Package Details: iucode-tool 2.2-1

Git Clone URL: https://aur.archlinux.org/iucode-tool.git (read-only)
Package Base: iucode-tool
Description: Tool to manipulate Intel® IA-32/X86-64 microcode bundles
Upstream URL: https://gitlab.com/iucode-tool/iucode-tool/wikis/home
Licenses: GPL
Submitter: progandy
Maintainer: progandy
Last Packager: progandy
Votes: 54
Popularity: 2.480557
First Submitted: 2014-10-23 18:51
Last Updated: 2017-09-13 07:49

Pinned Comments

progandy commented on 2017-10-13 15:28

@Cbhihe: I did not have time and then forgot, sorry. Still, it should be obvious from the previous comments that you need to import the key in your gpg keyring with gpg, as described in the wiki for makepkg [1],[2]

gpg --recv-keys FE11BFA68B158E98
or
gpg --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807
or
gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807

[1]: https://wiki.archlinux.org/index.php/Makepkg#Signature_checking
[2]: https://wiki.archlinux.org/index.php/GnuPG#Use_a_keyserver

Latest Comments

Cbhihe commented on 2017-10-14 17:40

Thank you. Yes it WAS obvious and I had tried
gpg --recv-keys FE11BFA68B158E98
already, but for some reason I do not get, either the keyring did not register correctly or I screwed up something, or both.

I have reinstalled the Gnome keyring, re-imported my saved signatures and
gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807
worked this time. :-)
Cheers.

progandy commented on 2017-10-13 15:28

@Cbhihe: I did not have time and then forgot, sorry. Still, it should be obvious from the previous comments that you need to import the key in your gpg keyring with gpg, as described in the wiki for makepkg [1],[2]

gpg --recv-keys FE11BFA68B158E98
or
gpg --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807
or
gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807

[1]: https://wiki.archlinux.org/index.php/Makepkg#Signature_checking
[2]: https://wiki.archlinux.org/index.php/GnuPG#Use_a_keyserver

Cbhihe commented on 2017-10-10 19:12

Hi:
During install with '$ makepkg -sric ' I got: a PGP signature error:

A simplified output follows because I am typing (not copy/pasting) this on a different box than the one (4.13.4.-1-ARCH) where the install took place:

==> making package: iucode-tool 2.2-1 (Tue Oct 10...2017)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
downloads ok [...]
==> Validating source files with sha256sums...
passed [...]
==> Verifying source files with gpg...
iucode-tool_2.2.tar.xz ... FAILED (unknown public key FE11BFA68B158E98)
==> ERROR: One or more PGP signatures could not be verified !

Can you explain that unknown PGP public key error ?
Is it a problem on my side ?
Please advise. I will be waiting for your response before I actually execute that code. Cheers.

progandy commented on 2017-10-01 18:19

@oxe: I am not Henrique, so I don't know what he did with his key that it looks this strange, but it doesn't affect the package. The build works, and the signature is properly validated.

oxe commented on 2017-10-01 17:50

issue with pgp key and have tried various times and not sure what I might be doing wrong but why do you have so many self-signed sigs?

gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys C467A717507BBAFED3C160920BD9E81139CB4807

uid Henrique de Moraes Holschuh <hmh@debian.org>
sig!3 0BD9E81139CB4807 2012-06-26 [self-signature]
uid Henrique de Moraes Holschuh <hmh@hmh.eng.br>
sig!3 0BD9E81139CB4807 2012-06-26 [self-signature]
sub A4B9D9AFC03142CD
sig! 0BD9E81139CB4807 2012-06-26 [self-signature]
sub 981C05C79F47CF26
sig! 0BD9E81139CB4807 2012-06-26 [self-signature]
sub 9137FBD3DE6F0A93
sig! 0BD9E81139CB4807 2014-03-23 [self-signature]
sub FFDB99C00EABDE2E
sig! 0BD9E81139CB4807 2014-03-23 [self-signature]
sub FE11BFA68B158E98
sig! 0BD9E81139CB4807 2016-03-26 [self-signature]
sub A4B1618F7F267286
sig! 0BD9E81139CB4807 2016-03-26 [self-signature]
key 0BD9E81139CB4807:
6 duplicate signatures removed
45 signatures not checked due to missing keys
gpg: key 0BD9E81139CB4807: "Henrique de Moraes Holschuh <hmh@hmh.eng.br>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1

please advise

progandy commented on 2017-09-13 15:08

biosin, .SRCINFO and PKGBUILD match and it works perfectly fine with makepkg. I don't know why your pacaur is complaining.

biosin commented on 2017-09-13 09:10

Edit: It was a problem on my side. I don't have a clue what I did wrong, but I remember having purged the cache and still it didn't work. Whatever, today I found out, the directory (~/.cache/pacaur/iucode-tool) was not a git repository... I deleted the directory, manually cloned the repository with the PKGBUILD and all is right. Sorry for the inconvenience.

pacaur error on install:

:: Installing iucode-tool package(s)...
:: iucode-tool package(s) failed to install.
:: ensure package version does not mismatch between .SRCINFO and PKGBUILD
:: ensure package name has a VCS suffix if this is a devel package

progandy commented on 2017-06-12 21:00

SimonCaspar,
you misunderstood the namcap error, and you can ignore it. It warns that the package needs files from glibc, but the package does not mention the dependency. That is deliberate since glibc is a basic requirement of pacman.

SimonCaspar commented on 2017-06-02 13:29

Thank you for the iucode-tool. Managed to get and sign your pgp key.
One issue remains. When running namcap on it an error was reported. It can't include dependency package glibc due to it being named glibc-2.25-1 on my system. (manjaro 17.1)

hmh commented on 2017-03-30 12:58

I am the iucode_tool upstream author. If you cannot find my gnupg key, please try to fetch it from the keyserver network I use:

hkps.pool.sks-keyservers.net

Note that this is a hkp*S* keyserver pool, so you can (should) use TLS to connect to it.

There are other sks-keyservers.net keyservers, which should also have my gnupg key. Please refer to: https://sks-keyservers.net/

OTOH, if you problem is how to get the fetched key into the correct local keyring that Arch linux will use to validate the download, that I cannot help you with.

All comments