diff --git a/configs/releng/build.sh b/configs/releng/build.sh index 560fda2..6e9e2f8 100755 --- a/configs/releng/build.sh +++ b/configs/releng/build.sh @@ -79,7 +79,6 @@ make_setup_mkinitcpio() { make_customize_root_image() { cp -af ${script_path}/root-image ${work_dir}/${arch} - patch ${work_dir}/${arch}/root-image/usr/bin/pacman-key < ${script_path}/pacman-key-4.0.3_unattended-keyring-init.patch curl -o ${work_dir}/${arch}/root-image/etc/pacman.d/mirrorlist 'https://www.archlinux.org/mirrorlist/?country=all&protocol=http&use_mirror_status=on' lynx -dump -nolist 'https://wiki.archlinux.org/index.php/Installation_Guide?action=render' >> ${work_dir}/${arch}/root-image/root/install.txt diff --git a/configs/releng/pacman-key-4.0.3_unattended-keyring-init.patch b/configs/releng/pacman-key-4.0.3_unattended-keyring-init.patch deleted file mode 100644 index 0a5117f..0000000 --- a/configs/releng/pacman-key-4.0.3_unattended-keyring-init.patch +++ /dev/null @@ -1,32 +0,0 @@ -Author: Pierre Schmitz - -* pacman-key: Use lsign_keys function in --populate -* pacman-key: reduce verbosity of --populate - ---- pacman-key 2012-07-10 18:45:32.000000000 -0300 -+++ pacman-key 2012-07-18 16:38:18.264110004 -0300 -@@ -376,7 +376,7 @@ - # Add keys from requested keyrings - for keyring in "${KEYRINGIDS[@]}"; do - msg "$(gettext "Appending keys from %s.gpg...")" "$keyring" -- "${GPG_PACMAN[@]}" --import "${KEYRING_IMPORT_DIR}/${keyring}.gpg" -+ "${GPG_PACMAN[@]}" --quiet --import "${KEYRING_IMPORT_DIR}/${keyring}.gpg" - done - - # Read the trusted key IDs to an array. Because this is an ownertrust -@@ -403,12 +403,13 @@ - msg "$(gettext "Locally signing trusted keys in keyring...")" - for key_id in "${!trusted_ids[@]}"; do - msg2 "$(gettext "Locally signing key %s...")" "${key_id}" -- "${GPG_PACMAN[@]}" --quiet --lsign-key "${key_id}" -+ KEYIDS=("${key_id}") -+ lsign_keys - done - msg "$(gettext "Importing owner trust values...")" - for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then -- "${GPG_PACMAN[@]}" --import-ownertrust "${KEYRING_IMPORT_DIR}/${keyring}-trusted" -+ "${GPG_PACMAN[@]}" --import-ownertrust "${KEYRING_IMPORT_DIR}/${keyring}-trusted" 2>/dev/null - fi - done - fi diff --git a/configs/releng/pacman.conf b/configs/releng/pacman.conf index 821f9a5..45fe03d 100644 --- a/configs/releng/pacman.conf +++ b/configs/releng/pacman.conf @@ -15,11 +15,10 @@ #LogFile = /var/log/pacman.log #GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc -# If upgrades are available for these packages they will be asked for first -SyncFirst = pacman #XferCommand = /usr/bin/curl -C - -f %u > %o #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled +#UseDelta = 0.7 Architecture = auto # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup @@ -31,7 +30,7 @@ Architecture = auto # Misc options #UseSyslog -#UseDelta +#Color #TotalDownload # We cannot check disk space from within a chroot environment #CheckSpace @@ -39,7 +38,9 @@ Architecture = auto # By default, pacman accepts packages signed by keys that its local keyring # trusts (see pacman-key and its man page), as well as unsigned packages. -#SigLevel = Optional TrustedOnly +SigLevel = Required DatabaseOptional +LocalFileSigLevel = Optional +#RemoteFileSigLevel = Required # NOTE: You must run `pacman-key --init` before first using pacman; the local # keyring can then be populated with the keys of all official Arch Linux @@ -69,23 +70,18 @@ Architecture = auto # after the header, and they will be used before the default mirrors. #[testing] -#SigLevel = PackageRequired #Include = /etc/pacman.d/mirrorlist [core] -SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist [extra] -SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist #[community-testing] -#SigLevel = PackageRequired #Include = /etc/pacman.d/mirrorlist [community] -SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for