4b70feb2fb
keyringctl: Add `derive_user_from_target()` to derive the username from an existing public key in the target directory when importing (updates to) an already known key. Change `convert()` to either use a custom name override (if provided), a username derived from target dir (if existing) or the file name of the to be imported file as username. |
||
---|---|---|
.gitlab | ||
master | ||
master-revoked | ||
packager | ||
packager-revoked | ||
.editorconfig | ||
.flake8 | ||
.gitattributes | ||
.gitignore | ||
.gitlab-ci.yml | ||
archlinux-revoked | ||
archlinux-trusted | ||
archlinux.gpg | ||
CONTRIBUTING.md | ||
keyringctl | ||
LICENSE | ||
Makefile | ||
master-keyids | ||
master-revoked-keyids | ||
packager-keyids | ||
packager-revoked-keyids | ||
pyproject.toml | ||
README.md | ||
update-keys |
archlinux-keyring
The archlinux-keyring project holds PGP packet material and tooling
(keyringctl
) to create the distribution keyring for Arch Linux.
The keyring is used by pacman to establish the web of trust for the packagers
of the distribution.
The PGP packets describing the main signing keys can be found below the main directory, while those of the packagers are located below the packagers directory.
Requirements
The following packages need to be installed to be able to create a PGP keyring from the provided data structure and to install it:
- make
- python
- sequoia-sq
Installation
To install archlinux-keyring system-wide use the included Makefile
:
make install
Contribute
Development of archlinux-keyring takes place on Arch Linux' Gitlab: https://gitlab.archlinux.org/archlinux/archlinux-keyring.
Please read our distribution-wide Code of Conduct before contributing, to understand what actions will and will not be tolerated.
Read our contributing guide to learn more about how to provide fixes or improvements for the code base and how to add, update or remove key material.
Discussion around archlinux-keyring may take place on the arch-projects mailing list and in #archlinux-projects on Libera Chat.
All past and present authors of archlinux-keyring are listed in AUTHORS.
Releases
Releases of
archlinux-keyring
are created by its current maintainer Christian
Hesse. Tags are signed using the PGP key
with the ID 02FD1C7A934E614545849F19A6234074498E9CEE
.
To verify a tag, first import the relevant PGP key:
gpg --auto-key-locate wkd --search-keys eworm@archlinux.org
Afterwards a tag can be verified from a clone of this repository:
git verify-tag <tag>
License
Archlinux-keyring is licensed under the terms of the GPL-3.0-or-later (see LICENSE).