Package Base Details: tomb

Git Clone URL: (read-only, click to copy)
Submitter: None
Maintainer: parazyd (roddhjav)
Last Packager: roddhjav
Votes: 48
Popularity: 0.85
First Submitted: 2011-04-15 15:20
Last Updated: 2021-01-15 15:26

Packages (2)

Pinned Comments

roddhjav commented on 2020-05-24 12:13

To install the package first import jaromil PGP key:

gpg --recv-keys 6113D89CA825C5CEDD02C87273B35DA54ACB7D10

Alternatively add keyserver-options auto-key-retrieve to your ~/.gnupg/gpg.conf.

This key can also be found on

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 Next › Last »

TrialnError commented on 2015-01-02 16:56

@richli: One question. Since you're maintaining this PKGBuild, could you also maintain the -git[0] one too? It's orphaned and not up to date. Would be nice if that could be changed.


TrialnError commented on 2015-01-02 16:51

The possebility was added to check if the signature of a tarball is really signed with the right key (validpgpkeys entry in the PKGBuild).
Two ways to handle that:
1) Add the key to your local keyring (just add it, do not sign it)
2) Use makepkg --skippgpcheck

Quote: "Source signatures are required to be from a trusted source or listed in the validpgpkeys array. We also support style source signing"

richli commented on 2015-01-02 16:48

@frankspace: It's because makepkg can't find the public key. You need to run "gpg --recv-keys 0x73b35da54acb7d10" to download the public key into your keyring. No need to trust it or sign it or anything, it just needs to be accessible by gpg/makepkg.

frankspace commented on 2015-01-02 05:04

I'm getting an error that "One or more PGP signatures could not be verified." Specifically, Tomb-2.0.1.tar.gz fails because of "unknown public key 73B35DA54ACB7D10".

richli commented on 2014-12-31 03:01

@jswagner: Hmmm, very interesting. I don't use pacaur, so I took a look. I was able to reproduce your problem, so I tried running pacaur in debug mode to track things down better.

It turns out that pacaur (for some reason) calls makepkg as so:

makepkg -sfi --pkg tomb

Note that the "tomb" package is split into two: "tomb" and "tomb-kdf". I assume that pacaur would call makepkg with "--pkg tomb-kdf" if the first makepkg were successful.

Skipping pacaur entirely, I get the same error when I manually run the makepkg command with --pkg. The problem is that it's looking for tomb for the x86_64 architecture (note the filename), but the tomb sub-package overrides the "arch" variable to "any".

I checked here [1] and it says that a split package may override the "arch" option as this one does. seems to me like this is a bug with makepkg, unless there's something about split packages I'm not understanding.


jswagner commented on 2014-12-31 02:15

I can build and install this manually, but it failed when I tried to update using pacaur. Like the package up and went missing after cleanup.
==> Installing tomb package group with pacman -U...
loading packages...
error: '/tmp/pacaurtmp-jason/tomb/tomb-2.0.1-1-x86_64.pkg.tar.xz': could not find or read package
==> WARNING: Failed to install built package(s).

richli commented on 2014-11-28 09:10

@TrailnError: Thanks for the notification, I've updated the package.

Yeah, I don't know why the URLs don't contain the current release, upstream specifically directed me to use those URLs instead of the current ones. Maybe they'll update it later.

TrialnError commented on 2014-11-28 08:41

They tagged v2.0 and from the Downloads page it can be retrieved[0]
But dunno why it differ from the old dl page


richli commented on 2014-05-29 05:10

I found some time and cleaned up the package a bit and am using the new recommended download URLs. Now that AUR 3.0 supports split packages, this is split into "tomb" and "tomb-kdf".

Further input welcome.

richli commented on 2014-05-23 16:18

@DaveCode: Yeah, this PKGBUILD is really weird, I only adopted it to at least bring it up to date. As you've pointed out, there are still plenty of fixes it needs. I don't have the time right now to work on this, would you be willing to take over maintainership?