From owner-freebsd-questions@freebsd.org Sun Aug 2 11:54:55 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 878269B1BA7 for ; Sun, 2 Aug 2015 11:54:55 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2A9523B6 for ; Sun, 2 Aug 2015 11:54:55 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local (liminal.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3636:3bff:fed4:b0d6]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.15.2/8.15.2) with ESMTPSA id t72Bskxm061509 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 2 Aug 2015 12:54:46 +0100 (BST) (envelope-from matthew@FreeBSD.org) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org DKIM-Filter: OpenDKIM Filter v2.9.2 smtp.infracaninophile.co.uk t72Bskxm061509 Authentication-Results: smtp.infracaninophile.co.uk/t72Bskxm061509; dkim=none reason="no signature"; dkim-adsp=none; dkim-atps=neutral X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host liminal.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3636:3bff:fed4:b0d6] claimed to be liminal.local Subject: Re: Bootstrapping pkg from a package To: freebsd-questions@freebsd.org References: <87y4hugxf4.fsf@elk.localnet> From: Matthew Seaman X-Enigmail-Draft-Status: N1110 Message-ID: <55BE04FA.6040301@FreeBSD.org> Date: Sun, 2 Aug 2015 12:54:34 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.1.0 MIME-Version: 1.0 In-Reply-To: <87y4hugxf4.fsf@elk.localnet> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="BqvU4sMXT0LPUGiCfpKPi2lmdrx7LlMlr" X-Virus-Scanned: clamav-milter 0.98.7 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2015 11:54:55 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BqvU4sMXT0LPUGiCfpKPi2lmdrx7LlMlr Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 02/08/2015 04:51, Carl Johnson wrote: > I was just bringing up my Raspberry Pi from the 10.2-RC2 image and trie= d > to install some packages that I had saved previously. The pkg(7) > manpage states that the pkg in the base system can use 'pkg add ' > to install the pkg package instead of getting the package from the > repository (which isn't available for arm). When I tried that I just > got the message 'Signature for pkg not available.' I don't have a > signature for it, and don't know where to get it from or how to generat= e > it. Once I install it from ports, I can use that to add other saved > packages without any signature being necessary. You'll only get this error message if SIGNATURE_TYPE=3D'fingerprints' somewhere in your pkg.conf and you're using pkg(7) to run 'pkg add something' -- otherwise it will just go ahead and install from the pkg.txz tarball without checking the package integrity and authentici= ty. > The manpage makes it appear that should work, so is there something els= e > that I need to do? Thanks for any information. Check for the presence of pkg.txz.sig -- that has to be present in the same directory as the pkg.txz you're trying to install from before signature checking will work -- and also that you have the current FreeBSD repository public key: /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 which should look like this: % cat pkg.freebsd.org.2013102301 # $FreeBSD: stable/10/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 260608 2014-01-13 22:07:36Z bdrewery $ function: "sha256" fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438" Each of these files should be present on the installation media, if they haven't already been installed on the system. Otherwise I believe you can turn off signature checking by setting: SIGNATURE_TYPE=3Dnone in the environment before you call pkg(7). If putting it in the environment doesn't work, then you could try adding that to /usr/local/etc/pkg.conf -- note that this will not have any effect on pkg(8) once installed. pkg(8) would want that setting in a per-repo file eg. /usr/local/etc/pkg/repos/FreeBSD.conf, and the format is a bit different: FreeBSD: { signature_type: none } However it would be preferable to have signature checking enabled. Cheers, Matthew --BqvU4sMXT0LPUGiCfpKPi2lmdrx7LlMlr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iQJ8BAEBCgBmBQJVvgUCXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATAUoP+wc6ncXsa+nD+/2AqUx5iBLh dzGxTVnJFrQeDnb1ABb7nZGUY/ti7ErL/qaS7fH86hUHvNcgGUnVmxcg4vA/gTPy Oysm3Wiod9eYRJ5cVQ0JhBbXk0zo3/IijUoxPo9WyO7SfX9kqljLjCqR87k7CSMy VmBo+mdK1lo6vOBURONssNGiFJbwnTSqtW25HwsQfUFO08LIcq+etTmlZzofGDNw rRWJRH0sbdCtqkMLKu4K+vP5QXJudl5AayvmzmJm/TIlcsZrQFGEZRjqZ1GG2rOo X0sMBSRGAWPPanh54kfnt1tR2TkmynhIxAyoAUwK7gpdzKFZME19Mx6lyGcXlFjH 2YpPbARxytlV6/o8B8sc1WMLLUiiysWnESyBpLbWBbjlpTD66CXSOVO5P7n0kESY bbDzyA0y9OBO6vx3tj4N9e0bnn1d/uk8dO1n3hbWGwZGDx9MyDduCAjq8DVV/TKP EIgbaDIoeoPKrQzb039/vAUmG37Tz9nAISAroFQRDP5Dag5JzNsoWsdmGx673yJW Mv9l77vou2gG2Fa9I/CGoGyvB52vgixuCZ00CK6+QI3+w7/i7YA+fYt5xSh39OEV Qkil56Y2KicYrC4Hk7CfmpJvIF3bOpWpIv0imAmpXMwG7qMbYrXq67u2rNnvIz5c 0cGDaXadj+SSyS+uOGTI =+fhN -----END PGP SIGNATURE----- --BqvU4sMXT0LPUGiCfpKPi2lmdrx7LlMlr--