Bootstrapping pkg from a package

Carl Johnson carlj at peak.org
Sun Aug 2 16:20:01 UTC 2015 

Matthew Seaman <matthew at FreeBSD.org> writes:

> On 02/08/2015 04:51, Carl Johnson wrote:
>> I was just bringing up my Raspberry Pi from the 10.2-RC2 image and tried
>> to install some packages that I had saved previously.  The pkg(7)
>> manpage states that the pkg in the base system can use 'pkg add <pkg>'
>> to install the pkg package instead of getting the package from the
>> repository (which isn't available for arm).  When I tried that I just
>> got the message 'Signature for pkg not available.'  I don't have a
>> signature for it, and don't know where to get it from or how to generate
>> it.  Once I install it from ports, I can use that to add other saved
>> packages without any signature being necessary.
>
> You'll only get this error message if SIGNATURE_TYPE='fingerprints'
> somewhere in your pkg.conf and you're using pkg(7) to run
> 'pkg add something' -- otherwise it will just go ahead and install from
> the pkg.txz tarball without checking the package integrity and authenticity.

That is the default in /etc/pkg/FreeBSD.conf, so the base pkg uses that.

>> The manpage makes it appear that should work, so is there something else
>> that I need to do?  Thanks for any information.
>
> Check for the presence of pkg.txz.sig -- that has to be present in the
> same directory as the pkg.txz you're trying to install from before
> signature checking will work -- and also that you have the current
> FreeBSD repository public key:
>
> /usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
>
> which should look like this:
>
> % cat pkg.freebsd.org.2013102301
> # $FreeBSD: stable/10/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
> 260608 2014-01-13 22:07:36Z bdrewery $
>
> function: "sha256"
> fingerprint:
> "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438"
>
> Each of these files should be present on the installation media, if they
> haven't already been installed on the system.

Those are present, but the problem is there is no FreeBSD repository
available for the arm architecture, so that is why I am doing this.

> Otherwise I believe you can turn off signature checking by setting:
>
> SIGNATURE_TYPE=none

Setting the environment variable works, so I don't need to bother with
changing the configuration file.  It still seems odd that I can add
packages with pkg from ports without a signature, so it seems the pkg
from ports ignores the signature setting in the config file.

Thanks for the explanation and fix.  Hopefully they will get a pkg
repository setup for arm before too long so I won't need to bother with
this.
-- 
Carl Johnson		carlj at peak.org

More information about the freebsd-questions mailing list