outdated comments in pacman.conf
Task Info (Flyspray) | |
---|---|
Opened By | Andrey (altazar) |
Task ID | 54833 |
Type | Bug Report |
Project | Arch Linux |
Category | Packages: Core |
Version | None |
OS | All |
Opened | 2017-07-16 09:11:32 UTC |
Status | Assigned |
Assignee | Levente Polyak (anthraxx) |
Assignee | Morten Linderud (Foxboron) |
Details
I found what comments in /etc/pacman.conf about signature verification is out of date:
By default, pacman accepts packages signed by keys that its local keyring
trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel = Required DatabaseOptional LocalFileSigLevel = Optional #RemoteFileSigLevel = Required
So I propose following changes to make comments consistent with default settings:
By default, pacman accepts only packages signed by keys that its local keyring trusts (see pacman-key and its man page)
The only exclusion is packages from local filesystem, such packages can be unsigned
SigLevel = Required DatabaseOptional LocalFileSigLevel = Optional #RemoteFileSigLevel = Required
I have created patch file and attached it to this ticket.