You are not logged in.
- Topics: Active | Unanswered
#1 2012-01-20 04:25:26
- cvillelk
- Member
- From: Lafayette, LA
- Registered: 2011-01-01
- Posts: 17
Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
While I was performing a system upgrade I noticed a nuance in the new PGP signing process.
If a package is corrupted during transmission, the following error is given.
error: libreoffice-common: signature from "Andreas Radke <andyrtr@archlinux.org>" is invalid
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
If I disable the new PGP signature checking (SigLevel = Optional TrustAll to SigLevel = Never) a much more informative and helpful error message is given.
:: File /var/cache/pacman/pkg/libreoffice-common-3.4.5-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (checksum)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (checksum))
Errors occurred, no packages were upgraded.
I spent a while troubleshooting the first error thinking i had an issue with my new package signing configuration. Would it not be possible to perform a checksum on the signed package to validate transmission like pacman did pre-PGP? I considered filing a feature request or bug report, but decided to start here.
Offline
#2 2012-01-20 05:48:59
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,481
- Website
Re: Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
Huh? The PGP check told you the package was corrupted. There is no point in performing a checksum check if you have already done a PGP check...
Offline
#3 2012-01-20 06:00:21
- ngoonee
- Forum Fellow
- From: Between Thailand and Singapore
- Registered: 2009-03-17
- Posts: 7,358
Re: Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
(invalid or corrupted package (PGP signature))
I figure OP is asking that the error message be made more specific (an additional checksum check would confirm whether its a sig problem or a corrupted download problem).
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
#4 2012-01-20 06:11:20
- cvillelk
- Member
- From: Lafayette, LA
- Registered: 2011-01-01
- Posts: 17
Re: Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
Thank you both for the replies, and yes my question focuses more on the message than the functionality. (Though I'm still not 100% sure if PGP can tell the difference between a signing and corruption problem... ie, do i need to re-download or change mirrors)
My main concern regards the following message which appears after a failed checksum but not after a failed PGP check:
Do you want to delete it? [Y/n] y
Under the old system, I would select yes, then re-issue a pacman -Syu
Since pacman 4.x.x I need to perform the extra step of pacman -Sc.
Last edited by cvillelk (2012-01-20 06:12:37)
Offline
#5 2012-01-20 06:35:02
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,481
- Website
Re: Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
Can you file a feature request for that? It is probably a good idea to allow that deleting of corrupt packages found with signature checking too.
Offline
#6 2012-01-20 15:31:35
- cvillelk
- Member
- From: Lafayette, LA
- Registered: 2011-01-01
- Posts: 17
Re: Corrupted Package Handling in pacman 4.0.1 - Feature Sacrafice or Bug?
I went ahead and filed a feature request https://bugs.archlinux.org/task/28014
I appreciate the input
Regards,
Offline