ArchThis Forum is for the discussion of Arch Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running 2 Arch systems---one a Gateway desktop, the other a Lenovo lap.
both running the most current Arch + XFCE, both updated regularly.
since pacman 4.03, pacman has a new "feature"--signature (key) checking on packages. Somehow, the Gateway has been updated with no hitches. The Lenovo, OTOH, is squawking at me that the signatures are all wrong---and the basic pacman-key commands are not helping. eg "pacman-key --init" hangs the computer.
Two questions:
1. Why did we need this new feature? (and are other distros doing this?)
pacman-key --init does not "hang" your computer, you just need to make some random "noise" simple way to make that noise is to start the key init process, open a second terminal and do a few dozen times "cat /proc/sys/kernel/random/uuid" unit the init job is done...
Q:1] Yes we need Signing because we can verify that those packages you get from a mirror originate from the main server and where created by the original packager from who you now hold the keys.
I used to trip up on Arch all the time - soon became a habit to go look at the homepage (rather than my saved link) every so often just to keep an eye on the upcoming news. Had way less unusable (Arch) systems after that ....
You can modify your pacman.conf ( /etc/pacman.conf) to ignore that feature. I did because I find it quite annoying. I have been a Arch user for just under a year and have had no issues.
Great idea but the "Siglevel = Never" as a global option will be phased out soon.
Future versions of pacman will get a separate SigLevel for the pacman -U from your local packages made from AUR pkgbuilds and "SigLevel = Optional TrustAll" can be used for your own repo server
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.