My current block with #FreeBSD pkg is private repo bootstrap. It fails with bad signature.
If I first bootstrap from FreeBSD.org, then from my private repo, there is no invalid signature issue. I have no idea why.
It's annoying & extra work.
@dvl I have my own pkg bootstrap with local signed repos, is this a very recent bug?
@dvl so I do my local pkg repo setup via poudriere, one thing I note is that pkg is 'special', it is in "Latest" directory AND in the "All" directory, in the Latest directory it has its own individual signature, whereas the "All" directory is signed all at once with a signature that encompasses the ENTIRE repo together via their hashes; if you look in the Latest directory of your repo, do you have pkg there? is there a signature file next to it?
It is not in the Latest directory, but that directory is not accessed via bootstrap, according to webserver logs.
I'm told this is a poudriere issue.
The workaround:
pkg bootstrap from FreeBSD
Then change configuration to private repo.
pkg install -f pkg
see http://fedex.unixathome.org/packages/13amd64-default-primary/
@dvl Ok, and in a contender for 'wow that was a long reply'.. I finally got around to this, I repro-ed it, and solved it. In the Latest directory there is a pkg.pkg.pubkeysig, what pkg (for me) looked for was pkg.txz.pubkeysig, I just linked that and :boom: bob's your uncle. You may need pkg.tgz.pubkeysig or pkg.tbz.pubkeysig depending on your poudriere configuration
