PKG not quite ready for prime time
Michelle Sullivan
michelle at sorbs.net
Fri Oct 10 23:16:04 UTC 2014
Mark Felder wrote:
> On Fri, Oct 10, 2014, at 14:47, Bryan Drewery wrote:
>
>> On 10/10/2014 1:12 PM, scratch65535 at att.net wrote:
>>
>>> On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote:
>>>
>>>
>>>> find /usr/share/keys/pkg -exec sha256 {} +
>>>>
>>> No such file
>>>
>> That's your problem. You are missing the signature fingerprints to
>> compare against. As such Pkg is refusing to do anything to prevent MITM
>> attacks.
>>
>> You are missing this:
>> https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc
>>
>> freebsd-update can provide it.
>>
>>
>>
>
> Ahh, good point. This is better advice. Even if your system was
> supposedly fully up to date freebsd-update would detect this is missing
> and repair it as it was part of an SA. This is better advice than my
> manual creation method :-)
>
Didn't on mine, I ran into the same problem - though it wasn't a show
stopper for me as I was trying to use my own repo - which also failed
using the docs... and nothing in the debug gave any clues or additional
information to the problem. Fortunately, I can read/write code, so I
fixed things myself.
Michelle
(and people wonder why I hadn't switched to pkgng by Sept 1.. but it was
deemed thou shalt use it whether you like it or not)
--
Michelle Sullivan
http://www.mhix.org/
More information about the freebsd-ports
mailing list