You are not logged in.
- Topics: Active | Unanswered
#1 2017-03-25 23:55:18
- alaskanarcher
- Member
- Registered: 2016-04-30
- Posts: 50
[closed]Are all Trusted Users in archlinux-keyring?
I am running into an issue where after properly initializing the pacman keyring with the following I still have Anatol Pomozov's keys as 'unknown trust'. I looked up Anatol and saw that he is a Trusted User in the community repo. Is is normal for me to have to trust his keys manually?
How I initialized the pacman keyring: all as prescribed. This is with the up to date pacman-keyring package installed.
# pacman-key --init
# pacman-key --populate archlinux
# pacman --refresh-keysThen I still get these errors during full system upgrade for some of Anatol's signatures and I suppose a few other sigs that he must sign (because those warnings went away after manually signing Anatol's keys).
# pacman -Syu
...
(142/142) checking keys in keyring [###########################] 100%
(142/142) checking package integrity [###########################] 100%
error: binutils: signature from "Anatol Pomozov <xxxxx.xxxxx@xxxxxx.xxx>" is unknown trust
:: File /var/cache/pacman/pkg/binutils-2.28.0-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: avr-binutils: signature from "Anatol Pomozov <xxxxx.xxxxxx@xxxxxx.xxx>" is unknown trust
:: File /var/cache/pacman/pkg/avr-binutils-2.28-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: arduino-avr-core: signature from "NicoHood <xxxxxxx@xxxxx.xx>" is unknown trust
:: File /var/cache/pacman/pkg/arduino-avr-core-1.6.18-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: arduino-builder: signature from "NicoHood <xxxxx@xxxx.xxx>" is unknown trust
:: File /var/cache/pacman/pkg/arduino-builder-1.3.25-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
...Other things I tried:
- Clear package cache
- Make sure /root/.gnupg/dirmngr_ldapservers.conf exists and call '# dirmngr </dev/null'
- Re initialized, refreshed the keys and reinstalled archlinux-keyring too many times to be considered sane
So should I have to manually trust Anatol's key or any Trusted User's?
Last edited by alaskanarcher (2017-03-27 10:31:59)
Offline
#2 2017-03-26 04:50:56
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,385
- Website
Re: [closed]Are all Trusted Users in archlinux-keyring?
pacman -Sy archlinux-keyring; pacman -Su
Offline
#3 2017-03-26 17:22:41
- alaskanarcher
- Member
- Registered: 2016-04-30
- Posts: 50
Re: [closed]Are all Trusted Users in archlinux-keyring?
I was pretty sure I did that. I verified that I had the latest archlinux-keyring installed, and reinstalled it virtually exactly as you suggested.
I got it working by just manually signing Anatol's key. I was simply wondering if it is expected that the keyring should sign trusted users keys. I am assuming that it is and that I must have done something funky.
Last edited by alaskanarcher (2017-03-26 17:25:54)
Offline
#4 2017-03-26 19:41:03
- loafer
- Member
- From: the pub
- Registered: 2009-04-14
- Posts: 1,772
Re: [closed]Are all Trusted Users in archlinux-keyring?
... virtually exactly as you suggested...
That's what was "funky". If you'd done it literally It'd have worked :-). Please mark this as solved.
All men have stood for freedom...
For freedom is the man that will turn the world upside down.
Gerrard Winstanley.
Offline