TakeV
/
guix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: Update to cover for an additional OpenPGP signing key. 

The upcoming 1.3.0 release will be signed with my OpenPGP key; subsequent
releases may also be.

* doc/guix.texi (OPENPGP-SIGNING-KEY-ID, OPENPGP-SIGNING-KEY-URL): Rename to...
(OPENPGP-SIGNING-KEY-ID-1, OPENPGP-SIGNING-KEY-URL-1): ... these,
respectively.
(OPENPGP-SIGNING-KEY-ID-2, OPENPGP-SIGNING-KEY-URL-2): New variables.
(Binary Installation): Adjust to cover for the new key.
(USB Stick and DVD Installation): Likewise.
(Invoking guix refresh): Adjust accordingly.
This commit is contained in:
Maxim Cournoyer 2021-05-01 22:35:09 -04:00
parent d260bd51b5
commit b9fb13b284
No known key found for this signature in database
GPG Key ID: 1260E46482E63562
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
doc/guix.texi
View File

@ -9,9 +9,11 @@
@include version.texi
@c Identifier of the OpenPGP key used to sign tarballs and such.
@set OPENPGP-SIGNING-KEY-ID 3CE464558A84FDC69DB40CFB090B11993D9AEBB5
@set OPENPGP-SIGNING-KEY-URL https://sv.gnu.org/people/viewgpg.php?user_id=15145
@c Identifier of the OpenPGP keys used to sign tarballs and such.
@set OPENPGP-SIGNING-KEY-ID-1 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 @c ludo
@set OPENPGP-SIGNING-KEY-URL-1 https://sv.gnu.org/people/viewgpg.php?user_id=15145
@set OPENPGP-SIGNING-KEY-ID-2 27D586A4F8900854329FF09F1260E46482E63562 @c maxim
@set OPENPGP-SIGNING-KEY-URL-2 https://sv.gnu.org/people/viewgpg.php?user_id=127547
@c Base URL for downloads.
@set BASE-URL https://ftp.gnu.org/gnu/guix
@ -650,11 +652,13 @@ $ wget @value{BASE-URL}/guix-binary-@value{VERSION}.x86_64-linux.tar.xz.sig
$ gpg --verify guix-binary-@value{VERSION}.x86_64-linux.tar.xz.sig
@end example
If that command fails because you do not have the required public key,
then run this command to import it:
If that command fails because you do not have the required public keys,
then run these commands to import them:
@example
$ wget '@value{OPENPGP-SIGNING-KEY-URL}' \
$ wget '@value{OPENPGP-SIGNING-KEY-URL-1}' \
-qO - | gpg --import -
$ wget '@value{OPENPGP-SIGNING-KEY-URL-2}' \
-qO - | gpg --import -
@end example
@ -2120,11 +2124,13 @@ $ wget @value{BASE-URL}/guix-system-install-@value{VERSION}.x86_64-linux.iso.xz.
$ gpg --verify guix-system-install-@value{VERSION}.x86_64-linux.iso.xz.sig
@end example
If that command fails because you do not have the required public key,
then run this command to import it:
If that command fails because you do not have the required public keys,
then run these commands to import them:
@example
$ wget @value{OPENPGP-SIGNING-KEY-URL} \
$ wget @value{OPENPGP-SIGNING-KEY-URL-1} \
-qO - | gpg --import -
$ wget @value{OPENPGP-SIGNING-KEY-URL-2} \
-qO - | gpg --import -
@end example
@ -11913,7 +11919,7 @@ Likewise, you can fetch keys to a specific keybox file like this:
@example
gpg --no-default-keyring --keyring mykeyring.kbx \
--recv-keys @value{OPENPGP-SIGNING-KEY-ID}
--recv-keys @value{OPENPGP-SIGNING-KEY-ID-1}
@end example
@xref{GPG Configuration Options, @option{--keyring},, gnupg, Using the GNU