You are not logged in.
Pages: 1
Since a week or so I seem to be stuck when trying to upgrade the system - most (all?) developer keys aren't recognized as valid any more and pacman -Syu bails out without updating anything.
Here's the output upgrading a (random) package:
sudo pacman -Sv gtk-update-icon-cache
Root : /
Conf File : /etc/pacman.conf
DB Path : /var/lib/pacman/
Cache Dirs: /var/cache/pacman/pkg/
Lock File : /var/lib/pacman/db.lck
Log File : /var/log/pacman.log
GPG Dir : /etc/pacman.d/gnupg/
Targets : gtk-update-icon-cache
resolving dependencies...
looking for conflicting packages...
Packages (1) gtk-update-icon-cache-3.18.2-1
Total Download Size: 0.01 MiB
Total Installed Size: 0.03 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] y
:: Retrieving packages ...
gtk-update-icon-cache-3.18.2-1-x86_64 287.0 B 0.00B/s 00:00 [--------------------------------------------------------] 100%
(1/1) checking keys in keyring [--------------------------------------------------------] 100%
(1/1) checking package integrity [--------------------------------------------------------] 100%
error: gtk-update-icon-cache: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is invalid
:: File /var/cache/pacman/pkg/gtk-update-icon-cache-3.18.2-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
Here's what I've tried so far:
- changed the key-server
- deleted local package cache
- verified that archlinux-keyring is up to date
- pacman-key --populate archlinux
- deleted /etc/pacman.d/gnupg/ and rerun pacman --init
From all I can tell the key is present:
gpg --homedir /etc/pacman.d/gnupg --list-keys
...
pub rsa2048/4FA415FA 2011-08-25
uid [ full ] Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
uid [ full ] Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
uid [ full ] [jpeg image of size 3865]
sub rsa2048/1151A394 2011-08-25
...
..and valid:
sudo pacman-key -f 4FA415FA
pub rsa2048/4FA415FA 2011-08-25
Key fingerprint = 8218 F888 49AA C522 E94C F470 A5E9 288C 4FA4 15FA
uid [ full ] Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
uid [ full ] Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
uid [ full ] [jpeg image of size 3865]
sub rsa2048/1151A394 2011-08-25
.. signing it (shouldn't be required) didn't change much
sudo pacman-key --lsign-key 4FA415FA
-> Locally signing key 4FA415FA...
==> Updating trust database...
gpg: next trustdb check due at 2016-01-22
Running out of ideas - anyhelp appreciated.
Thanks!
Last edited by JanVonNebenan (2015-10-25 06:26:17)
Offline
If pacman makes a recommendation [Y/n], it is almost always a good idea to accept it (Y).
Do a system upgrade and follow the prompts. Paste the output here if it doesn't work.
Offline
Sorry, I've should have mentioned that I've done that. Here's the output:
sudo pacman -Sv gtk-update-icon-cache
Root : /
Conf File : /etc/pacman.conf
DB Path : /var/lib/pacman/
Cache Dirs: /var/cache/pacman/pkg/
Lock File : /var/lib/pacman/db.lck
Log File : /var/log/pacman.log
GPG Dir : /etc/pacman.d/gnupg/
Targets : gtk-update-icon-cache
resolving dependencies...
looking for conflicting packages...
Packages (1) gtk-update-icon-cache-3.18.2-1
Total Download Size: 0.01 MiB
Total Installed Size: 0.03 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] y
:: Retrieving packages ...
gtk-update-icon-cache-3.18.2-1-x86_64 287.0 B 0.00B/s 00:00 [--------------------------------------------------------] 100%
(1/1) checking keys in keyring [--------------------------------------------------------] 100%
(1/1) checking package integrity [--------------------------------------------------------] 100%
error: gtk-update-icon-cache: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is invalid
:: File /var/cache/pacman/pkg/gtk-update-icon-cache-3.18.2-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
Will update my initial posting as well.
Last edited by JanVonNebenan (2015-10-24 22:09:10)
Offline
Offline
Yes. This is a general page about common problems people might experience with Arch Linux.
3. error: failed to commit transaction (invalid or corrupted package)
There are two ways to interpret this message: the signature for the package is invalid, so check your keyring is up-to-date and that you are synching with an up-to-date mirror, or the package was only partially downloaded and is indeed corrupt. If the latter, delete it manually from your cache, resynch your local database and reinstall the package with -Syyu $package.
I don't see any suggestion there that I have not already tried?
Offline
Delete the file from the cache and try a different mirror.
Offline
I've chosen a different mirror and the upgrade went through without issues.
Not sure I fully understand what happened here. Why would a particular mirror deliver corrupt / unsigned packages? Wouldn't this be noticed by a lot more people than just me?
Offline
The package was corrupt on your system, not on the mirror...
Offline
The package was corrupt on your system, not on the mirror...
But I've deleted the cache over and over again!?
Offline
delete it manually from your cache
It may be unclear, but what that wants you to do is MANUALLY delete the problem file(s) from /var/cache/pacman/pkg/ .
Is that what you did ?
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
(A works at time B) && (time C > time B ) ≠ (A works at time C)
Offline
Yes, this package and a couple of others seem to be corrupt on a mirror or two. It's come up a couple of times.
Offline
Pages: 1