Date: Sun, 02 Aug 2015 09:16:06 -0700 From: Carl Johnson <carlj@peak.org> To: freebsd-questions@freebsd.org Subject: Re: Bootstrapping pkg from a package Message-ID: <87r3nlhdix.fsf@elk.localnet> In-Reply-To: <55BE04FA.6040301@FreeBSD.org> (Matthew Seaman's message of "Sun, 2 Aug 2015 12:54:34 %2B0100") References: <87y4hugxf4.fsf@elk.localnet> <55BE04FA.6040301@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Seaman <matthew@FreeBSD.org> writes: > On 02/08/2015 04:51, Carl Johnson wrote: >> I was just bringing up my Raspberry Pi from the 10.2-RC2 image and tried >> to install some packages that I had saved previously. The pkg(7) >> manpage states that the pkg in the base system can use 'pkg add <pkg>' >> to install the pkg package instead of getting the package from the >> repository (which isn't available for arm). When I tried that I just >> got the message 'Signature for pkg not available.' I don't have a >> signature for it, and don't know where to get it from or how to generate >> it. Once I install it from ports, I can use that to add other saved >> packages without any signature being necessary. > > You'll only get this error message if SIGNATURE_TYPE='fingerprints' > somewhere in your pkg.conf and you're using pkg(7) to run > 'pkg add something' -- otherwise it will just go ahead and install from > the pkg.txz tarball without checking the package integrity and authenticity. That is the default in /etc/pkg/FreeBSD.conf, so the base pkg uses that. >> The manpage makes it appear that should work, so is there something else >> that I need to do? Thanks for any information. > > Check for the presence of pkg.txz.sig -- that has to be present in the > same directory as the pkg.txz you're trying to install from before > signature checking will work -- and also that you have the current > FreeBSD repository public key: > > /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 > > which should look like this: > > % cat pkg.freebsd.org.2013102301 > # $FreeBSD: stable/10/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 > 260608 2014-01-13 22:07:36Z bdrewery $ > > function: "sha256" > fingerprint: > "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438" > > Each of these files should be present on the installation media, if they > haven't already been installed on the system. Those are present, but the problem is there is no FreeBSD repository available for the arm architecture, so that is why I am doing this. > Otherwise I believe you can turn off signature checking by setting: > > SIGNATURE_TYPE=none Setting the environment variable works, so I don't need to bother with changing the configuration file. It still seems odd that I can add packages with pkg from ports without a signature, so it seems the pkg from ports ignores the signature setting in the config file. Thanks for the explanation and fix. Hopefully they will get a pkg repository setup for arm before too long so I won't need to bother with this. -- Carl Johnson carlj@peak.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87r3nlhdix.fsf>