From owner-freebsd-ports@FreeBSD.ORG Fri Oct 10 18:49:56 2014 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7424DA72 for ; Fri, 10 Oct 2014 18:49:56 +0000 (UTC) Received: from new1-smtp.messagingengine.com (new1-smtp.messagingengine.com [66.111.4.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 447A6195 for ; Fri, 10 Oct 2014 18:49:55 +0000 (UTC) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by gateway2.nyi.internal (Postfix) with ESMTP id 9DCCE2770 for ; Fri, 10 Oct 2014 14:49:54 -0400 (EDT) Received: from web6 ([10.202.2.216]) by compute1.internal (MEProxy); Fri, 10 Oct 2014 14:49:54 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:x-sasl-enc:from:to :mime-version:content-transfer-encoding:content-type:in-reply-to :references:subject:date; s=smtpout; bh=3sVRYRMvjmNPmtQD8jaFQImG crw=; b=AlB/sg8cQSXqm1HLkltlhZMZ0ijteBidT1ScE+Cm5HaSqcmcF9799Ylj zhVSviucihGX5+Nu2HHPD71Ex7lfErYMGXqEyYBy+YjPYKloHU92tRFYY6CbfNPv SpGP3uY7avZxyFkkwRvb4P5af5ZcKcX1OAQBncuA0lh3nAfS+ko= Received: by web6.nyi.internal (Postfix, from userid 99) id 5293E661C91; Fri, 10 Oct 2014 14:49:54 -0400 (EDT) Message-Id: <1412966994.2380548.177575969.33769181@webmail.messagingengine.com> X-Sasl-Enc: ca995YK7GWTo7HIjv35t+qWvE3smRZ0rFeOqe6nzgc38 1412966994 From: Mark Felder To: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-7434a20c In-Reply-To: <079g3al8tmta89l8b471esttb0et8av02b@4ax.com> References: <543817AA.8080305@gmx.de> <54381F2B.7020800@gmx.de> <079g3al8tmta89l8b471esttb0et8av02b@4ax.com> Subject: Re: PKG not quite ready for prime time Date: Fri, 10 Oct 2014 13:49:54 -0500 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Oct 2014 18:49:56 -0000 On Fri, Oct 10, 2014, at 13:29, Auld Besom wrote: > > I had it as ${ABI} to begin with, but had no luck that way either > (see below). Then I changed it, unaware that that first 8 was > the version, or even that there are o/s version-dependent > versions of pkg. > Pkg itself is compiled, not interpreted like Yum which is Python, so it does matter. And you of course want to ensure you're installing packages built for FreeBSD 9 on your FreeBSD 9 server. The next error you're seeing is this: > pkg: Error loading trusted certificates This is due to your missing certificates in /usr/share/keys/pkg which are required due to your repository having: signature_type: "fingerprints", fingerprints: "/usr/share/keys/pkg", You could remove those lines to work around that, but you are lowering the security of your system as you cannot verify the integrity of your packages anymore. The fix is to populate your /usr/share/keys/pkg. I do not know why it did not come populated after your upgrade, but that's a discussion for another day. Let's get your keys: # mkdir -p /usr/share/keys/pkg/trusted /usr/share/keys/pkg/revoked # fetch -o /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 "https://svnweb.freebsd.org/base/head/share/keys/pkg/trusted/pkg.freebsd.org.2013102301?revision=260605&view=co" # chown root:wheel /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 # chmod 644 /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 If you have problems with fetch because of the https you might have to use --no-verify-peers but at least compare the certificate and/or ensure the contents of the key match what's in the repository....