated work I'm so foggy that my brain
goes unserviceable.
>
>The next error you're seeing is this:
>
>> pkg: Error loading trusted certificates
>
>This is due to your missing certificates in /usr/share/keys/pkg which
>are required due to your repository having:
>
> signature_type: "fingerprints",
> fingerprints: "/usr/share/keys/pkg",
>
>You could remove those lines to work around that, but you are lowering
>the security of your system as you cannot verify the integrity of your
>packages anymore. The fix is to populate your /usr/share/keys/pkg. I do
>not know why it did not come populated after your upgrade, but that's a
>discussion for another day. Let's get your keys:
>
># mkdir -p /usr/share/keys/pkg/trusted /usr/share/keys/pkg/revoked
># fetch -o /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
>"https://svnweb.freebsd.org/base/head/share/keys/pkg/trusted/pkg.freebsd.org.2013102301?revision=260605&view=co"
># chown root:wheel
>/usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
># chmod 644 /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
Thank you. Those seem to fill in the gap. It's a pity that the
installer for pkg didn't do that part of the job.
>
>
>If you have problems with fetch because of the https you might have to
>use --no-verify-peers but at least compare the certificate and/or ensure
>the contents of the key match what's in the repository....
>_______________________________________________
>freebsd-ports@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-ports
>To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jnbi3ah4tu2o2n1bnqtjuljiplu9mt3kmh>