[SOLVED] Pacman won't look up gpg keys

vehk · 2012-03-27 23:19:28

Ever since I upgraded gnupg/gpgme today, pacman won't look up (or rather fail looking up) any missing GPG keys. Relevant part of pacman's output:

debug: checking signature for /var/cache/pacman/pkg/privoxy-3.0.19-2-i686.pkg.tar.xz
debug: 1 signatures returned
debug: fingerprint: C06086337C50773E
debug: summary: key missing
debug: status: No public key
debug: timestamp: 1328647189
debug: exp_timestamp: 0
debug: validity: unknown; reason: Success
debug: key lookup failed, unknown key
debug: signature is not valid
debug: looking up key C06086337C50773E locally
debug: key lookup failed, unknown key
error: privoxy: key "C06086337C50773E" is unknown
debug: looking up key C06086337C50773E remotely
debug: key lookup failed, unknown key
debug: looking up key 7C50773E remotely
debug: key lookup failed, unknown key
debug: gpg error: End of file
error: key "C06086337C50773E" could not be looked up remotely
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Failing to import the key directly through pacman, I tried

pacman-key --recv-key C06086337C50773E

which successfully added the key to my keyring.
I could then install the package. I also tried switching to different keyserves, but without success.

Everything pacman{, -key} related worked fine until the update, but I can't say for certain that it was the gnupg/gpgme update that broke something.
Does anyone else have this issue or is there something wrong with my setup? I already thought of opening a bug report, but I want to make sure it's not my fault.

btw: Hi, everyone :)

Last edited by vehk (2012-03-28 07:54:28)

Odaer · 2012-03-27 23:39:48

I have the same problem.

Odaer · 2012-03-27 23:41:46

-

Last edited by Odaer (2012-03-27 23:48:53)

Allan · 2012-03-28 03:23:46

A solution has been found for this and will appear in pacman-4.0.3. In the meantime, you can import keys manually using pacman-key.

the.ridikulus.rat · 2012-03-28 05:20:16

Is this due to gnupg2 vs gnupg1 issue?

Allan · 2012-03-28 05:29:44

Indirectly... http://mailman.archlinux.org/pipermail/ … 15330.html

vehk · 2012-03-28 07:53:34

Good to know. Had a look through various dev mailing lists today but I didn't find that one. Marking thread as solved.

Last edited by vehk (2012-03-28 08:00:50)

richli · 2012-03-29 04:59:29

This wasn't explicitly stated above, but to do the manual import with pacman-key, I had to prefix the fingerprint with 0x, as so:

 $ sudo pacman-key -r 0x5C2E46A0F53A76ED

However, the default keyserver is giving me problems currently:

$ sudo pacman-key -r 0x5C2E46A0F53A76ED
Password: 
gpg: requesting key F53A76ED from hkp server keys.gnupg.net
gpgkeys: HTTP fetch error 7: couldn't connect: End of file
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
==> ERROR: Remote key not fetched correctly from keyserver.

So in the end, I used a different keyserver:

 sudo pacman-key -r 0x5C2E46A0F53A76ED --keyserver hkp://subkeys.pgp.net

Hope that helps anyone else.

dtrzG · 2012-04-05 17:46:22

Hi everyone! First laptop install and I have a biiig problem! I cannot upgrade my system for the first time. I keep getting key "XXX" is unknown // key "XXX" could not looked up remotely. I tried to use a different mirror but nothing changed . Is it me or pacman ?? I also get no xxx.db.sig found warnings when the update begins but in the end nothing happens Thanks in advance !

Gcool · 2012-04-05 17:55:15

Welcome to the forums.

As mentioned earlier in this thread, this is a known issue. You can import the keys with "pacman-key -r" for now. As for the "db.sig" errors; database signing is not yet implemented. Simply adding the "DatabaseOptional" entry to your SigLevel line in /etc/pacman.conf should take care of that.

dtrzG · 2012-04-05 18:00:11

Nice to meet you! I forgot to mention that my second problem is that i don't have siglevels in my /etc/pacman.conf file and I don't know why. :S And how am I supposed to import 93 keys manually ? Shall I export the error log to a txt file and get the keys one by one ?? I'm confused. Thanks for your reply!

Gcool · 2012-04-05 19:25:08

Judging from your explanation, I'm guessing you haven't actually configured pacman keysigning yet. Take a few minutes to read this wiki article; that'll explain you what to do.

Arch Linux

#1 2012-03-27 23:19:28

[SOLVED] Pacman won't look up gpg keys

#2 2012-03-27 23:39:48

Re: [SOLVED] Pacman won't look up gpg keys

#3 2012-03-27 23:41:46

Re: [SOLVED] Pacman won't look up gpg keys

#4 2012-03-28 03:23:46

Re: [SOLVED] Pacman won't look up gpg keys

#5 2012-03-28 05:20:16

Re: [SOLVED] Pacman won't look up gpg keys

#6 2012-03-28 05:29:44

Re: [SOLVED] Pacman won't look up gpg keys

#7 2012-03-28 07:53:34

Re: [SOLVED] Pacman won't look up gpg keys

#8 2012-03-29 04:59:29

Re: [SOLVED] Pacman won't look up gpg keys

#9 2012-04-05 17:46:22

Re: [SOLVED] Pacman won't look up gpg keys

#10 2012-04-05 17:55:15

Re: [SOLVED] Pacman won't look up gpg keys

#11 2012-04-05 18:00:11

Re: [SOLVED] Pacman won't look up gpg keys

#12 2012-04-05 19:25:08

Re: [SOLVED] Pacman won't look up gpg keys

Board footer