On Thu, Jan 18, 2018 at 7:52 PM, Daniel Kahn Gillmor
wrote:
> if this is the only thing happening, apt will indeed fail, because it
> has never heard of the "new key" that was just created -- why should it
> accept signatures from that new key?
>
> how are you configuring the target system to poin
On Wed 2018-01-17 20:58:21 -0800, Dan Kegel wrote:
> Does one even need --import and --export while building foobar-archive;
> aren't the thing being imported and the thing being exported
> the same format?
i don't know -- what are you importing? if the thing you're importing
is already a clean T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tuesday 16 January 2018 at 6:50:45 PM, in
, Andrew
Gallagher wrote:-
> Agreed. I was thinking more along the lines of having
> some method
> of causing signature vandalism to expire.
Perhaps this could be achieved by introducing a "certifica
On Wed, Jan 17, 2018 at 8:58 PM, Dan Kegel wrote:
> Here's the bit where it explodes,
>
> + sudo GNUPGHOME=/tmp/obs_localbuild_gpghome_dank.tmp
> APT_CONFIG=/home/dank/src/obs/foo.tmp/etc/apt.conf apt-get -q -q
> update
> inside VerifyGetSigners
> Preparing to exec: /usr/bin/apt-key --quiet --rea
On Thu, 18 Jan 2018 15:41, nbsd4e...@gmail.com said:
> --enable-selinux-support --with-libgpg-error-prefix=/usr/local \
^^
Ah! There is a second case where you see the reported error message:
#ifdef ENABLE_SELINUX_HACKS
if (1)
{
/* We don't allow importin
2018-01-18 4:12 GMT+09:00 Werner Koch :
> On Wed, 17 Jan 2018 15:18, nbsd4e...@gmail.com said:
>
>> "gpg: importing secret keys not allowed"
>
> Which means you are trying to import from a keyserver, WKD, DANE etc.
I do not know; the tests are trying to do it, AFAIK.
> That is very strange. How
