Package Details: keybase-bin 1.0.37_20171208170249+025062c3a-1

Git Clone URL: https://aur.archlinux.org/keybase-bin.git (read-only)
Package Base: keybase-bin
Description: the Keybase Go client, filesystem, and GUI
Upstream URL: https://keybase.io
Licenses: BSD
Conflicts: keybase, keybase-git, keybase-release
Submitter: oconnor663
Maintainer: oconnor663 (keybase)
Last Packager: keybase
Votes: 93
Popularity: 19.491542
First Submitted: 2016-06-22 16:52
Last Updated: 2017-12-08 17:12

Latest Comments

oconnor663 commented on 2017-12-01 19:57

This package is always updated to the latest released Keybase version, and so far we've been publishing new Keybase versions daily on Linux. We could define a separate package that we only update on Mondays, or something like that, but so far slowing down updates just for the sake of slowing them down has seemed not worth it?

jemadux commented on 2017-12-01 19:05

why every time new update ?

yan12125 commented on 2017-11-23 18:09

@oconnor663: Thanks for pointing out the correct place. I've opened https://github.com/keybase/client/issues/9671.

oconnor663 commented on 2017-11-23 15:38

There's a discussion of signature checking below. Look for the comment containing the line "I worry the (small but non-zero) usability downsides of sig checking outweigh the (possibly actually zero) security benefits." If you want to discuss it more, it might be easier to file an issue in the upstream GitHub repo and tag @oconnor663.

yan12125 commented on 2017-11-23 15:30

+1 for verifying pgp signatures!

emlun commented on 2017-11-22 12:08

I suggest the following patch for enabling PGP signature checking.

diff --git a/PKGBUILD b/PKGBUILD
index 5fda4e1..56a3da9 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -18,10 +18,13 @@ depends=(fuse gconf libxss gtk2) # don't change this without changing the SRCINF
conflicts=(keybase keybase-release keybase-git)
source_i686=(
"https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${deb_pkgver}_i386.deb"
+ "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${deb_pkgver}_i386.deb.sig"
)
source_x86_64=(
"https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${deb_pkgver}_amd64.deb"
+ "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${deb_pkgver}_amd64.deb.sig"
)
+validpgpkeys=(222B85B0F90BE2D24CFEB93F47484E50656D16C7)
install=keybase.install

package() {
@@ -43,5 +46,5 @@ package() {
rm -rf "$pkgdir/etc/cron.daily"
}

-sha256sums_i686=(994998f8093474330a1249e75963cacc948b8011ef5dff6e2e98085fa58448ba)
-sha256sums_x86_64=(35bd09c324828c125ecb68e83b3c54a36f8c48d61b09352593a62d64476f2802)
+sha256sums_i686=(994998f8093474330a1249e75963cacc948b8011ef5dff6e2e98085fa58448ba 'SKIP')
+sha256sums_x86_64=(35bd09c324828c125ecb68e83b3c54a36f8c48d61b09352593a62d64476f2802 'SKIP')

oconnor663 commented on 2017-09-19 14:34

@Eschwartz we should be hosting .sig files next to every new build file, including the older-than-most-recent ones, starting today.

oconnor663 commented on 2017-09-05 15:06

The /keybase path is deliberate, to make it possible for filepaths to be portable to other systems. (For example, /keybase/public/oconnor663/id_rsa.pub.) It's possible to use a ~ to almost get the same effect, but there are many contexts where that doesn't work.

It's a cool patch though, for sure. Power users who want that kind of control will appreciate it.

milouse commented on 2017-09-05 09:23

Hi!

I've just written a little patch, which relocate /keybase inside the user $HOME directory instead of at the root of the file system (https://milouse.keybase.pub/). Is it something you may add to your pkgbuild or no ?

oconnor663 commented on 2017-08-17 17:41

As Eschwartz mentioned, that would be pretty nonstandard for an Arch package. For example, wiki instructions for installing a service usually have at least two separate steps: 1) pacman -S ${something}, 2) systemctl enable ${something}. Even if we didn't want to follow the Arch convention there, though, an extra hurdle for the Keybase package is that we need to run as your regular user, not as root. We'd have to figure out what user you *were* before you ran `sudo` or whatever, which isn't always possible.

All comments