texlive[45716] Master/texmf-dist/scripts/texlive/tlmgr.pl: add more
commits+preining at tug.org
commits+preining at tug.org
Wed Nov 8 00:44:28 CET 2017
Revision: 45716
http://tug.org/svn/texlive?view=revision&revision=45716
Author: preining
Date: 2017-11-08 00:44:28 +0100 (Wed, 08 Nov 2017)
Log Message:
-----------
add more info to tlmgr man page about crypto
Modified Paths:
--------------
trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl
Modified: trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl
===================================================================
--- trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl 2017-11-07 21:43:47 UTC (rev 45715)
+++ trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl 2017-11-07 23:44:28 UTC (rev 45716)
@@ -8554,6 +8554,13 @@
C<(not verified)>. Either way, by default the installation and/or
updates proceed normally.
+If a program C<gpg> is available (that is, it is found in the C<PATH>),
+cryptographic signatures will be checked. In this case we require that
+the main repository is signed. This is not required for additional r
+repositories. If C<gpg> is not available, signatures are not checked
+and no verification is carried out, but C<tlmgr> proceeds normally.
+This is the behavior of C<tlmgr> up to TeX Live 2016.
+
The attempted verification can be suppressed by specifying
C<--no-verify-downloads> on the command line, or the entry
C<verify-downloads = 0> in a C<tlmgr> config file (described in
@@ -8561,6 +8568,9 @@
I<require> verification by specifying C<--require-verification> on the
command line, or C<require-verification = 1> in a C<tlmgr> config file;
in this case, if verification is not possible, the program quits.
+Note that as mentioned above, if C<gpg> is available, the main repository
+is always required to have a signature. Using the C<--require-verification>
+switch, C<tlmgr> also requires signatures from additional repositories.
Cryptographic verification requires checksum checking (described just
above) to succeed, and a working GnuPG (C<gpg>) program (see below for
More information about the tex-live-commits
mailing list