You are not logged in.

#1 2022-05-05 20:11:18

Daniel27110
Member
Registered: 2022-05-05
Posts: 3

[SOLVED] Error when installing Spotify from the AUR using yay

When downloading Spotify using yay, I get the following error:

==> Validating source files with sha512sums...

spotify.protocol ... Passed

LICENSE ... Passed

spotify-1.1.84.716-x86_64.deb ... FAILED

spotify-1.1.84.716-1-Release ... Skipped

spotify-1.1.84.716-1-Release.sig ... Skipped

spotify-1.1.84.716-1-x86_64-Packages ... Skipped

==> ERROR: One or more files did not pass the validity check!

-> error downloading sources: spotify

context: exit status 1

I've tried most of the solutions posted on https://aur.archlinux.org/packages/spotify, including importing a new GPG key, changing the sha512sums on the PKGBUILD file and deleting the yay and Pacman cache, all resulting in the same error once again.

Any help is highly appreciated.

Last edited by Daniel27110 (2022-05-06 02:33:42)

Offline

#2 2022-05-05 20:43:28

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 26,706
Website

Re: [SOLVED] Error when installing Spotify from the AUR using yay

Is the error you posted the first one you got, or is that what you saw after editing the sha512sum line in the PKGBUILD?  How did you edit the sha512sum (i.e., what did you replace it with).

The current checksum is valid.  But you will need to import the relevant gpg key.

Please try building again just with makepkg, and post the complete command and output if there is an error.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#3 2022-05-05 21:30:40

Daniel27110
Member
Registered: 2022-05-05
Posts: 3

Re: [SOLVED] Error when installing Spotify from the AUR using yay

That was the first error I got, here is the complete output

[daniel@aspireone ~]$ yay -G spotify
:: (1/1) Downloaded PKGBUILD: spotify
[daniel@aspireone ~]$ cd spotify
[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:01:32)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Downloading spotify-1.1.84.716-x86_64.deb...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100   534  100   534    0     0   1385      0 --:--:-- --:--:-- --:--:--  1387
  -> Downloading spotify-1.1.84.716-1-Release...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100   479  100   479    0     0  10298      0 --:--:-- --:--:-- --:--:-- 10413
  -> Downloading spotify-1.1.84.716-1-Release.sig...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100   483  100   483    0     0  49752      0 --:--:-- --:--:-- --:--:-- 53666
  -> Downloading spotify-1.1.84.716-1-x86_64-Packages...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100   502  100   502    0     0  53885      0 --:--:-- --:--:-- --:--:-- 55777
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... FAILED
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
[daniel@aspireone spotify]$

Using yay then gives the same output, only that yay tries making the package again before failing.

[daniel@aspireone ~]$ yay -S spotify
:: There are 7 providers available for spotify:
:: Repository AUR
    1) spotify 2) spotify-1.1.42-deb 3) spotify-dev 4) spotify-edge 5) spotify-legacy 6) spotify-snapstore 7) spotify094

Enter a number (default=1):
==>
:: Checking for conflicts...
:: Checking for inner conflicts...
[Aur:1]  spotify-1:1.1.84.716-1

  1 spotify                          (Build Files Exist)
==> Packages to cleanBuild?
==> [N]one [A]ll [Ab]ort [I]nstalled [No]tInstalled or (1 2 3, 1-3, ^4)
==>
:: PKGBUILD up to date, Skipping (1/0): spotify
:: (1/1) Parsing SRCINFO: spotify
  1 spotify                          (Build Files Exist)
==> PKGBUILDs to edit?
==> [N]one [A]ll [Ab]ort [I]nstalled [No]tInstalled or (1 2 3, 1-3, ^4)
==>
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:04:54)
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Found spotify-1.1.84.716-x86_64.deb
  -> Found spotify-1.1.84.716-1-Release
  -> Found spotify-1.1.84.716-1-Release.sig
  -> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... FAILED
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
 -> error downloading sources: spotify
	 context: exit status 1
	

==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:04:56)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Found spotify-1.1.84.716-x86_64.deb
  -> Found spotify-1.1.84.716-1-Release
  -> Found spotify-1.1.84.716-1-Release.sig
  -> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... FAILED
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
 -> error making: spotify
[daniel@aspireone ~]$

A comment in the aur suggested changing the sha512sum to:

sha512sums=('999abe46766a4101e27477f5c9f69394a4bb5c097e2e048ec2c6cb93dfa1743eb436bde3768af6ba1b90eaac78ea8589d82e621f9cbe7d9ab3f41acee6e8ca20'
            '2e16f7c7b09e9ecefaa11ab38eb7a792c62ae6f33d95ab1ff46d68995316324d8c5287b0d9ce142d1cf15158e61f594e930260abb8155467af8bc25779960615'
            'SKIP'
            'SKIP'
            'SKIP'
            'SKIP')

Essentially skipping the third checksum. Changing the sha512sum in this way results in the following output:

[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:14:25)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Found spotify-1.1.84.716-x86_64.deb
  -> Found spotify-1.1.84.716-1-Release
  -> Found spotify-1.1.84.716-1-Release.sig
  -> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... Skipped
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
    spotify-1.1.84.716-1-Release ... FAILED
==> ERROR: One or more PGP signatures could not be verified!
[daniel@aspireone spotify]$

Which makes me believe the sha512sum is not the problem and the current chechsum is currently up-to-date.

Lastly, the pinned comment suggests importing a new gpg using

curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -

which results in the same output as the first, probably since the gpg wouldn't change

[daniel@aspireone spotify]$ curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
gpg: key 5E3C45D7B312C643: "Spotify Public Repository Signing Key <tux@spotify.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

So maybe the suggested gpg is outdated.

Thank you for your reply.

Last edited by Daniel27110 (2022-05-05 21:33:34)

Offline

#4 2022-05-05 21:56:21

loqs
Member
Registered: 2014-03-06
Posts: 14,705

Re: [SOLVED] Error when installing Spotify from the AUR using yay

I could not reproduce the issue:

$ git clone https://aur.archlinux.org/spotify.git
Cloning into 'spotify'...
remote: Enumerating objects: 409, done.
remote: Counting objects: 100% (409/409), done.
remote: Compressing objects: 100% (258/258), done.
remote: Total 409 (delta 150), reused 405 (delta 148), pack-reused 0
Receiving objects: 100% (409/409), 175.70 KiB | 1.50 MiB/s, done.
Resolving deltas: 100% (150/150), done.
$ cd spotify/
$ makepkg --verifysource 
==> Making package: spotify 1:1.1.84.716-1 (Thu 05 May 2022 21:52:00 UTC)
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Downloading spotify-1.1.84.716-x86_64.deb...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  114M  100  114M    0     0  12.8M      0  0:00:08  0:00:08 --:--:-- 13.1M
  -> Downloading spotify-1.1.84.716-1-Release...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2447  100  2447    0     0  13521      0 --:--:-- --:--:-- --:--:-- 13594
  -> Downloading spotify-1.1.84.716-1-Release.sig...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   833  100   833    0     0  13904      0 --:--:-- --:--:-- --:--:-- 14118
  -> Downloading spotify-1.1.84.716-1-x86_64-Packages...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1220  100  1220    0     0  15076      0 --:--:-- --:--:-- --:--:-- 15250
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... Passed
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
    spotify-1.1.84.716-1-Release ... FAILED (unknown public key 5E3C45D7B312C643)
==> ERROR: One or more PGP signatures could not be verified!
$ curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
gpg: key 5E3C45D7B312C643: public key "Spotify Public Repository Signing Key <tux@spotify.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ makepkg --verifysource 
==> Making package: spotify 1:1.1.84.716-1 (Thu 05 May 2022 21:52:36 UTC)
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Found spotify-1.1.84.716-x86_64.deb
  -> Found spotify-1.1.84.716-1-Release
  -> Found spotify-1.1.84.716-1-Release.sig
  -> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... Passed
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
    spotify-1.1.84.716-1-Release ... Passed
$ git rev-parse HEAD
2adc25a348846328c62b38e2d400c59b8823dfde

Last edited by loqs (2022-05-05 21:57:54)

Offline

#5 2022-05-06 01:16:43

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 26,706
Website

Re: [SOLVED] Error when installing Spotify from the AUR using yay

Daniel27110 wrote:

which results in the same output as the first, probably since the gpg wouldn't change

If it's the same output as the first, then the gpg is not likely the issue (anymore).

You are facing two issues, one is the checksum of the download not matching which I was not able to replicate and it appears loqs can't either.  The checksum listed in the PKBUILD is valid, but somehow you are getting a corrupted download.

The second issue is that the gpg key will still be required even once you have a valid download.  But as you have already run the command to fix that issue, this part should be fine once you get to it.

So the question is how / why you are getting an invalid download.  Please post the output of the following after a failed attempt:

sha512sum spotify-1.1.84.716-x86_64.deb
ls -l spotify-1.1.84.716-x86_64.deb
file spotify-1.1.84.716-x86_64.deb

EDIT: that PKGBUILD does some very suspicous looking (or at very least very poorly coded) things in the prepare function - but right now that's not relevant as the prepare function doesn't run until makepkg has validated the sources.

Last edited by Trilby (2022-05-06 01:17:46)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#6 2022-05-06 02:20:11

Daniel27110
Member
Registered: 2022-05-05
Posts: 3

Re: [SOLVED] Error when installing Spotify from the AUR using yay

After a reboot, while trying to get the output for sha512sum spotify-1.1.84.716-x86_64.deb, the installation actually worked... for some reason. I've been trying to install this package throughout the week, so the issue was probably in some outdated package which update was only applied after reboot.

Thank you all for your help, I'll now mark the issue as solved

Complete build output:

[daniel@aspireone ~]$ yay -G spotify
:: (1/1) Downloaded PKGBUILD: spotify
[daniel@aspireone ~]$ cd spotify
[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 21:08:29)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found spotify.protocol
  -> Found LICENSE
  -> Downloading spotify-1.1.84.716-x86_64.deb...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-  0  114M    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-  3  114M    3 3742k    0     0  2711k      0  0:00:43  0:00:01  0:00:4 11  114M   11 13.0M    0     0  5651k      0  0:00:20  0:00:02  0:00:1 19  114M   19 22.1M    0     0  6781k      0  0:00:17  0:00:03  0:00:1 26  114M   26 30.1M    0     0  6915k      0  0:00:16  0:00:04  0:00:1 32  114M   32 36.8M    0     0  6988k      0  0:00:16  0:00:05  0:00:1 39  114M   39 45.3M    0     0  7237k      0  0:00:16  0:00:06  0:00:1 47  114M   47 54.3M    0     0  7538k      0  0:00:15  0:00:07  0:00:0 54  114M   54 62.6M    0     0  7647k      0  0:00:15  0:00:08  0:00:0 61  114M   61 70.2M    0     0  7688k      0  0:00:15  0:00:09  0:00:0 68  114M   68 77.8M    0     0  7702k      0  0:00:15  0:00:10  0:00:0 76  114M   76 87.3M    0     0  7879k      0  0:00:14  0:00:11  0:00:0 83  114M   83 94.9M    0     0  7850k      0  0:00:14  0:00:12  0:00:0 89  114M   89  101M    0     0  7811k      0  0:00:14  0:00:13  0:00:0 96  114M   96  110M    0     0  7836k      0  0:00:14  0:00:14 --:--:-100  114M  100  114M    0     0  7924k      0  0:00:14  0:00:14 --:--:-- 8447k
  -> Downloading spotify-1.1.84.716-1-Release...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100  2447  100  2447    0     0   4905      0 --:--:-- --:--:-- --:--:-100  2447  100  2447    0     0   4898      0 --:--:-- --:--:-- --:--:--  4894
  -> Downloading spotify-1.1.84.716-1-Release.sig...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100   833  100   833    0     0   1539      0 --:--:-- --:--:-- --:--:--  1542
  -> Downloading spotify-1.1.84.716-1-x86_64-Packages...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:-100  1220  100  1220    0     0   2190      0 --:--:-- --:--:-- --:--:-100  1220  100  1220    0     0   2184      0 --:--:-- --:--:-- --:--:--  2182
==> Validating source files with sha512sums...
    spotify.protocol ... Passed
    LICENSE ... Passed
    spotify-1.1.84.716-x86_64.deb ... Passed
    spotify-1.1.84.716-1-Release ... Skipped
    spotify-1.1.84.716-1-Release.sig ... Skipped
    spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
    spotify-1.1.84.716-1-Release ... Passed
==> Extracting sources...
  -> Extracting spotify-1.1.84.716-x86_64.deb with bsdtar
==> Starting prepare()...
spotify-1.1.84.716-1-x86_64-Packages: OK
spotify-1.1.84.716-x86_64.deb: OK
==> Entering fakeroot environment...
==> Starting package()...
==> Tidying install...
  -> Removing libtool files...
  -> Purging unwanted files...
  -> Removing static library files...
  -> Compressing man and info pages...
==> Checking for packaging issues...
==> Creating package "spotify"...
  -> Generating .PKGINFO file...
  -> Generating .BUILDINFO file...
  -> Generating .MTREE file...
  -> Compressing package...
==> Leaving fakeroot environment.
==> Finished making: spotify 1:1.1.84.716-1 (jue 05 may 2022 21:09:28)
==> Installing package spotify with pacman -U...
[sudo] password for daniel:
loading packages...
resolving dependencies...
looking for conflicting packages...

Packages (1) spotify-1:1.1.84.716-1

Total Installed Size:  284,98 MiB

:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring                     [#############] 100%
(1/1) checking package integrity                   [#############] 100%
(1/1) loading package files                        [#############] 100%
(1/1) checking for file conflicts                  [#############] 100%
:: Processing package changes...
(1/1) installing spotify                           [#############] 100%
Optional dependencies for spotify
    ffmpeg-compat-57: Adds support for playback of local files
    zenity: Adds support for importing local files
    libnotify: Desktop notifications [installed]
:: Running post-transaction hooks...
(1/3) Arming ConditionNeedsUpdate...
(2/3) Updating icon theme caches...
(3/3) Updating the desktop file MIME type cache...
[daniel@aspireone spotify]$

Offline

Board footer

Powered by FluxBB