All packages that have conffiles, and a gz compressed control.tar.gz,
currently fails to install on arm if the deb is built locally or
downloaded and then installed with `apt install
./foo_1.0_arm.deb`. The error looks like:
$ apt install ./tmp/foo.deb
Reading package lists... Error!
E: Tar checksum failed, archive corrupted
E: Could not read meta data from
/data/data/com.termux/files/home/tmp/foo.deb
E: The package lists or status file could not be parsed or opened.
If the package does not have conffiles, or if xz compression is used,
everything works. Let's change back to xz compression for all new and
updated packages for now to workaround this issue.
Even if `apt install ./foo.deb` fails the deb can still be installed
with `dpkg -i ./foo.deb` (seems dpkg does not do the same checksum
check?).
Currently there is a problem building packages that use *-config
scripts (for example gnupg), we are creating a
/bin/sh->/data/data/com.termux/files/usr/bin/sh symlink so that the
shebang for the scripts can be interpreted, but after
ecd214881a ("build-package: add new arg -c for "continue build"") the
symlink was deleted in termux_step_get_dependencies.
Name a patch *.patch.ondevice for it to only be applied when building
on device.
This can be useful if for example a tool for building documentation is
missing on device, or if a tool needed during build (but not runtime)
uses something that triggers selinux, fdsan or some other android
security thing.
I am in the process of switching to a new gpg key. This commit adds
both keys to the keyring, and in a few weeks or so I will deactivate
and remove the old one completely. The following message is signed
with my old key, to prove that this was done by me:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
In August 2021 I, Henrik Grimler, switched to a new gpg key. The old
key had fingerprint:
B631 6860 9E88 39CA 9150 CE2D D9EF D568 91B2 BB50
while the new one has:
2C7F 29AE 9789 1F64 19A9 E2CD B007 6E49 0B71 616B
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEm059JzlQJOpaT8Y5WqrJ4KRr5TwFAmEsj0YACgkQWqrJ4KRr
5TzQ7Af/Z0KTOQlNtxzJ2aE96v07pHCYc3ynlZoToUfWtgJ2XxkOZlviKRD5SC0M
zbv47IcWnquINGTyeEkZ6jdHd5XEDfkwe3JoyEVcr10v6vzQuAmETpHh1FcfE/2Q
5UqdcNxx3z34qxdWy9ntP+/SbETBsCrCcoJHa/q9UulR+OLwsoUjH83oxaB9nUph
QtaLX+u4hfbXJ9UhjIX/xgpLMOx9s4WORzIryz3HOffqD2YE2yo9SwFjjCJuvkbZ
VM1Gbpx0YabFWH9xqqaBwhjPXjKXGq5JNB1JpMnmagzylo7kTnztO8kDaLJoHPse
iHag4HjfO3R6T2hzX9SKmoK1sP2nNQ==
=huNj
-----END PGP SIGNATURE-----
