From 9715ddbe9df6e7a2a37a11c4f3e90a5446459217 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Fri, 14 Oct 2011 09:09:46 +0200 Subject: Apply pacman 4.0 changes to our copies of makepkg.conf and pacman.conf Note: Signature checks are disabled for now until we provide a keyring package. --- makepkg-i686.conf | 25 ++++++++++++++++--------- makepkg-x86_64.conf | 25 ++++++++++++++++--------- pacman-extra.conf | 23 +++++++++++++++++++---- pacman-multilib-testing.conf | 23 +++++++++++++++++++---- pacman-multilib.conf | 23 +++++++++++++++++++---- pacman-staging.conf | 23 +++++++++++++++++++---- pacman-testing.conf | 23 +++++++++++++++++++---- 7 files changed, 127 insertions(+), 38 deletions(-) diff --git a/makepkg-i686.conf b/makepkg-i686.conf index 9120183..6bbd672 100644 --- a/makepkg-i686.conf +++ b/makepkg-i686.conf @@ -8,16 +8,16 @@ # #-- The download utilities that makepkg should use to acquire sources # Format: 'protocol::agent' -DLAGENTS=('ftp::/usr/bin/wget -c --passive-ftp -t 3 --waitretry=3 -O %o %u' - 'http::/usr/bin/wget -c -t 3 --waitretry=3 -O %o %u' - 'https::/usr/bin/wget -c -t 3 --waitretry=3 --no-check-certificate -O %o %u' +DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u' + 'http::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' + 'https::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' 'rsync::/usr/bin/rsync -z %u %o' 'scp::/usr/bin/scp -C %u %o') # Other common tools: # /usr/bin/snarf # /usr/bin/lftpget -c -# /usr/bin/curl +# /usr/bin/wget ######################################################################### # ARCHITECTURE, COMPILE FLAGS @@ -26,7 +26,7 @@ DLAGENTS=('ftp::/usr/bin/wget -c --passive-ftp -t 3 --waitretry=3 -O %o %u' CARCH="i686" CHOST="i686-pc-linux-gnu" -#-- Exclusive: will only run on i686 +#-- Compiler and Linker Flags # -march (or -mcpu) builds exclusively for an architecture # -mtune optimizes for an architecture, but builds for whole processor family CFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2" @@ -39,7 +39,7 @@ LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,--hash-style=gnu" # BUILD ENVIRONMENT ######################################################################### # -# Defaults: BUILDENV=(fakeroot !distcc color !ccache check) +# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign) # A negated environment option will do the opposite of the comments below. # #-- fakeroot: Allow building packages as a non-root user @@ -47,19 +47,23 @@ LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,--hash-style=gnu" #-- color: Colorize output messages #-- ccache: Use ccache to cache compilation #-- check: Run the check() function if present in the PKGBUILD +#-- sign: Generate PGP signature file # -BUILDENV=(fakeroot !distcc color !ccache check) +BUILDENV=(fakeroot !distcc color !ccache check !sign) # #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. #DISTCC_HOSTS="" +# +#-- Specify a directory for package building. +#BUILDDIR=/tmp/makepkg ######################################################################### # GLOBAL PACKAGE OPTIONS # These are default values for the options=() settings ######################################################################### # -# Default: OPTIONS=(strip docs libtool emptydirs zipman purge) +# Default: OPTIONS=(strip docs libtool emptydirs zipman purge !upx) # A negated option will do the opposite of the comments below. # #-- strip: Strip symbols from binaries/libraries @@ -68,8 +72,9 @@ BUILDENV=(fakeroot !distcc color !ccache check) #-- emptydirs: Leave empty directories in packages #-- zipman: Compress manual (man and info) pages in MAN_DIRS with gzip #-- purge: Remove files specified by PURGE_TARGETS +#-- upx: Compress binary executable files using UPX # -OPTIONS=(strip docs libtool emptydirs zipman purge) +OPTIONS=(strip docs libtool emptydirs zipman purge !upx) #-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512 INTEGRITY_CHECK=(md5) @@ -100,6 +105,8 @@ PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod) #SRCPKGDEST=/home/srcpackages #-- Packager: name/email of the person or organization building packages #PACKAGER="John Doe " +#-- Specify a key to use for package signing +#GPGKEY="" ######################################################################### # EXTENSION DEFAULTS diff --git a/makepkg-x86_64.conf b/makepkg-x86_64.conf index 052cf3f..ff460ec 100644 --- a/makepkg-x86_64.conf +++ b/makepkg-x86_64.conf @@ -8,16 +8,16 @@ # #-- The download utilities that makepkg should use to acquire sources # Format: 'protocol::agent' -DLAGENTS=('ftp::/usr/bin/wget -c --passive-ftp -t 3 --waitretry=3 -O %o %u' - 'http::/usr/bin/wget -c -t 3 --waitretry=3 -O %o %u' - 'https::/usr/bin/wget -c -t 3 --waitretry=3 --no-check-certificate -O %o %u' +DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u' + 'http::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' + 'https::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' 'rsync::/usr/bin/rsync -z %u %o' 'scp::/usr/bin/scp -C %u %o') # Other common tools: # /usr/bin/snarf # /usr/bin/lftpget -c -# /usr/bin/curl +# /usr/bin/wget ######################################################################### # ARCHITECTURE, COMPILE FLAGS @@ -26,7 +26,7 @@ DLAGENTS=('ftp::/usr/bin/wget -c --passive-ftp -t 3 --waitretry=3 -O %o %u' CARCH="x86_64" CHOST="x86_64-unknown-linux-gnu" -#-- Exclusive: will only run on x86_64 +#-- Compiler and Linker Flags # -march (or -mcpu) builds exclusively for an architecture # -mtune optimizes for an architecture, but builds for whole processor family CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2" @@ -39,7 +39,7 @@ LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,--hash-style=gnu" # BUILD ENVIRONMENT ######################################################################### # -# Defaults: BUILDENV=(fakeroot !distcc color !ccache check) +# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign) # A negated environment option will do the opposite of the comments below. # #-- fakeroot: Allow building packages as a non-root user @@ -47,19 +47,23 @@ LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,--hash-style=gnu" #-- color: Colorize output messages #-- ccache: Use ccache to cache compilation #-- check: Run the check() function if present in the PKGBUILD +#-- sign: Generate PGP signature file # -BUILDENV=(fakeroot !distcc color !ccache check) +BUILDENV=(fakeroot !distcc color !ccache check !sign) # #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. #DISTCC_HOSTS="" +# +#-- Specify a directory for package building. +#BUILDDIR=/tmp/makepkg ######################################################################### # GLOBAL PACKAGE OPTIONS # These are default values for the options=() settings ######################################################################### # -# Default: OPTIONS=(strip docs libtool emptydirs zipman purge) +# Default: OPTIONS=(strip docs libtool emptydirs zipman purge !upx) # A negated option will do the opposite of the comments below. # #-- strip: Strip symbols from binaries/libraries @@ -68,8 +72,9 @@ BUILDENV=(fakeroot !distcc color !ccache check) #-- emptydirs: Leave empty directories in packages #-- zipman: Compress manual (man and info) pages in MAN_DIRS with gzip #-- purge: Remove files specified by PURGE_TARGETS +#-- upx: Compress binary executable files using UPX # -OPTIONS=(strip docs libtool emptydirs zipman purge) +OPTIONS=(strip docs libtool emptydirs zipman purge !upx) #-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512 INTEGRITY_CHECK=(md5) @@ -100,6 +105,8 @@ PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod) #SRCPKGDEST=/home/srcpackages #-- Packager: name/email of the person or organization building packages #PACKAGER="John Doe " +#-- Specify a key to use for package signing +#GPGKEY="" ######################################################################### # EXTENSION DEFAULTS diff --git a/pacman-extra.conf b/pacman-extra.conf index 206ab23..d2b37b1 100644 --- a/pacman-extra.conf +++ b/pacman-extra.conf @@ -13,11 +13,12 @@ #DBPath = /var/lib/pacman/ #CacheDir = /var/cache/pacman/pkg/ #LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc # If upgrades are available for these packages they will be asked for first SyncFirst = pacman -#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled Architecture = auto @@ -28,12 +29,25 @@ Architecture = auto #NoUpgrade = #NoExtract = -# Misc options (all disabled by default) +# Misc options #UseSyslog -#ShowSize #UseDelta #TotalDownload -#CheckSpace +CheckSpace +#VerbosePkgLists + +# PGP signature checking +# NOTE: None of this will work without running `pacman-key --init` first. +# The compiled in default is equivalent to the following line. This requires +# you to locally sign and trust packager keys using `pacman-key` for them to be +# considered valid. +#SigLevel = Optional TrustedOnly +# If you wish to check signatures but avoid local sign and trust issues, use +# the following line. This will treat any key imported into pacman's keyring as +# trusted. +SigLevel = Optional TrustAll +# Disable signature checks for now +SigLevel = Never # # REPOSITORIES @@ -76,5 +90,6 @@ Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for # tips on creating your own repositories. #[custom] +#SigLevel = Optional TrustAll #Server = file:///home/custompkgs diff --git a/pacman-multilib-testing.conf b/pacman-multilib-testing.conf index 32fc35c..d544e9e 100644 --- a/pacman-multilib-testing.conf +++ b/pacman-multilib-testing.conf @@ -13,11 +13,12 @@ #DBPath = /var/lib/pacman/ #CacheDir = /var/cache/pacman/pkg/ #LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc # If upgrades are available for these packages they will be asked for first SyncFirst = pacman -#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled Architecture = auto @@ -28,12 +29,25 @@ Architecture = auto #NoUpgrade = #NoExtract = -# Misc options (all disabled by default) +# Misc options #UseSyslog -#ShowSize #UseDelta #TotalDownload -#CheckSpace +CheckSpace +#VerbosePkgLists + +# PGP signature checking +# NOTE: None of this will work without running `pacman-key --init` first. +# The compiled in default is equivalent to the following line. This requires +# you to locally sign and trust packager keys using `pacman-key` for them to be +# considered valid. +#SigLevel = Optional TrustedOnly +# If you wish to check signatures but avoid local sign and trust issues, use +# the following line. This will treat any key imported into pacman's keyring as +# trusted. +#SigLevel = Optional TrustAll +# Disable signature checks for now +SigLevel = Never # # REPOSITORIES @@ -76,6 +90,7 @@ Include = /etc/pacman.d/mirrorlist # If you want to run 32 bit applications on your x86_64 system, # enable the multilib repository here. [multilib-testing] +#SigLevel = Optional TrustAll Include = /etc/pacman.d/mirrorlist [multilib] diff --git a/pacman-multilib.conf b/pacman-multilib.conf index 50f86be..2497c81 100644 --- a/pacman-multilib.conf +++ b/pacman-multilib.conf @@ -13,11 +13,12 @@ #DBPath = /var/lib/pacman/ #CacheDir = /var/cache/pacman/pkg/ #LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc # If upgrades are available for these packages they will be asked for first SyncFirst = pacman -#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled Architecture = auto @@ -28,12 +29,25 @@ Architecture = auto #NoUpgrade = #NoExtract = -# Misc options (all disabled by default) +# Misc options #UseSyslog -#ShowSize #UseDelta #TotalDownload -#CheckSpace +CheckSpace +#VerbosePkgLists + +# PGP signature checking +# NOTE: None of this will work without running `pacman-key --init` first. +# The compiled in default is equivalent to the following line. This requires +# you to locally sign and trust packager keys using `pacman-key` for them to be +# considered valid. +#SigLevel = Optional TrustedOnly +# If you wish to check signatures but avoid local sign and trust issues, use +# the following line. This will treat any key imported into pacman's keyring as +# trusted. +#SigLevel = Optional TrustAll +# Disable signature checks for now +SigLevel = Never # # REPOSITORIES @@ -76,6 +90,7 @@ Include = /etc/pacman.d/mirrorlist # If you want to run 32 bit applications on your x86_64 system, # enable the multilib repository here. [multilib] +#SigLevel = Optional TrustAll Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for diff --git a/pacman-staging.conf b/pacman-staging.conf index 4479129..b9c2cc2 100644 --- a/pacman-staging.conf +++ b/pacman-staging.conf @@ -13,11 +13,12 @@ #DBPath = /var/lib/pacman/ #CacheDir = /var/cache/pacman/pkg/ #LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc # If upgrades are available for these packages they will be asked for first SyncFirst = pacman -#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled Architecture = auto @@ -28,12 +29,25 @@ Architecture = auto #NoUpgrade = #NoExtract = -# Misc options (all disabled by default) +# Misc options #UseSyslog -#ShowSize #UseDelta #TotalDownload -#CheckSpace +CheckSpace +#VerbosePkgLists + +# PGP signature checking +# NOTE: None of this will work without running `pacman-key --init` first. +# The compiled in default is equivalent to the following line. This requires +# you to locally sign and trust packager keys using `pacman-key` for them to be +# considered valid. +#SigLevel = Optional TrustedOnly +# If you wish to check signatures but avoid local sign and trust issues, use +# the following line. This will treat any key imported into pacman's keyring as +# trusted. +#SigLevel = Optional TrustAll +# Disable signature checks for now +SigLevel = Never # # REPOSITORIES @@ -76,6 +90,7 @@ Include = /etc/pacman.d/mirrorlist [community-testing] Include = /etc/pacman.d/mirrorlist +#SigLevel = Optional TrustAll [community] Include = /etc/pacman.d/mirrorlist diff --git a/pacman-testing.conf b/pacman-testing.conf index fcfdf15..6a7c4bf 100644 --- a/pacman-testing.conf +++ b/pacman-testing.conf @@ -13,11 +13,12 @@ #DBPath = /var/lib/pacman/ #CacheDir = /var/cache/pacman/pkg/ #LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ HoldPkg = pacman glibc # If upgrades are available for these packages they will be asked for first SyncFirst = pacman -#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u #CleanMethod = KeepInstalled Architecture = auto @@ -28,12 +29,25 @@ Architecture = auto #NoUpgrade = #NoExtract = -# Misc options (all disabled by default) +# Misc options #UseSyslog -#ShowSize #UseDelta #TotalDownload -#CheckSpace +CheckSpace +#VerbosePkgLists + +# PGP signature checking +# NOTE: None of this will work without running `pacman-key --init` first. +# The compiled in default is equivalent to the following line. This requires +# you to locally sign and trust packager keys using `pacman-key` for them to be +# considered valid. +#SigLevel = Optional TrustedOnly +# If you wish to check signatures but avoid local sign and trust issues, use +# the following line. This will treat any key imported into pacman's keyring as +# trusted. +#SigLevel = Optional TrustAll +# Disable signature checks for now +SigLevel = Never # # REPOSITORIES @@ -76,5 +90,6 @@ Include = /etc/pacman.d/mirrorlist # An example of a custom package repository. See the pacman manpage for # tips on creating your own repositories. #[custom] +#SigLevel = Optional TrustAll #Server = file:///home/custompkgs -- cgit v1.2.3-24-g4f1b