You are not logged in.
Ever since I upgraded gnupg/gpgme today, pacman won't look up (or rather fail looking up) any missing GPG keys. Relevant part of pacman's output:
debug: checking signature for /var/cache/pacman/pkg/privoxy-3.0.19-2-i686.pkg.tar.xz
debug: 1 signatures returned
debug: fingerprint: C06086337C50773E
debug: summary: key missing
debug: status: No public key
debug: timestamp: 1328647189
debug: exp_timestamp: 0
debug: validity: unknown; reason: Success
debug: key lookup failed, unknown key
debug: signature is not valid
debug: looking up key C06086337C50773E locally
debug: key lookup failed, unknown key
error: privoxy: key "C06086337C50773E" is unknown
debug: looking up key C06086337C50773E remotely
debug: key lookup failed, unknown key
debug: looking up key 7C50773E remotely
debug: key lookup failed, unknown key
debug: gpg error: End of file
error: key "C06086337C50773E" could not be looked up remotely
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
Failing to import the key directly through pacman, I tried
pacman-key --recv-key C06086337C50773E
which successfully added the key to my keyring.
I could then install the package. I also tried switching to different keyserves, but without success.
Everything pacman{, -key} related worked fine until the update, but I can't say for certain that it was the gnupg/gpgme update that broke something.
Does anyone else have this issue or is there something wrong with my setup? I already thought of opening a bug report, but I want to make sure it's not my fault.
btw: Hi, everyone :)
Last edited by vehk (2012-03-28 07:54:28)
Offline
I have the same problem.
Offline
-
Last edited by Odaer (2012-03-27 23:48:53)
Offline
A solution has been found for this and will appear in pacman-4.0.3. In the meantime, you can import keys manually using pacman-key.
Online
Is this due to gnupg2 vs gnupg1 issue?
Offline
Indirectly... http://mailman.archlinux.org/pipermail/ … 15330.html
Online
Good to know. Had a look through various dev mailing lists today but I didn't find that one. Marking thread as solved.
Last edited by vehk (2012-03-28 08:00:50)
Offline
This wasn't explicitly stated above, but to do the manual import with pacman-key, I had to prefix the fingerprint with 0x, as so:
$ sudo pacman-key -r 0x5C2E46A0F53A76ED
However, the default keyserver is giving me problems currently:
$ sudo pacman-key -r 0x5C2E46A0F53A76ED
Password:
gpg: requesting key F53A76ED from hkp server keys.gnupg.net
gpgkeys: HTTP fetch error 7: couldn't connect: End of file
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
==> ERROR: Remote key not fetched correctly from keyserver.
So in the end, I used a different keyserver:
sudo pacman-key -r 0x5C2E46A0F53A76ED --keyserver hkp://subkeys.pgp.net
Hope that helps anyone else.
Offline
Hi everyone! First laptop install and I have a biiig problem! I cannot upgrade my system for the first time. I keep getting key "XXX" is unknown // key "XXX" could not looked up remotely. I tried to use a different mirror but nothing changed . Is it me or pacman ?? I also get no xxx.db.sig found warnings when the update begins but in the end nothing happens Thanks in advance !
Offline
Welcome to the forums.
As mentioned earlier in this thread, this is a known issue. You can import the keys with "pacman-key -r" for now. As for the "db.sig" errors; database signing is not yet implemented. Simply adding the "DatabaseOptional" entry to your SigLevel line in /etc/pacman.conf should take care of that.
Burninate!
Offline
Nice to meet you! I forgot to mention that my second problem is that i don't have siglevels in my /etc/pacman.conf file and I don't know why. :S And how am I supposed to import 93 keys manually ? Shall I export the error log to a txt file and get the keys one by one ?? I'm confused. Thanks for your reply!
Offline
Judging from your explanation, I'm guessing you haven't actually configured pacman keysigning yet. Take a few minutes to read this wiki article; that'll explain you what to do.
Burninate!
Offline