#archlinux32 | Logs for 2022-02-03
Back
[00:00:37] <bill-auger> girls: i can not get an update for your GPG key DE9F7688CACF04FEB81A6C590AEEC90755DA7B5A - which keyserver has it?
[00:02:11] <bill-auger> thats in the PKGBUILD +validpgpkeys=('DE9F7688CACF04FEB81A6C590AEEC90755DA7B5A')
[00:14:39] <bill-auger> like if i (anyone) have the arch32 keyring package installed 2022-01-09, pacman-key --verify fails on the new keyring package
[00:22:42] <bill-auger> girls: https://termbin.com
[02:00:03] -!- doskoi has quit [Ping timeout: 256 seconds]
[02:10:12] -!- doskoi has joined #archlinux32
[05:31:37] -!- volki57_ has quit [Quit: ZNC 1.8.2 - https://znc.in]
[05:33:22] -!- volki57 has joined #archlinux32
[05:36:27] -!- GNUtoo has quit [Remote host closed the connection]
[05:36:39] -!- GNUtoo has joined #archlinux32
[06:10:11] -!- lithium_pt has quit [Ping timeout: 256 seconds]
[06:40:35] -!- lithiumpt has joined #archlinux32
[06:56:11] <girls> bill-auger: all arch32-relevant keys are available on https://archlinux32.org
[06:56:18] <girls> this also includes some upstream keys
[06:58:56] <girls> umm, but this key is not in the keyring - it's my personal key, with which I manually sign stuff - e.g. my emails or some software
[06:59:15] <girls> maybe I should use the release key for the keyring, too - but this would not be in the arch32 keyring, either
[07:28:29] -!- lithiumpt has quit [Ping timeout: 256 seconds]
[07:48:06] -!- lithiumpt has joined #archlinux32
[09:04:13] -!- GNUtoo has quit [Remote host closed the connection]
[09:04:23] -!- GNUtoo has joined #archlinux32
[09:13:55] -!- titus_livius has joined #archlinux32
[09:25:53] -!- CapNemo has quit [*.net *.split]
[09:27:58] -!- CapNemo has joined #archlinux32
[10:23:47] -!- abaumann has joined #archlinux32
[10:23:47] <buildmaster> Hi abaumann!
[10:23:48] <buildmaster> !rq abaumann
[10:23:48] <phrik> buildmaster: <abaumann> OOM-killer could order memory on ebay..
[10:31:39] <abaumann> deep42thought: I updated reflector32, 2020.9-2.0 is still for testing/stable and python 3.9, 2021.11 is for staging and python 3.10
[10:54:58] -!- abaumann has quit [Quit: leaving]
[14:25:45] -!- jonathon has quit [Remote host closed the connection]
[14:25:56] -!- jonathon has joined #archlinux32
[14:26:50] -!- volki57 has quit [Quit: ZNC 1.8.2 - https://znc.in]
[14:55:11] <bill-auger> generally, i think people expect all keys which signed any package, to be in the keyring
[14:55:11] <bill-auger> the parabola keyring package is signed by the autobuilder, which has no expiration is itself also in the keyring - the chicken-and-egg is not eliminated; but only affects users who are migrating from another arch-like distro
[15:02:40] <bill-auger> those people naturally must permit pacman to ignore (or import) the missing key - but anyone who boots an ISO will find that the newest keyring can not be installed without similarly fudging pacman - so a new ISO must be made everytime the keyring package changes
[15:06:03] <bill-auger> this month was a perfect example - there were two new keyring packages this month - install would work from an ISO with the earlier keyring only until the keyring package was repalced - afterward, the live system would be unable to verify that package
[15:22:46] <bill-auger> on second thought, the live system can not verify the keyring that itself is using - im not sure now, why it works at all
[15:24:12] <bill-auger> how is is possible for the live system to pacstrap install the keyring package, if the signing key is not in the live systemd's keyring?
[15:25:43] <Foxboron> bill-auger: because pacstrap doesn't install the keyring. It copies over the host keyring.
[15:26:10] <bill-auger> ah yes, i beleive that is coorrect - there is an option to disable that
[15:27:32] <bill-auger> but it does install the keyring package regardless - the keyring package is reqired by 'base' via 'pacman'
[15:27:47] <Foxboron> yes
[15:28:07] <bill-auger> and that package must be verified by pacstrap during install
[15:28:28] <Foxboron> Yes, but the keyring isn't signed by random people
[15:28:41] <bill-auger> but i dont see how it could do that, without the signing key
[15:29:00] <bill-auger> if the signing key is not in the live system
[15:29:34] <Foxboron> The key is on the system, the keyring package has it and has copied it over to the chroot
[15:30:01] <bill-auger> but that signing key is not in the live system's keyring
[15:32:44] <bill-auger> ok, nm, i think i unconfused myself now - the signing key for the keyring package is in the live system's keyring
[15:33:02] <bill-auger> it was signature of the sourceball which did not validate
[15:34:54] <bill-auger> and now i know where i can get it - i should simply add a note to the PKGBUILD, where to get the key
[15:57:16] -!- volki57 has joined #archlinux32
[16:07:19] -!- volki57 has quit [Quit: ZNC 1.8.2 - https://znc.in]
[16:07:39] -!- volki57 has joined #archlinux32
[16:07:58] -!- volki57 has quit [Remote host closed the connection]
[16:08:28] -!- volki57 has joined #archlinux32
[16:43:29] -!- bill-auger has quit [Ping timeout: 256 seconds]
[17:29:05] -!- bill-auger has joined #archlinux32
[18:43:48] -!- GNUtoo has quit [Ping timeout: 276 seconds]
[18:45:06] -!- drathir_tor has quit [Ping timeout: 276 seconds]
[18:50:17] -!- GNUtoo has joined #archlinux32
[19:11:29] -!- abaumann has joined #archlinux32
[19:11:29] <buildmaster> Hi abaumann!
[19:11:29] <buildmaster> !rq abaumann
[19:11:30] <phrik> buildmaster: <abaumann> I'm always sceptical when big tech companies are "donating" code to the public. :->
[19:30:22] -!- drathir_tor has joined #archlinux32
[19:35:43] -!- GNUtoo has quit [Remote host closed the connection]
[19:35:52] -!- GNUtoo has joined #archlinux32
[20:28:56] <girls> bill-auger: you mix signature on the source tarball with signatures on the packages: all packages in arch32 are signed by the build slaves, whose keys are in the keyring
[20:29:11] <girls> but the keyring *source* package is signed with my personal key
[20:30:05] <girls> ah, I should read until the end before answering :)
[20:30:28] -!- deep42thought has joined #archlinux32
[20:30:28] <buildmaster> Hi deep42thought!
[20:30:28] <buildmaster> !rq deep42thought
[20:30:29] <phrik> buildmaster: <deep42thought> I've read, that the new cairo may add huuuugeeee spacing t o e a c h l e t t e r
[20:37:40] <abaumann> hi deep42thought
[20:37:47] <abaumann> I'm still in the "slautherhouse" ;-)
[20:37:49] <deep42thought> abaumann: nit-picker should now finally shut up about yout key
[20:37:59] <abaumann> oh, that's good.
[20:38:15] <abaumann> https://archlinux32.org shows my key in red.
[20:38:16] <phrik> Title: Buildmaster for Archlinux32 packages (i486, i686, pentium4, any) (at archlinux32.org)
[20:38:23] <deep42thought> it checks the keyring against its pacman keyring - and I did not (yet) update that
[20:38:26] <abaumann> 30891150
[20:38:30] <abaumann> ah.
[20:38:42] <abaumann> red keys make me nervous ;-)
[20:38:58] <deep42thought> that's only in the old keyring package
[20:39:04] <deep42thought> we should probably promote the current one
[20:39:51] <deep42thought> i.e. 20220109 is obsolete, but 20220131 has the recent key
[20:40:15] <abaumann> ah, ok.
[20:42:11] <deep42thought> Polichronucci (Arch Linux 32 Master Key) <polichronucci@archlinux.gr> will also expire soonish ...
[20:49:00] <deep42thought> I wrote him an email :)
[21:02:46] <abaumann> mmh. using archiso32 with i486 seemed to be a good idea, till the XY decompression failed..
[21:02:59] <abaumann> ..after some 10 minutes on reading the ISO on an old AMD machine..
[21:03:09] <deep42thought> xy?
[21:03:14] <abaumann> xz
[21:03:19] <deep42thought> ah :)
[21:03:23] <abaumann> american keyboard mixup :-)
[21:04:31] <deep42thought> maybe, we can compress differently for i486?
[21:05:01] <abaumann> the memory consumption of the standard iso is still way to high.
[21:05:21] <abaumann> I was just pondering whether building the standard iso on the lowest supported architecture is a thing.
[21:05:45] <abaumann> for instance that AMD I have has 1.5GB of RAM, but cannot boot a i686/pentium4 kernel.
[21:05:58] <deep42thought> well, now you know
[21:06:03] <abaumann> for small systems the iso has to be done completely differently anyway.
[21:43:01] -!- bill-auger has quit [Ping timeout: 256 seconds]
[21:43:41] -!- bill-auger has joined #archlinux32
[22:17:59] -!- abaumann has quit [Quit: leaving]
[22:31:03] -!- deep42thought has quit [Quit: Leaving.]