Upgrade of 700MB fails due to Package signing

lilsirecho · 2012-02-06 21:06:04

Downloaded much but received error message regarding package signing. Nothing was installed...........

My pacman.conf has ...SigLevel = Never... so am wondering how I can be in error for package signing?

Is it now mandatory?

karol · 2012-02-06 21:12:13

What message?

lilsirecho · 2012-02-06 21:52:33

karol:
The message was and is similar to this one:

 Proceed with installation? [Y/n] y
:: Retrieving packages from extra...
 a52dec-0.7.4-6-x86_64     40.4 KiB   135K/s 00:00 [######################] 100%
 cdparanoia-10.2-4-x...    78.3 KiB  74.3K/s 00:01 [######################] 100%
 elfutils-0.152-2-x86_64  554.5 KiB   105K/s 00:05 [######################] 100%
(405/405) checking package integrity               [######################] 100%
warning: Public keyring not found; have you run 'pacman-key --init'?
error: clucene: key "FCF3C8CB5CF9C8D4" is unknown
error: key "FCF3C8CB5CF9C8D4" could not be looked up remotely
error: openshot: key "6D1655C14CE1C13E" is unknown
error: key "6D1655C14CE1C13E" could not be looked up remotely
error: tmux: key "65C110C1EA433FC7" is unknown
error: key "65C110C1EA433FC7" could not be looked up remotely
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
sh-4.2#

I assume this is preventing the install of the 700MB of packages.

EDIT: Installed the 400 packages after --ignore of the above errored packages.

Why did this occur?

Last edited by lilsirecho (2012-02-06 22:22:12)

Leonid.I · 2012-02-06 22:45:28

If you use "SigLevel = Never TrustAll" can you update the offending packages?

SS4 · 2012-02-06 22:46:48

warning: Public keyring not found; have you run 'pacman-key --init'?

Have you ran said command?

bergonzini · 2012-02-06 22:53:24

Try to use another keyserver, pgp.mit.edu seens down... try hkp://pks.gpg.cz and then import the missing keys with:

sudo pacman-key --keyserver hkp://pks.gpg.cz  -r FCF3C8CB5CF9C8D4

ratcheer · 2012-02-06 23:01:03

Also, when you get the keys straightened out, you won't have to re-download all that stuff, again. pacman still has it.

Tim

lilsirecho · 2012-02-07 00:13:10

I understood that ...SigLevel = Never....was supposed to be the default and "Never" has one meaning only. Not maybe or perhaps....

I don't need the offending packages but do need to understand why "Never" doesn't mean what it says.

I don't require package signing but suspect it is soon the norm.

So far, it is a stumbling block.

Or do I misinterpret the info in pacman.conf in that the SigLevel = Never only applies after accepting the package signing arrangement?

I haven't had to download again since --ignoring the offending error packages.

I just wish to understand why it occured in the face of the default ..Never.

Allan · 2012-02-07 03:09:47

Post your pacman.conf.

lilsirecho · 2012-02-07 15:53:54

  GNU nano 2.2.6             File: pacman.conf                                  

#
# /etc/pacman.conf
#
# See the pacman.conf(5) manpage for option and repository directives

#
# GENERAL OPTIONS
#
[options]
# The following paths are commented out with their default values listed.
# If you wish to use different paths, uncomment and update the paths.
#RootDir     = /
#DBPath      = /var/lib/pacman/
#CacheDir    = /var/cache/pacman/pkg/
#LogFile     = /var/log/pacman.log
#GPGDir      = /etc/pacman.d/gnupg/
HoldPkg     = pacman glibc
# If upgrades are available for these packages they will be asked for first
SyncFirst   = pacman

^G Get Help  ^O WriteOut  ^R Read File ^Y Prev Page ^K Cut Text  ^C Cur Pos
^X Exit      ^J Justify   ^W Where Is  ^V Next Page ^U UnCut Text^T To Spell

karol · 2012-02-07 15:59:12

Is it the whole file? Seems like you copied only one screenful.

lilsirecho · 2012-02-07 16:34:04

Sorry my oops. Will try again.....

#
# /etc/pacman.conf
#
# See the pacman.conf(5) manpage for option and repository directives

#
# GENERAL OPTIONS
#
[options]
# The following paths are commented out with their default values listed.
# If you wish to use different paths, uncomment and update the paths.
#RootDir     = /
#DBPath      = /var/lib/pacman/
#CacheDir    = /var/cache/pacman/pkg/
#LogFile     = /var/log/pacman.log
#GPGDir      = /etc/pacman.d/gnupg/
HoldPkg     = pacman glibc
# If upgrades are available for these packages they will be asked for first
SyncFirst   = pacman
#XferCommand = /usr/bin/curl -C - -f %u > %o
#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
#CleanMethod = KeepInstalled
Architecture = auto

# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
#IgnorePkg   =
#IgnoreGroup =

#NoUpgrade   =
#NoExtract   =

# Misc options
#UseSyslog
#UseDelta
#TotalDownload
CheckSpace
#VerbosePkgLists

# PGP signature checking
# NOTE: None of this will work without running `pacman-key --init` first.
# The compiled in default is equivalent to the following line. This requires
# you to locally sign and trust packager keys using `pacman-key` for them to be
# considered valid.
#SigLevel = Optional TrustedOnly
# If you wish to check signatures but avoid local sign and trust issues, use
# the following line. This will treat any key imported into pacman's keyring as
# trusted.
#SigLevel = Optional TrustAll
# For now, off by default unless you read the above.
SigLevel = Never

#
# REPOSITORIES
#   - can be defined here or included from another file
#   - pacman will search repositories in the order defined here
#   - local/custom mirrors can be added here or in separate files
#   - repositories listed first will take precedence when packages
#     have identical names, regardless of version number
#   - URLs will have $repo replaced by the name of the current repo
#   - URLs will have $arch replaced by the name of the architecture
#
# Repository entries are of the format:
#       [repo-name]
#       Server = ServerName
#       Include = IncludePath
#
# The header [repo-name] is crucial - it must be present and
# uncommented to enable the repo.
#

# The testing repositories are disabled by default. To enable, uncomment the
# repo name header and Include lines. You can add preferred servers immediately
# after the header, and they will be used before the default mirrors.

#[testing]
#SigLevel = PackageRequired
#Include = /etc/pacman.d/mirrorlist

[core]
#SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist

[extra]
#SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist

#[community-testing]
#SigLevel = PackageRequired
#Include = /etc/pacman.d/mirrorlist

[community]
#SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist

# If you want to run 32 bit applications on your x86_64 system,
# enable the multilib repositories as required here.

#[multilib-testing]
#SigLevel = PackageRequired
#Include = /etc/pacman.d/mirrorlist

#[multilib]
SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist

# An example of a custom package repository.  See the pacman manpage for
# tips on creating your own repositories.
#[custom]
#SigLevel = Optional TrustAll
#Server = file:///home/custompkgs

karol · 2012-02-07 16:45:28

#[multilib]
SigLevel = PackageOptional

Maybe that's the culprit?

lilsirecho · 2012-02-07 16:58:36

Perhaps. But my interpretation of the inserted ....SigLevel= Never... supercedes all other references to package signing...in other words it is global.

Otherwise, one has to be alert for disruptions in all categories which might well be the case here.

George · 2012-02-07 18:17:51

No, the SigLevel under each repo line over-rides the global SigLevel, also you've got the multilib header [multilib] commented out, you need to uncomment that if you want to enable multilib.

lilsirecho · 2012-02-07 18:22:05

I assume the word command ...SigLevel- Never.... will "never" control any package signing if it is overridden with abandon.

George · 2012-02-07 18:46:45

I think the man page is pretty clear how this works;

The SigLevel directive is valid in both the [options] and repository sections. If used in
[options], it sets a default value for any repository that does not provide the setting.
. . .
All options in a config file are processed in top-to-bottom,
left-to-right fashion, where later options override and/or supplement earlier ones.

Arch Linux

#1 2012-02-06 21:06:04

Upgrade of 700MB fails due to Package signing

#2 2012-02-06 21:12:13

Re: Upgrade of 700MB fails due to Package signing

#3 2012-02-06 21:52:33

Re: Upgrade of 700MB fails due to Package signing

#4 2012-02-06 22:45:28

Re: Upgrade of 700MB fails due to Package signing

#5 2012-02-06 22:46:48

Re: Upgrade of 700MB fails due to Package signing

#6 2012-02-06 22:53:24

Re: Upgrade of 700MB fails due to Package signing

#7 2012-02-06 23:01:03

Re: Upgrade of 700MB fails due to Package signing

#8 2012-02-07 00:13:10

Re: Upgrade of 700MB fails due to Package signing

#9 2012-02-07 03:09:47

Re: Upgrade of 700MB fails due to Package signing

#10 2012-02-07 15:53:54

Re: Upgrade of 700MB fails due to Package signing

#11 2012-02-07 15:59:12

Re: Upgrade of 700MB fails due to Package signing

#12 2012-02-07 16:34:04

Re: Upgrade of 700MB fails due to Package signing

#13 2012-02-07 16:45:28

Re: Upgrade of 700MB fails due to Package signing

#14 2012-02-07 16:58:36

Re: Upgrade of 700MB fails due to Package signing

#15 2012-02-07 18:17:51

Re: Upgrade of 700MB fails due to Package signing

#16 2012-02-07 18:22:05

Re: Upgrade of 700MB fails due to Package signing

#17 2012-02-07 18:46:45

Re: Upgrade of 700MB fails due to Package signing

Board footer