[SOLVED] unattended package signing?

Similar Messages

• [Solved] Using pacman's package signing correctly

  When pacman 4 first came out, I just merged the pacnew file so that package signing was disabled. I did initialise the keys etc. but I didn't import or sign the master keys or enable signature checks.
  So tonight I figured I would start seeing how this worked. I took the fingerprints from the master key list on archlinux's site and I checked they matched the fingerprints listed on Allan's blog. I then imported the five master keys using pacman-key, signed them locally and used --edit-key to assign each of the five marginal trust.
  I then commented out the "Never" line for package signing in pacman.conf so that it would use the compiled in default to make signatures optional but check them if available. I also set PackageRequired for the core repository.  I left the other repos I have enabled to default to the default policy as I think signing isn't complete for them.
  I then ran pacman -Syu. This mostly went OK but I'm slightly worried about this bit:
  error: gsm: key "7F2D434B9741E8AC" is unknown
  :: Import PGP key 9741E8AC, "Pierre Schmitz <[email protected]>", created 2011-04-10? [Y/n] y
  error: jbig2dec: key "BBE43771487328A9" is unknown
  :: Import PGP key 487328A9, "Bartlomiej Piotrowski <[email protected]>", created 2011-10-10? [Y/n] y
  error: p11-kit: key "E8F18BA1615137BC" is unknown
  :: Import PGP key 615137BC, "Ionut Biru <[email protected]>", created 2011-04-19? [Y/n] y
  error: pacmatic: key "396E3E25BAB142C1" is unknown
  :: Import PGP key BAB142C1, "Kyle Keen <[email protected]>", created 2011-02-03? [Y/n] y
  error: patchutils: key "06096A6AD1CEDDAC" is unknown
  :: Import PGP key D1CEDDAC, "Laurent Carlier <[email protected]>", created 2011-10-30? [Y/n] y
  error: perl-encode-locale: key "F99FFE0FEAE999BD" is unknown
  :: Import PGP key EAE999BD, "Allan McRae <[email protected]>", created 2011-06-03? [Y/n] y
  error: vlc: key "B7310AE5F04569AE" is unknown
  :: Import PGP key F04569AE, "Giovanni Scafora <[email protected]>", created 2011-10-15? [Y/n] y
  I initially thought I was just telling pacman to import the keys but now I'm wondering if I also told it to trust them and if I wasn't meant to do that? Should they have been automatically handled if they were signed correctly? I was trying to follow the instructions on Allan's blog which show this question and Allan answering yes. However, I now realise that I got confused and that that bit comes *before* Allan imports and trusts the master keys, but I'd already done that at this point. (But it didn't complain they were untrusted once imported...)
  Could somebody either reassure me that I did this correctly (securely)? Or advise me on how to undo it if that's what I should do?
  Last edited by cfr (2012-02-19 15:14:02)

  I followed Allan's guide on page
  http://allanmcrae.com/2011/12/pacman-pa … rch-linux/
  and pacman -Syu gave:
  error: xorg-bdftopcf: signature from "Allan McRae <[email protected]>" is marginal trust
  Which is suprising as his key is one of master keys. Currently several master keys were revoked.
  Based on GPG's output it is maybe requires some additional input to mark the revoked key as trusted:
  sub  3072R/B20030F3  created: 2011-11-25  revoked: 2011-11-25  usage: A   
  [  full  ] (1). Ionut Biru (Arch Linux Master Key) <[email protected]>
  Please decide how far you trust this user to correctly verify other users' keys
  (by looking at passports, checking fingerprints from different sources, etc.)
  gpg gives this:
    1 = I don't know or won't say
    2 = I do NOT trust
    3 = I trust marginally
    4 = I trust fully
    5 = I trust ultimately
    m = back to the main menu
  full story:
  [root@archbang ~]# for key in FFF979E7 CDFD6BB0 4C7EA887 6AC6A4C2 824B18E8; do
  > printf 'trust\n3\nquit\n' | gpg --homedir /etc/pacman.d/gnupg/ --no-permission-warning --command-fd 0 --edit-key $key
  > done
  pub  3072R/4C7EA887  created: 2011-11-25  expires: never       usage: SC 
                       trust: marginal      validity: full
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  1024R/93F91AC3  created: 2011-11-25  revoked: 2011-11-25  usage: E   
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  3072R/B20030F3  created: 2011-11-25  revoked: 2011-11-25  usage: A   
  [  full  ] (1). Ionut Biru (Arch Linux Master Key) <[email protected]>
  pub  3072R/4C7EA887  created: 2011-11-25  expires: never       usage: SC 
                       trust: marginal      validity: full
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  1024R/93F91AC3  created: 2011-11-25  revoked: 2011-11-25  usage: E   
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  3072R/B20030F3  created: 2011-11-25  revoked: 2011-11-25  usage: A   
  [  full  ] (1). Ionut Biru (Arch Linux Master Key) <[email protected]>
  Please decide how far you trust this user to correctly verify other users' keys
  (by looking at passports, checking fingerprints from different sources, etc.)
    1 = I don't know or won't say
    2 = I do NOT trust
    3 = I trust marginally
    4 = I trust fully
    5 = I trust ultimately
    m = back to the main menu
  pub  3072R/4C7EA887  created: 2011-11-25  expires: never       usage: SC 
                       trust: marginal      validity: full
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  1024R/93F91AC3  created: 2011-11-25  revoked: 2011-11-25  usage: E   
  This key was revoked on 2011-11-25 by RSA key 4C7EA887 Ionut Biru (Arch Linux Master Key) <[email protected]>
  sub  3072R/B20030F3  created: 2011-11-25  revoked: 2011-11-25  usage: A   
  [  full  ] (1). Ionut Biru (Arch Linux Master Key) <[email protected]>
  pub  3072R/6AC6A4C2  created: 2011-11-18  expires: never       usage: SC 
                       trust: marginal      validity: full
  sub  1024R/86872C2F  created: 2011-11-18  expires: never       usage: E   
  sub  3072R/1B516B59  created: 2011-11-18  expires: never       usage: A   
  [  full  ] (1). Pierre Schmitz (Arch Linux Master Key) <[email protected]>
  pub  3072R/6AC6A4C2  created: 2011-11-18  expires: never       usage: SC 
                       trust: marginal      validity: full
  sub  1024R/86872C2F  created: 2011-11-18  expires: never       usage: E   
  sub  3072R/1B516B59  created: 2011-11-18  expires: never       usage: A   
  [  full  ] (1). Pierre Schmitz (Arch Linux Master Key) <[email protected]>
  Please decide how far you trust this user to correctly verify other users' keys
  (by looking at passports, checking fingerprints from different sources, etc.)
    1 = I don't know or won't say
    2 = I do NOT trust
    3 = I trust marginally
    4 = I trust fully
    5 = I trust ultimately
    m = back to the main menu
  pub  3072R/6AC6A4C2  created: 2011-11-18  expires: never       usage: SC 
                       trust: marginal      validity: full
  sub  1024R/86872C2F  created: 2011-11-18  expires: never       usage: E   
  sub  3072R/1B516B59  created: 2011-11-18  expires: never       usage: A   
  [  full  ] (1). Pierre Schmitz (Arch Linux Master Key) <[email protected]>
  I got to go now I will try gpg key edit later. If someone knows what to do please help.
  Thanks

• Package Sign Error

  Hi,
  I have noticed the next error:
  (1/1) checking package integrity                                                                        [#############################################################] 100%
  error: ddd: signature from "Eric Belanger <[email protected]>" is invalid
  error: failed to commit transaction (invalid or corrupted package (PGP signature))
  Errors occurred, no packages were upgraded.
  This happens with some packages, while others installs/upgrades normally without an error.
  It does not depend on the mainteiner, since others packages from the same maintainer installs correctly.
  I have reported a bug with one of this packages: "vlc" and the bug was closed as the maintainer told the package was correct.
  It also does not depends on the repo, since the problem arises in different repos.
  I have also tried to delete the "/etc/pacman.d/gnupg" directory, and follow the instruction to get it again.
  I have also tried to change the keyserver in "gpg.conf".
  The problem remains.
  Is there any way to manually check the signature of the package?
  thanks,

  # /etc/pacman.conf
  # See the pacman.conf(5) manpage for option and repository directives
  # GENERAL OPTIONS
  [options]
  # The following paths are commented out with their default values listed.
  # If you wish to use different paths, uncomment and update the paths.
  #RootDir = /
  #DBPath = /var/lib/pacman/
  CacheDir = /dev/shm/pkg/
  #LogFile = /var/log/pacman.log
  #GPGDir = /etc/pacman.d/gnupg/
  HoldPkg = pacman glibc
  # If upgrades are available for these packages they will be asked for first
  SyncFirst = pacman
  #XferCommand = /usr/bin/curl -C - -f %u > %o
  #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
  #CleanMethod = KeepInstalled
  Architecture = auto
  # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
  #IgnorePkg =
  #IgnoreGroup =
  #NoUpgrade =
  #NoExtract =
  # Misc options
  #UseSyslog
  #UseDelta
  #TotalDownload
  CheckSpace
  #VerbosePkgLists
  # By default, pacman accepts packages signed by keys that its local keyring
  # trusts (see pacman-key and its man page), as well as unsigned packages.
  #SigLevel = Optional TrustedOnly
  # NOTE: You must run `pacman-key --init` before first using pacman; the local
  # keyring can then be populated with the keys of all official Arch Linux
  # packagers with `pacman-key --populate archlinux`.
  # REPOSITORIES
  # - can be defined here or included from another file
  # - pacman will search repositories in the order defined here
  # - local/custom mirrors can be added here or in separate files
  # - repositories listed first will take precedence when packages
  # have identical names, regardless of version number
  # - URLs will have $repo replaced by the name of the current repo
  # - URLs will have $arch replaced by the name of the architecture
  # Repository entries are of the format:
  # [repo-name]
  # Server = ServerName
  # Include = IncludePath
  # The header [repo-name] is crucial - it must be present and
  # uncommented to enable the repo.
  # The testing repositories are disabled by default. To enable, uncomment the
  # repo name header and Include lines. You can add preferred servers immediately
  # after the header, and they will be used before the default mirrors.
  #[testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  [core]
  SigLevel = PackageRequired
  Include = /etc/pacman.d/mirrorlist
  [extra]
  SigLevel = PackageRequired
  Include = /etc/pacman.d/mirrorlist
  #[community-testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  [community]
  SigLevel = PackageRequired
  Include = /etc/pacman.d/mirrorlist
  # If you want to run 32 bit applications on your x86_64 system,
  # enable the multilib repositories as required here.
  #[multilib-testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  [multilib]
  SigLevel = PackageRequired
  Include = /etc/pacman.d/mirrorlist
  # An example of a custom package repository. See the pacman manpage for
  # tips on creating your own repositories.
  #[custom]
  #SigLevel = Optional TrustAll
  #Server = file:///home/custompkgs
  [archlinuxfr]
  SigLevel = Optional TrustAll
  Server = http://repo.archlinux.fr/$arch

• Upgrade of 700MB fails due to Package signing

  Downloaded much but received error message regarding package signing.  Nothing was installed...........
  My pacman.conf has ...SigLevel = Never... so am wondering how I can be in error for package signing?
  Is it now mandatory?

  Sorry my oops.  Will try again.....
  # /etc/pacman.conf
  # See the pacman.conf(5) manpage for option and repository directives
  # GENERAL OPTIONS
  [options]
  # The following paths are commented out with their default values listed.
  # If you wish to use different paths, uncomment and update the paths.
  #RootDir = /
  #DBPath = /var/lib/pacman/
  #CacheDir = /var/cache/pacman/pkg/
  #LogFile = /var/log/pacman.log
  #GPGDir = /etc/pacman.d/gnupg/
  HoldPkg = pacman glibc
  # If upgrades are available for these packages they will be asked for first
  SyncFirst = pacman
  #XferCommand = /usr/bin/curl -C - -f %u > %o
  #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
  #CleanMethod = KeepInstalled
  Architecture = auto
  # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
  #IgnorePkg =
  #IgnoreGroup =
  #NoUpgrade =
  #NoExtract =
  # Misc options
  #UseSyslog
  #UseDelta
  #TotalDownload
  CheckSpace
  #VerbosePkgLists
  # PGP signature checking
  # NOTE: None of this will work without running `pacman-key --init` first.
  # The compiled in default is equivalent to the following line. This requires
  # you to locally sign and trust packager keys using `pacman-key` for them to be
  # considered valid.
  #SigLevel = Optional TrustedOnly
  # If you wish to check signatures but avoid local sign and trust issues, use
  # the following line. This will treat any key imported into pacman's keyring as
  # trusted.
  #SigLevel = Optional TrustAll
  # For now, off by default unless you read the above.
  SigLevel = Never
  # REPOSITORIES
  # - can be defined here or included from another file
  # - pacman will search repositories in the order defined here
  # - local/custom mirrors can be added here or in separate files
  # - repositories listed first will take precedence when packages
  # have identical names, regardless of version number
  # - URLs will have $repo replaced by the name of the current repo
  # - URLs will have $arch replaced by the name of the architecture
  # Repository entries are of the format:
  # [repo-name]
  # Server = ServerName
  # Include = IncludePath
  # The header [repo-name] is crucial - it must be present and
  # uncommented to enable the repo.
  # The testing repositories are disabled by default. To enable, uncomment the
  # repo name header and Include lines. You can add preferred servers immediately
  # after the header, and they will be used before the default mirrors.
  #[testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  [core]
  #SigLevel = PackageRequired
  Include = /etc/pacman.d/mirrorlist
  [extra]
  #SigLevel = PackageOptional
  Include = /etc/pacman.d/mirrorlist
  #[community-testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  [community]
  #SigLevel = PackageOptional
  Include = /etc/pacman.d/mirrorlist
  # If you want to run 32 bit applications on your x86_64 system,
  # enable the multilib repositories as required here.
  #[multilib-testing]
  #SigLevel = PackageRequired
  #Include = /etc/pacman.d/mirrorlist
  #[multilib]
  SigLevel = PackageOptional
  Include = /etc/pacman.d/mirrorlist
  # An example of a custom package repository. See the pacman manpage for
  # tips on creating your own repositories.
  #[custom]
  #SigLevel = Optional TrustAll
  #Server = file:///home/custompkgs

• [SOLVED] Pacman Key Signing Strange Activity

  Hi,
  I was just setting up the package verification system with pacman when I noticed it was doing something unusual.  When I ran:
  pacman-key --init
  instead of waiting for entropy, it just returned the prompt.  Next, when I ran:
  pacman-key --populate archlinux
  it seemed to go through the entire signing process itself, stating that they didn't need to be signed again (sorry for the vagueness as I can't fetch exactly what it said by redirecting it into a file or something).  The point is, usually I have to confirm each signature.
  Is this normal?
  Last edited by Mindstormscreator (2012-08-26 15:42:40)

  Does the contents of /etc/pacman.d/gnupg look normal? You could compare that directory with the one on the live media (diff -rq) to test that theory.
  When I set up package signing, I think I signed five master keys manually which I'd compared from two somewhat independent sources. After that, I don't remember having to *sign* any more signatures but only to confirm it was OK to import them. And now pacman seems to handle much of that automatically... But it is hard to imagine it would be meant to sign the master keys automatically since that would seem to undermine the point of having them in the first place.
  On a fresh install, too, the init should take longer because so little is going on. (Hence all the threads here about it hanging because people haven't read the instructions for creating entropy .)

• ADT native package signing issue

  Hi all,
  I'm having a problem signing an executable with adt. I don't wan't a timestamp so I execute following command in command line:
  "adt -package -storetype pkcs12 -keystore D:\workspaces\a327-shell\IDA_Certificate.p12 -keypass AIRRules -storepass AIRRules -tsa none -target native -storetype pkcs12 -keystore D:\workspaces\a327-shell\IDA_Certificate.p12 -keypass AIRRules -storepass AIRRules -tsa none shell-0.5-RELEASE.exe shell-app.xml shell-0.5-RELEASE.swf assets"
  This returns the following error: "Could not apply timestamp to setup.msi"
  This seems to refer to the native signing options part and not the AIR signing options but I have found no way to fix this.
  Anyone with ideas on how to fix this, it's pretty critical to the project.
  Thx,
  David

  flamelab wrote:
  bangkok_manouel wrote:
  wonder wrote:
  i don't really want to read your crappy blog. You said about reddit, post the damn reddit link
  p.s that blog is kinda useless, new one, only one post. doesn't worth trying reading. That ideas are not original, almost copy/pasted from an old one
  so nice and polite...
  I think wonder is being "impolite", because that particular blog post is an exact copy of a continuous rant of a (banned now) member here in the forums about package signing. So he (that member) is doing the same thing outside the forums, in a blog. It would be much better from him to have helped, instead of ranting.
  He's been spamming Linux-related forums for the last several weeks about this issue, just generally rabble-rousing.  From what I've seen, the guy may have done the community a favor, since numerous respondents have basically said "I was gonna try Arch 'cuz a friend of a friend said it was cool, but wasn't aware of this issue or how Arch worked, and now I'm scared and don't think I'll bother."  Basically diverting the intellectually lazy away from Arch.  He claims to have come up with an easily-implemented solution; however, he also claims the devs have basically blown his brilliant idea off. And he can't be bothered to patch and repackage pacman and sign some packages himself (as an open and observable test-case) despite supposedly having the resources and skills necessary to do so.

• Are AUR packages signed? How do I check the signature if they are?

  Hi,
  Are AUR packages signed? How do I check the signature if they are?
  Thank you!

  andreicristianpetcu wrote:Thank you for your answers! Some Aur packages basically wget some tar.gz and uncompress it and I wanted to know if there is a way to test if this is the same archive that I wanted to install.
  Archives downloaded by PKGBUILDs are never the same as the archive you want to install. Are you referring to PKGBUILDs which just repackage .deb or .rpm archives? As mentioned, there's checksums (typically of zero benefit to security), and sometimes GPG signatures provided by upstream. But, this is only a part of the process. The attack surface is wider than just the source tarball and the PKGBUILD. Consider that you don't even need a PKGBUILD to create a package which pacman understands.
  andreicristianpetcu wrote:I told him that this cannot be done on most packages on most GNU/Linux distros.
  No, it absolutely can. All operating systems are prone to attack by social engineering and can fall victim to lax system administration. The "Linux doesn't get virii" mantra is a falsehood propagated by people relying on statistics rather than actual operating system features and security practices.
  andreicristianpetcu wrote:Since I am a Arch user I wanted to find out if there is a way (except for reading the pkgbuild) from which I can check the validity of the package.
  Given an arbitrary archive foo-1-1-x86_64.pkg.tar.xz, there is absolutely no way to determine what PKGBUILD was used to build it. This is a key reason why signing binary packages in the repositories is important!
  andreicristianpetcu wrote:From what I know the files from the other repos are signed (correct me if I'm wrong).
  Right, in order to assert provenance of a package. If the signature for a package is valid, you can assume that you have a copy of the package which a developer or TU built.

• [SOLVED] Can't sign key with pacman-key

  I've been reading and digging all over the place but I can't seem to find anything on this.
  1. I have created my own keys for signing packages that I want to put in a local repo so I don't have to compile the same package over and over on all my machines.
  2. I have imported said key using sudo pacman-key --add rdjack21.pgp
  3. Used sudo pacman-key --lsign rdjack21 I get this output:
    -> Locally signing key rdjack21...
  ==> ERROR: rdjack21 could not be locally signed.
  4. Ok so lets sudo pacman-key --edit rdjack21  output:
  gpg> sign
  pub  rsa2048/3D1B5544
       created: 2014-11-30  expires: never       usage: SC 
       trust: ultimate      validity: ultimate
  Primary key fingerprint: B0D7 C728 31FA B2B0 6A3C  7086 DC7F DE0C 3D1B 5544
       Richard Jackson <[email protected]>
  Are you sure that you want to sign this key with your
  key "Pacman Keyring Master Key <pacman@localhost>" (645ECB0E)
  Really sign? (y/N) y
  gpg: signing failed: No pinentry
  gpg: signing failed: No pinentry
  gpg>
  5. To hack this and make pacman work with my local repo signed by the rdjack21 key I had to change the trust to ultimate but I do not like that solution. I would prefer to sign the key and move the trust back down to full which is where it should be.
  This is happening on all of my boxes not just one of them. I did find something on the web about "No pinentry" message above and the sugestion was to change the owner of the tty I'm using to be root for the signing to work but that did not work for me (su'ed to root first instead of running everything with sudo).
  While changeing the trust works that just feels wrong to me. I really should beable to sign the key.
  Last edited by rdjack21 (2014-12-01 01:50:05)

  Taking a clue post gnupg 2.1.0-4 upgrade breaks passphrase via STDIN I was able to solve the problem and I can now sign keys.
  The solution is add "pinentry-mode loopback" to /etc/pacman.d/gnupg/gpg.conf
  And create the file /etc/pacman.d/gnupg/gpg-agent.conf and put "allow-loopback-pinentry" in the file.
  Once that is done everythings works as expected!
  Marking this as solved.

• [solved] remove packages from a txt file list

  as the subject header says, I want to run "pacman -R" and have it read a list of packages from a text file.
  Is this possible????
  text file is formatted as such....
  file1
  file2
  file3
  Last edited by orphius (2013-07-09 08:11:53)

  Please remember to mark your thread as [Solved] by editing your first post and prepending it to the title.

• [SOLVED] install package from aur via yaourt

  Hi,
  i installed yaourt and tried to install from the aur.
  it keeps asking me to continue bulding and then restart building. it just wont install any packages.
  for none-aur packages it works fine btw.
  any help?
  alex
  Last edited by alext (2011-10-11 23:13:53)

  me too and it didnt.
  [xxx@xxx pcmanfm-mod]$ yaourt ntfs-config
  1 aur/ntfs-config 1.0.1-7 (200)
  Enable/disable NTFS write support with a simple click
  ==> Enter n° of packages to be installed (ex: 1 2 3 or 1-3)
  ==> -------------------------------------------------------
  ==> 1
  ==> Downloading ntfs-config PKGBUILD from AUR...
  x PKGBUILD
  x python-2.7.patch
  Comment by: loleg on Sat, 25 Jun 2011 10:07:14 +0000
  Compiles installs OK using yaourt, however does not work on my up-to-date system with the issue discussed here: http://ubuntuforums.org/archive/index.php/t-1497399.html
  Comment by: jlcordeiro on Mon, 27 Jun 2011 08:56:12 +0000
  Can you check if:
  sudo mkdir /etc/hal/fdi
  sudo touch /etc/hal/fdi/policy
  solves the problem?
  Comment by: mr430 on Tue, 04 Oct 2011 15:56:44 +0000
  jlcordeiro, same problem and making /etc/hal/fdi directory solve it, thanks
  Comment by: jlcordeiro on Sat, 08 Oct 2011 08:17:08 +0000
  Updated with the solution to the mentioned problem.
  Comment by: archdria on Tue, 11 Oct 2011 12:04:43 +0000
  Please, add perl-xml-parser as makedep :)
  Comment by: jlcordeiro on Tue, 11 Oct 2011 21:36:05 +0000
  Done. Thank you :)
  First Submitted: Fri, 19 Jan 2007 21:10:44 +0000
  ntfs-config 1.0.1-7
  ( Unsupported package: Potentially dangerous ! )
  ==> Edit PKGBUILD ? [Y/n] ("A" to abort)
  ==> ------------------------------------
  ==> n
  ==> ntfs-config dependencies:
  - python2 (already installed)
  - pygtk (already installed)
  - udev (already installed)
  - ntfs-3g (already installed)
  - perl-xml-parser (already installed)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'testing' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'core' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'extra' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'community-testing' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'community' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'multilib' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  ==> Continue building ntfs-config ? [Y/n]
  ==> -------------------------------------
  ==>
  ==> Building and installing package
  ==> Install or build missing dependencies for ntfs-config:
  Password:
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'testing' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'core' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'extra' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'community-testing' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'community' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'multilib' not recognized.
  error: target not found: recognized.
  ==> Restart building ntfs-config ? [y/N]
  ==> ------------------------------------
  ==>
  ==> Edit PKGBUILD ? [Y/n] ("A" to abort)
  ==> ------------------------------------
  ==> n
  ==> ntfs-config dependencies:
  - python2 (already installed)
  - pygtk (already installed)
  - udev (already installed)
  - ntfs-3g (already installed)
  - perl-xml-parser (already installed)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'testing' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'core' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'extra' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'community-testing' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'community' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  - warning: (building from AUR)
  - config (building from AUR)
  - file (package found)
  - /etc/pacman.d/mirrorlist, (building from AUR)
  - line (building from AUR)
  - 82: (building from AUR)
  - directive (building from AUR)
  - 'Germany' (building from AUR)
  - in (building from AUR)
  - section (building from AUR)
  - 'multilib' (building from AUR)
  - not (building from AUR)
  - recognized. (building from AUR)
  ==> Continue building ntfs-config ? [Y/n]
  ==> -------------------------------------
  ==>
  ==> Building and installing package
  ==> Install or build missing dependencies for ntfs-config:
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'testing' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'core' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'extra' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'community-testing' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'community' not recognized.
  warning: config file /etc/pacman.d/mirrorlist, line 82: directive 'Germany' in section 'multilib' not recognized.
  error: target not found: recognized.
  ==> Restart building ntfs-config ? [y/N]
  ==> ------------------------------------
  ==>
  ==> WARNING: Following packages have not been installed:
  ntfs-config
  Edit: now ive just seen that i forgot about the warnings. i am not sure about what they mean and how to fix it.
  Last edited by alext (2011-10-11 22:16:58)

• [Solved] Install package python-evdev from AUR

  I belive this is the correct section to post this but I have a problem installing the package python-evdev where I get the error ( Unsupported package: Potentially dangerous ! )
  after trying to install with yaourt and pip install python-evdev results in bash: pip: command not found even after checking that extra/python-setuptools 1:5.2-1 is installed
  and extra/python2-setuptools 1:5.2-1 is installed.
  I realize there are other modules for hooking x server events but this one I have already written 200 lines of code for and is key to my application working.  I was able to install
  and utilize this module in ubuntu but cannot seem to get it installed in archlinux.  Any guidance would be apreciated.
  Last edited by meschael (2014-06-25 00:34:58)

  I asumed pip came with setup tools, so following ids1024's lead I did a pacman -S python-pip which solved the command not found issue.  I downloaded and untar'ed the package from AUR and issued a makepkg -s from within the extracted folder.  There seems to be an issue with the licence which I can now see has to do with the person who make the package
  I did not realize the dynamics of how AUR works because I am new to arch, so I appologize if I bothered anyone.
  [Update] I have abondoned the idea of getting pythons evdev module installed as I have located a python3-xlib module which seems to have installed correctly, incidently I was unable to locate a xlib ported to python3 in my other distro, but found it in AUR here so this should work, will have to adapt my code but not the end of the world.  Else if (Xlib != WORKING): work directly with /dev/input/eventn using root
  Last edited by meschael (2014-06-25 00:34:03)

• [SOLVED]about package unneed

  how can i to smart clean unneed package..
  because `pacman --remove --unneeded` to clean all package with i need..
  i'm archlinux new user, help me pls tell me any package can doit like:
  /var/lib/portage/world by `emerge --depclean` @ Gentoo Linux
  /usr/local/etc/pkg_cutleaves by `pkg_cutleaves` @ FreeBSD
  to clean unneed package without my package.
  Last edited by arli (2011-11-02 12:11:07)

  tigrmesh wrote:Please tell us the solution so others can find help.  Also, please mark this thread as [solved] (edit your first post).
  sorry about that..
  this topic start by my friend(at that time, we share same http-proxy with cookies).
  but i remember he's solution, an script create by me.
  $ cat pkg_cutleaves.sh
  #!/bin/sh
  # req: pacman, grep, awk, cut
  # by ArLi Weng, [email protected], last update: 20100512
  # conf file path here, for example: /etc/pkg_cutleaves.conf
  _conf="/mnt/public/gPRG/sh/linux/arch/pkg_cutleaves.conf"
  _conf_grps=`grep "@" $_conf | cut -d@ -f2`
  _conf_pkgs=`grep -E "^[a-z]" $_conf`
  list() {
  _pkgs_qt=`pacman -Qtq`
  for _pkg_qt in $_pkgs_qt
  do
  _group=`pacman -Qi $_pkg_qt | grep "Groups" | awk '{print $3}'`
  filter_grps "$_group" "$_pkg_qt"
  done
  filter_grps() {
  for _grp in $_conf_grps
  do
  if [ "$_grp" = "$1" ]
  then
  return 0
  fi
  done
  filter_pkgs "$2"
  filter_pkgs() {
  for _pkg in $_conf_pkgs
  do
  if [ "$_pkg" = "$1" ]
  then
  return 0
  fi
  done
  hit_pkg "$1"
  hit_pkg() {
  # pacman -Rsn "$1"
  echo "$1"
  list
  here is my "pkg_cutleaves.conf"
  $ cat /mnt/public/gPRG/sh/linux/arch/pkg_cutleaves.conf
  # groups
  @base
  @xfce4
  # system
  abs
  cifs-utils
  gnu-netcat
  iftop
  ntp
  openssh
  qemu
  tcpdump
  w3m
  # dev
  autoconf
  automake
  fakeroot
  gdb
  make
  patch
  pkg-config
  # x support
  nvidia
  ttf-dejavu
  xf86-input-synaptics
  xorg-xprop
  xorg-xrdb
  # xfce4 apps
  alsa-utils
  gvfs
  thunar-archive-plugin
  xarchiver
  xfce4-notes-plugin
  xfce4-notifyd
  xfce4-power-manager
  ristretto
  # archive
  p7zip
  unrar
  unzip
  # java
  icedtea-web
  jamvm
  # pkgs
  amule
  axel
  blueman
  bogofilter
  celestia
  deluge
  desmume
  dosbox
  epdfview
  fcitx-stable
  firefox3
  flashplugin
  freerdp
  geany
  gimp
  libreoffice-calc
  libreoffice-draw
  libreoffice-impress
  libreoffice-writer
  mkvtoolnix-gtk
  mplayer-stable
  mtpaint
  pidgin
  stardict
  sylpheed
  timidity-freepats
  vorbis-tools
  wicd-gtk
  wine
  wqy-microhei-nightly_build
  Last edited by arli (2011-11-02 12:39:53)

• [SOLVED] filesystem package: list by label in /etc/crypttab

  Reading about Persistent Device Naming, using labels in /etc/fstab rather than UUIDs has some advantages.  But /etc/crypttab seems to support only /dev/sdXY and UUID notation.  Since flesystem is listed as an Arch Linux package, is there any chance of adding support for naming devices with labels in /etc/crypttab?
  Last edited by Konkorde (2014-12-15 01:28:42)

  falconindy wrote:You cannot identify an encrypted filesystem by LABEL, because the label itself is a property of the unencrypted filesystem. You're asking to solve a chicken/egg problem.
  I apologize for misspeaking: I want to identify a partition containing an encrypted filesystem by label in /etc/crypttab.  While /dev/disk/sdXY works, /dev/disk/by-label/foo did not work.
  falconindy wrote:You can identify an encrypted filesystem by its PARTLABEL (or PARTUUID), assuming you've partitioned your disks with GPT. I added support, implicitly, for this to /etc/crypttab 2 years ago.
  Thanks Dave: I am using GPT and although I'm new to PARTLABEL, I'll look into it.  Looking at the code you linked, though, I think I probably just want to use the
  if (startswith(p, "LABEL="))
  branch, rather than
  /dev/disk/by-label
  Last edited by Konkorde (2014-11-16 16:26:39)

• Adobe Air Install Package Signed by Revoke Certificate?

  My security settings may be a little more strick than most. I just download the adobe air install package today. I think the revoked signature is preventing the installation. Can anyone confirm the signature? Thanks.

  No problems with the signature on a new Windows 7 x64 / IE10 install with default settings .

• [SOLVED] 'wordgrinder' package build fails

  I'm trying to build a package out of this program here: http://aur.archlinux.org/packages.php?ID=17015
  I download the tarball, extract it into my builds directory, enter the wordgrinder directory and enter 'makepkg -s'. I've only done this sort of thing once or twice but it worked then. This time, however, it ends with a build error:
  (... lots of patching lines...)
  pm: bootstrapping...
  modemuncher.h:4: warning: cast from pointer to integer of different size
  pm: creating new intermediate file cache in '.pm-cache'
  gcc "-Wall" "-Os" "-I/usr/include/ncursesw" "-I/usr/include/lua" "-D_XOPEN_SOURCE_EXTENDED" "-D_XOPEN_SOURCE" "-DVERSION=\"0.2\"" "-DFILEFORMAT=2" "-DPREFIX=\"/usr\"" "-DNDEBUG" -c -o ".pm-cache/1-utils.o" "src/c/utils.c"
  src/c/utils.c: In function 'readu8_cb':
  src/c/utils.c:93: warning: implicit declaration of function 'lua_tointeger'
  src/c/utils.c: In function 'writeu8_cb':
  src/c/utils.c:107: warning: implicit declaration of function 'luaL_checkinteger'
  src/c/utils.c: In function 'utils_init':
  src/c/utils.c:168: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'funcs'
  src/c/utils.c:168: error: 'funcs' undeclared (first use in this function)
  src/c/utils.c:168: error: (Each undeclared identifier is reported only once
  src/c/utils.c:168: error: for each function it appears in.)
  src/c/utils.c:168: error: expected expression before ']' token
  src/c/utils.c:177: warning: implicit declaration of function 'luaL_register'
  rm -f ".pm-cache/1-utils.o"
  pm: object 'cfile', defined at pmfile:71, failed to build with return code 256
  ==> ERROR: Build Failed.
  Aborting...
  Can anybody tell me what's going wrong?
  Last edited by chochem (2008-08-19 09:40:39)

  Garns wrote:
  chochem wrote:BTW I was beta-testing the new version (0.3) while I was on Ubuntu and it looks quite impressive. Some neat new features, such as being able to navigate the document by headline-structure, easy moving text in between documents - introducing the Scrapbook - and possibly even... wait for it... undo (no promises, though). Sadly it says orphaned in AUR so Iguess it might be a while before it's available on Arch...
  I adopted it . I'll update it to 0.3 as soon as there is a release. As orphaned packages in AUR are free for anyone to adopt, you could have done this as well.
  Cool, thanks Yes, well but ... seeing as today is Day Two of my entire Arch experience, I figured I'd wait a bit before inflicting my workmanship on others. Funny thing is, I found out, I'm already contributing unwittingly: Searching AUR for MPD stuff, I found that somebody had posted a link to some old bash script hacks I've done