You are not logged in.
When I try to install any package, I get the same error.
loading packages...
error: '/tmp/yaourt-tmp-root/PKGDEST.ox5/open-cobol-1.1-1-x86_64.pkg.tar.xz': invalid or corrupted package (PGP signature)
What is the problem?
Last edited by xexio (2013-02-04 20:27:42)
Offline
~/aur/open-cobol$ makepkg -sri
Took about 20 sec with 0 issues
Last edited by tdy (2013-02-02 15:16:25)
Offline
It's just your self-built packages, not the ones from the repos right? I suspect you have your SigLevel set too strict in pacman.conf
Take a look at the pacman-key wiki page and the SigLevel section of pacman.conf man page.
If you're still confused post pacman.conf here and we can give more advice
Online
# --------------------------------------------------------------------------------
# PGP signature checking
# --------------------------------------------------------------------------------
SigLevel = Required DatabaseOptional TrustedOnly
# ----------------------------------------------------------------------------------
# REPOSITORIES
# -----------------------------------------------------------------------------------
[core]
SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist
[extra]
SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist
[community]
SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist
[multilib]
SigLevel = PackageOptional
Include = /etc/pacman.d/mirrorlist
[archlinuxfr]
Server=http://repo.archlinux.fr/x86_64
This is my pacman.conf
Offline
# -------------------------------------------------------------------------------- # PGP signature checking # -------------------------------------------------------------------------------- SigLevel = Required DatabaseOptional TrustedOnly
This is telling it to always require package signatures, regardless of the source, so even your packages need to be signed. You can change it to
SigLevel = Optional TrustedOnly
and it will only check signatures if they exist. Since you have PackageRequired for core it will still require a signature for packages you get from those repositories. You can also change to PackageRequired for the other repositories since they should all be signed now as well (you might have PackageOptional left over from earlier when signatures were just being added).
Online
xexio wrote:# -------------------------------------------------------------------------------- # PGP signature checking # -------------------------------------------------------------------------------- SigLevel = Required DatabaseOptional TrustedOnly
This is telling it to always require package signatures, regardless of the source, so even your packages need to be signed. You can change it to
SigLevel = Optional TrustedOnly
and it will only check signatures if they exist. Since you have PackageRequired for core it will still require a signature for packages you get from those repositories. You can also change to PackageRequired for the other repositories since they should all be signed now as well (you might have PackageOptional left over from earlier when signatures were just being added).
Thanks, problem solved
Offline
Glad to hear, in that case you can edit your first post to add "solved" to the title
Online