[gobolinux-users] The package for hungarian OpenOffice2.0.4
Andy Feldman
nereusren at gmail.com
Mon Nov 13 19:47:51 UTC 2006
On 11/13/06, Jonas Karlsson <jonka750 at student.liu.se> wrote:
> 2006/11/13, Andy Feldman <nereusren at gmail.com>:
> > For example, when I download your GnuPG package, it errors
> > out with "Invalid signature," with no option to install it anyway.
>
> [...] What does InstallPackage say
> more than 'nvalid signature'? Does it say anything more, like that
> some files are missing or aren't signed?
InstallPackage: Installing GnuPG, version 1.4.5.
InstallPackage: Uncompressing to /Programs...
InstallPackage: Invalid signature. Package has been modified
InstallPackage: Suspect package in /Programs/GnuPG/1.4.5
InstallPackage: Removing downloaded package
/System/Variable/tmp/GnuPG--1.4.5--i686.tar.bz2.
This is with Scripts 2.5.1 and GnuPG 1.4.1, on 012.
> I thought that one
> could install contributed packages and get that the signature was ok.
I tried to submit a signed package a while ago... I know things have
changed quite a bit since then with the signing framework, but at the
time Lucas suggested to me to leave it unsigned if I didn't have a
practical way of giving people my key.
Incidentally, do you have your public key posted somewhere? That way I
would be able to use your packages, at least :). I'm not very
experienced with the public key framework, but I'd be interested in
learning about it and trying to make it work easily with packages in
general... A robust user-trust framework for binary packages is a
great goal, since it would helps us get even farther away from relying
on a single "central repository."
-Andy
More information about the gobolinux-users
mailing list