My current block with #FreeBSD pkg is private repo bootstrap. It fails with bad signature.

If I first bootstrap from FreeBSD.org, then from my private repo, there is no invalid signature issue. I have no idea why.

It's annoying & extra work.

github.com/freebsd/pkg/issues/

@dvl I have my own pkg bootstrap with local signed repos, is this a very recent bug?

Follow

@dvl so I do my local pkg repo setup via poudriere, one thing I note is that pkg is 'special', it is in "Latest" directory AND in the "All" directory, in the Latest directory it has its own individual signature, whereas the "All" directory is signed all at once with a signature that encompasses the ENTIRE repo together via their hashes; if you look in the Latest directory of your repo, do you have pkg there? is there a signature file next to it?

· · Web · 1 · 0 · 0

@david

It is not in the Latest directory, but that directory is not accessed via bootstrap, according to webserver logs.

I'm told this is a poudriere issue.

The workaround:

pkg bootstrap from FreeBSD
Then change configuration to private repo.
pkg install -f pkg

see fedex.unixathome.org/packages/

@dvl i do this via local directories so far (keep meaning to setup a webserver for this). It is very annoying that (apparently) pkg has different behavior for local vs http repos. Let me experiment 🤔

@dvl Ok, and in a contender for 'wow that was a long reply'.. I finally got around to this, I repro-ed it, and solved it. In the Latest directory there is a pkg.pkg.pubkeysig, what pkg (for me) looked for was pkg.txz.pubkeysig, I just linked that and :boom: bob's your uncle. You may need pkg.tgz.pubkeysig or pkg.tbz.pubkeysig depending on your poudriere configuration

Sign in to participate in the conversation
Cross Family's Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!