You are not logged in.

#1 2017-08-24 12:38:03

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 408
Website

[solved] Cannot install faulty signed packages

Hi all,

today I opened this bug report that was closed as a duplicate to this one.
However the proposed solution of the latter does not work for me.
What I've done so far:

1) reinstall /update keyring

$ LANG=en_US sudo pacman -Sy archlinux-keyring 
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 homeinfo is up to date
warning: archlinux-keyring-20170611-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Packages (1) archlinux-keyring-20170611-1

Total Installed Size:  0.89 MiB
Net Upgrade Size:      0.00 MiB

:: Proceed with installation? [Y/n] 
(1/1) checking keys in keyring                                                                                                 [#############################################################################] 100%
(1/1) checking package integrity                                                                                               [#############################################################################] 100%
(1/1) loading package files                                                                                                    [#############################################################################] 100%
(1/1) checking for file conflicts                                                                                              [#############################################################################] 100%
(1/1) checking available disk space                                                                                            [#############################################################################] 100%
:: Processing package changes...
(1/1) reinstalling archlinux-keyring                                                                                           [#############################################################################] 100%
==> Appending keys from archlinux.gpg...
key 5ED514A45BD5C938:
1 signature not checked due to a missing key
sig!         A88E23E377514E00 2017-05-23  Florian Pritz (Arch Linux Master Key) <florian@master-
sub  69A65012074901CB
sig!         EB763B4E9DB887A6 2017-05-22  [self-signature]
key EB763B4E9DB887A6:
1 signature reordered
key A5E9288C4FA415FA:
5 signatures not checked due to missing keys
key B4360204B250F0D3:
12 signatures not checked due to missing keys
key 39E4F17F295AFBF4:
2 signatures not checked due to missing keys
key 654B877A0864983E:
3 signatures not checked due to missing keys
==> Locally signing trusted keys in keyring...
  -> Locally signing key DDB867B92AA789C165EEFA799B729B06A680C281...
  -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
  -> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
  -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
  -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
  -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
  -> Disabling key 7FA647CD89891DEDC060287BB9113D1ED21E1A55...
  -> Disabling key D4DE5ABDE2A7287644EAC7E36D1A9E70E19DAA50...
  -> Disabling key 40440DC037C05620984379A6761FAD69BA06C6A9...
  -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
  -> Disabling key 63F395DE2D6398BBE458F281F2DBB4931985A992...
  -> Disabling key 8F76BEEA0289F9E1D3E229C05F946DED983D4366...
  -> Disabling key 81D7F8241DB38BC759C80FCE3A726C6170E80477...
  -> Disabling key 5E7585ADFF106BFFBBA319DC654B877A0864983E...
  -> Disabling key E7210A59715F6940CF9A4E36A001876699AD6E84...
  -> Disabling key F5A361A3A13554B85E57DDDAAF7EF7873CFD4BB6...
  -> Disabling key 9515D8A8EAB88E49BB65EDBCE6B456CAF15447D5...
  -> Disabling key 4A8B17E20B88ACA61860009B5CED81B7C2E5C0D2...
  -> Disabling key 0B20CA1931F5DA3A70D0F8D2EA6836E1AB441196...
  -> Disabling key 66BD74A036D522F51DD70A3C7F2A16726521E06D...
  -> Disabling key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
==> Updating trust database...
gpg: next trustdb check due at 2017-10-20
:: Running post-transaction hooks...
(1/1) Arming ConditionNeedsUpdate...
$ LANG=en_US sudo pacman -S iperf
resolving dependencies...
looking for conflicting packages...

Packages (1) iperf-2.0.10-1

Total Installed Size:  0.09 MiB

:: Proceed with installation? [Y/n] 
(1/1) checking keys in keyring                                                                                                 [#############################################################################] 100%
downloading required keys...
error: key "4A1AFC345EBE18F8" could not be looked up remotely
error: required key missing from keyring
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.

2) refresh keys

$ LANG=en_US sudo pacman-key --refresh-keys 
gpg: refreshing 94 keys from hkp://pool.sks-keyservers.net
gpg: keyserver refresh failed: Server indicated a failure
==> ERROR: A specified local key could not be updated from a keyserver.

So, what did not work

1) Proposed solution "update archlinux-keyring": Nope
2) Proposed solution "refresh the pacman keyring": Nope
3) Proposed solution "let it be looked up remotely": Nope

error: key "4A1AFC345EBE18F8" could not be looked up remotely

Since this is not a bug (re-open denied by @Scimmia) I must be doing something wrong.
What do I miss?

Last edited by schard (2017-08-25 07:41:18)

Online

#2 2017-08-24 12:46:23

Scimmia
Bug Wrangler
Registered: 2012-09-01
Posts: 7,228

Re: [solved] Cannot install faulty signed packages

1) Yep: https://www.archlinux.org/packages/test … x-keyring/
2) Your gnupg is broken
3) See 2

Offline

#3 2017-08-24 12:50:43

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 408
Website

Re: [solved] Cannot install faulty signed packages

1) This is in [testing] and it is not enabled on my machine and I have no intentions to do so.
2/3) Can you elaborate?

Last edited by schard (2017-08-24 12:52:00)

Online

#4 2017-08-24 13:11:21

plenus
Member
Registered: 2012-04-19
Posts: 29

Re: [solved] Cannot install faulty signed packages

I'm facing the same problem. I've also tried all the proposed solutions (except for installing testing stuff). I've also tried almost everything that is listed on the wiki.

On the other hand, I'm behind a proxy. But not even using proxychains or http_proxy and using other keyservers helped.

Can anyone point to where one could download the key for fingerprint 4A1AFC345EBE18F8? maybe we could try to import it manually.

Last edited by plenus (2017-08-24 13:13:15)

Offline

#5 2017-08-24 14:22:13

tarcisioe
Member
Registered: 2013-10-06
Posts: 8

Re: [solved] Cannot install faulty signed packages

I was able to update by changing the keyserver to MIT's as suggested here:  https://wiki.archlinux.org/index.php/Pa … mport_keys, by editing /etc/pacman.d/gnupg/gpg.conf and changing the

keyserver

line to

keyserver hkp://pgp.mit.edu:11371

.

Last edited by tarcisioe (2017-08-24 14:23:03)

Offline

#6 2017-08-24 14:22:51

vtrac
Member
Registered: 2016-01-28
Posts: 37

Re: [solved] Cannot install faulty signed packages

Same issue here on a 1-week old installation of arch. I've also one through the same steps as schard.   Seems like a bug to me.

Offline

#7 2017-08-24 14:31:28

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 408
Website

Re: [solved] Cannot install faulty signed packages

tarcisioe wrote:

I was able to update by changing the keyserver to MIT's [...]

Unfortunately this does not work for me (Same error as in 2)).

vtrac wrote:

Seems like a bug to me.

The admin seems to disagree, but on the other hand cannot come up with a satisfying solution.

Online

#8 2017-08-24 15:14:50

Scimmia
Bug Wrangler
Registered: 2012-09-01
Posts: 7,228

Re: [solved] Cannot install faulty signed packages

Solutions were already posted. If your gnupg is broken, you need to at least make an attempt at troubleshooting it. Or just install the package I linked to, it's a single pacman command even without enabling testing.

Offline

#9 2017-08-24 15:31:54

tarcisioe
Member
Registered: 2013-10-06
Posts: 8

Re: [solved] Cannot install faulty signed packages

schard wrote:

Unfortunately this does not work for me (Same error as in 2)).

In 2 you were trying to run pacman-key. It seems that should not be needed. I just changed the keyserver and tried pacman -Syu again.

If this doesn't help, you can download the package from the testing mirror (the tar.xz) and use pacman -U to install it. Shouldn't be an issue since this package has no dependencies. It would be just an early upgrade, before it goes to the stable mirror.

Offline

#10 2017-08-24 16:05:57

ohizou
Member
Registered: 2017-08-24
Posts: 1

Re: [solved] Cannot install faulty signed packages

Same issue here. In my case, it was solved by removing iperf.

 # pacman -Rs iperf 
 # pacman -Su

After that, I could not install iperf with the same error.

key "4A1AFC345EBE18F8" could not be looked up remotely

The key is identical to what schard logged.
So I think it can be related to some trouble on registration of specific key
of the package maintainer.

Last edited by ohizou (2017-08-24 16:11:43)

Offline

#11 2017-08-24 16:17:23

plenus
Member
Registered: 2012-04-19
Posts: 29

Re: [solved] Cannot install faulty signed packages

tarcisioe wrote:

In 2 you were trying to run pacman-key. It seems that should not be needed. I just changed the keyserver and tried pacman -Syu again.

I've tried all and they didn't work for me: changing the keyserver, just runing pcman -Syu and just runing pacman-key -r 4A1AFC345EBE18F8

tarcisioe wrote:

If this doesn't help, you can download the package from the testing mirror (the tar.xz) and use pacman -U to install it. Shouldn't be an issue since this package has no dependencies. It would be just an early upgrade, before it goes to the stable mirror.

Do you mean to grab the testing version of the keyring?

Last edited by plenus (2017-08-24 16:17:53)

Offline

#12 2017-08-24 16:41:18

tarcisioe
Member
Registered: 2013-10-06
Posts: 8

Re: [solved] Cannot install faulty signed packages

plenus wrote:

Do you mean to grab the testing version of the keyring?

Exactly. If you follow this link https://www.archlinux.org/packages/test … x-keyring/ there is a "Download from mirror" link that leads to the .tar.xz of the package, which is ready to install with pacman -U. Since this package is totally standalone it will just update the one you have installed.

Offline

#13 2017-08-24 17:17:05

Ekaradon
Member
Registered: 2014-05-31
Posts: 38

Re: [solved] Cannot install faulty signed packages

I had the same issue and installing the package from the mirror worked for me.

Offline

#14 2017-08-24 18:15:35

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 408
Website

Re: [solved] Cannot install faulty signed packages

To come to a conclusion:

1) I do not accept that it is necessary to install an unstable package in order to install a package from the stable repos.
2) Therefore I removed iperf an will consider reinstalling it, when the respective keyring package is moved to stable.
3) I am amazed that dependecies as mentioned in 1) are not considered bugs by the admins.

Last edited by schard (2017-08-24 18:17:04)

Online

#15 2017-08-24 18:39:46

evilhamsterman
Member
Registered: 2013-08-15
Posts: 11

Re: [solved] Cannot install faulty signed packages

I agree it looks like all packages maintained by Sébastien Luttringer that have been updated since 8/22 are signed by a key that doesn't exist in keyservers or in the stable keyring package. This is even evident on the arch packages pages where they say they are "Signed By:    Unknown (0x5EBE18F8)" instead of "Signed By:    Sébastien Luttringer". This is a bug as you shouldn't have to manually pull a testing package to install stable packages, the key isn't available from online keyservers, and some people are behind systems that block access to keyservers anyway (such as myself).

Offline

#16 2017-08-24 18:55:17

evilhamsterman
Member
Registered: 2013-08-15
Posts: 11

Re: [solved] Cannot install faulty signed packages

OK I was searching wrong and did find the key on the pgp.mit.edu server, however the other points still stand, packages in stable should not be signed with keys not included in the stable archlinux-keyring.

Offline

#17 2017-08-24 19:05:00

linux_dream
Member
Registered: 2015-05-17
Posts: 37

Re: [solved] Cannot install faulty signed packages

pacman -U https://www.archlinux.org/packages/testing/any/archlinux-keyring/download/

worked for me, that is, installing the testing package of the keyring worked for me.

Offline

#18 2017-08-24 19:16:55

ayekat
Member
Registered: 2011-01-17
Posts: 1,335
Website

Re: [solved] Cannot install faulty signed packages

If this was accepted as a bug on the bug tracker (because IMHO it is one, as also pointed out by evilhamsterman), people would be OK with: "It's a bug, and this is a temporary workaround", and we could all move on.

But as the bug gets closed down repeatedly (without any proper explanation), people will obviously not accept the workaround, because they feel like a "no bug" issue should have a "no bug workaround" solution.

EDIT
I may actually have been a little too fast (I was basing my statement on the fact that all the well-respected users on #archlinux gave people the advice to download the package from [testing], so I assumed that this must be the workaround).

This is what I get when installing iperf:

$ sudo pacman -S iperf                                                                              
[sudo] password for ayekat:                                                                                     
resolving dependencies...                                                                                       
looking for conflicting packages...                                                                             
                                                                                                                
Package (1)      New Version  Net Change  Download Size

community/iperf  2.0.10-1       0.09 MiB       0.04 MiB

Total Download Size:   0.04 MiB
Total Installed Size:  0.09 MiB

:: Proceed with installation? [Y/n]                                                                             
:: Retrieving packages...                                                                                       
 iperf-2.0.10-1-x86_64                      40.7 KiB  1357K/s 00:00 [######################################] 100%
(1/1) checking keys in keyring                                      [######################################] 100%
downloading required keys...
:: Import PGP key 4096R/B81B051F2D7FC867AAFF35A58DBD63B82072D77A, "Seblu <seblu@seblu.net>", created: 2011-11-11? [Y/n]                                                                                                          
(1/1) checking package integrity                                    [######################################] 100%
(1/1) loading package files                                         [######################################] 100%
(1/1) checking for file conflicts                                   [######################################] 100%
(1/1) checking available disk space                                 [######################################] 100%
:: Processing package changes...                                                                                
(1/1) installing iperf                                              [######################################] 100%
:: Running post-transaction hooks...                                                                            
(1/1) Arming ConditionNeedsUpdate...

EDIT2
On a second thought, this is just another variant of the same workaround. One way or the other, we have to add a key to the Arch Linux keyring because a stable package was signed by a key not yet pushed to the people's systems (hence a bug—even if ridiculously blown out of proportion).

Last edited by ayekat (2017-08-24 19:36:26)


{,META,RE}PKGBUILDSpacman-hacks (includes makemetapkg and remakepkg) │ dotfiles

Offline

#19 2017-08-24 20:55:49

eschwartz
Trusted User/Bug Wrangler
Registered: 2014-08-08
Posts: 2,853

Re: [solved] Cannot install faulty signed packages

It's pretty simple. A maintainer added a new signing subkey, that subkey is not in peoples' old archlinux-keyring but pacman-key --refresh-keys or just importing the key will get you exactly what you need. The key is already signed by the master keys, so you don't need to declare a trust, either.

The archlinux-keyring package is meanwhile getting updated so people going forward will have the key locally available from the start, and while it might have been nice if packages weren't signed with a new subkey quite that early, it is hardly a bug.
The only bug here, if anything, is the fact that gpg unpredictably fails to connect to keyservers. But this has been discussed, with workarounds, quite a lot.


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#20 2017-08-24 21:09:19

evilhamsterman
Member
Registered: 2013-08-15
Posts: 11

Re: [solved] Cannot install faulty signed packages

For some people it isn't unpredictable. They may be behind a firewall (myself included) that blocks access to keyservers. There shouldn't need to be workarounds, package maintainers should only sign their packages with keys that exist in the archlinux-keyring for the repository they are releasing for.

Last edited by evilhamsterman (2017-08-24 21:10:27)

Offline

#21 2017-08-24 21:12:11

ayekat
Member
Registered: 2011-01-17
Posts: 1,335
Website

Re: [solved] Cannot install faulty signed packages

OK, I'm sorry for all the noise; this is pretty much PEBKAC from my side.

  1. I installed iperf as shown above, pulling the updated key for Sébastien

  2. I wondered: "Is this necessary? Can this simply be done with `pacman-key` instead?" and deleted Sébastien's key

  3. I ran `pacman-key --refresh-keys` (which would obviously not pull in Sébastien's updated key anymore, since it was gone)

  4. ... come here and brainfart

Anyway, I ran the key update on another machine that still hadn't been touched by me, and there it works as described by Eschwartz. This is not a bug. But I'm not OP. I'm just apologising.


{,META,RE}PKGBUILDSpacman-hacks (includes makemetapkg and remakepkg) │ dotfiles

Offline

#22 2017-08-24 23:38:45

Scimmia
Bug Wrangler
Registered: 2012-09-01
Posts: 7,228

Re: [solved] Cannot install faulty signed packages

evilhamsterman wrote:

They may be behind a firewall (myself included) that blocks access to keyservers.

That's not really Arch's issue, but there are keyservers available over http/https.

Offline

#23 2017-08-25 07:41:04

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 408
Website

Re: [solved] Cannot install faulty signed packages

Today, interstingly, I could refresh the pacman keys.
I have no clue why it did not work yesterday.

$ LANG=en_US sudo pacman-key --refresh-keys
gpg: refreshing 94 keys from hkp://pool.sks-keyservers.net
key D53A0445B47A0DAB:
1 signature not checked due to a missing key
gpg: key D53A0445B47A0DAB: "Connor Behan <connor.behan@gmail.com>" not changed
key BBE43771487328A9:
12 signatures not checked due to missing keys
gpg: key BBE43771487328A9: "Bartlomiej Piotrowski <b@bpiotrowski.pl>" not changed
key 6D1655C14CE1C13E:
41 signatures not checked due to missing keys
1 bad signature
gpg: key 6D1655C14CE1C13E: "Florian Pritz <bluewind@xinu.at>" not changed
key E62F853100F0D0F0:
90 signatures not checked due to missing keys
gpg: key E62F853100F0D0F0: "Gaetan Bisson <gaetan@fenua.org>" not changed
key B61DBCE10901C163:
1 signature not checked due to a missing key
gpg: key B61DBCE10901C163: "Ball Gyrgy <ballogyor@gmail.com>" not changed
gpg: key 4AC5588F941C2A25: "Antonio Rojas <arojas@archlinux.org>" not changed
key FCF3C8CB5CF9C8D4:
1 signature not checked due to a missing key
gpg: key FCF3C8CB5CF9C8D4: "Alexander Rdseth <rodseth@gmail.com>" not changed
key 2E89012331361F01:
3 signatures not checked due to missing keys
gpg: key 2E89012331361F01: "Evgeniy Alekseev <arcanis@archlinux.org>" not changed
key 42A1DB15EC133BAD:
1 signature not checked due to a missing key
gpg: key 42A1DB15EC133BAD: "Angel Velsquez <angvp@archlinux.org>" not changed
key 94657AB20F2A092B:
1 signature not checked due to a missing key
gpg: key 94657AB20F2A092B: "Andreas Radke <andyrtr@archlinux.org>" not changed
key F3E1D5C5D30DB0AD:
336 signatures not checked due to missing keys
gpg: key F3E1D5C5D30DB0AD: "Andrea Scarpino <me@andreascarpino.it>" not changed
key B02854ED753E0F1F:
1 signature not checked due to a missing key
gpg: key B02854ED753E0F1F: "Anatol Pomozov <anatol.pomozov@gmail.com>" not changed
key AFF5D95098BC6FF5:
1 signature not checked due to a missing key
gpg: key AFF5D95098BC6FF5: "Maxime Gauduin <alucryd@alucryd.xyz>" not changed
key F99FFE0FEAE999BD:
5 signatures not checked due to missing keys
gpg: key F99FFE0FEAE999BD: "Allan McRae <me@allanmcrae.com>" not changed
key 40F557B731496106:
1 signature not checked due to a missing key
gpg: key 40F557B731496106: "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" not changed
key 5184252D824B18E8:
5 signatures not checked due to missing keys
gpg: key 5184252D824B18E8: "Thomas Bchler (Arch Linux Master Key) <thomas@master-key.archlinux.org>" not changed
key 3348882F6AC6A4C2:
7 signatures not checked due to missing keys
gpg: key 3348882F6AC6A4C2: "Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>" not changed
key 7EFD567D4C7EA887:
5 signatures not checked due to missing keys
gpg: key 7EFD567D4C7EA887: "Ionut Biru (Arch Linux Master Key) <ionut@master-key.archlinux.org>" not changed
key A04F9397CDFD6BB0:
5 signatures not checked due to missing keys
gpg: key A04F9397CDFD6BB0: "Dan McGee (Arch Linux Master Key) <dan@master-key.archlinux.org>" not changed
key BA1DFB64FFF979E7:
11 signatures not checked due to missing keys
gpg: key BA1DFB64FFF979E7: "Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>" not changed
key 24E4CDB0013C2580:
1 signature not checked due to a missing key
gpg: key 24E4CDB0013C2580: "Jaroslav Lichtblau <svetlemodry@archlinux.org>" not changed
key 37E0AF1FDA48F373:
3 signatures not checked due to missing keys
gpg: key 37E0AF1FDA48F373: "Jerome Leclanche <jerome@leclan.ch>" not changed
key 976AC6FA3B94FA10:
1 signature not checked due to a missing key
gpg: key 976AC6FA3B94FA10: "Jan de Groot <info@jandegrootict.nl>" not changed
key C06086337C50773E:
4 signatures not checked due to missing keys
gpg: key C06086337C50773E: "Jelle van der Waa <jelle@vdwaa.nl>" not changed
key DB323392796CA067:
1 signature not checked due to a missing key
gpg: key DB323392796CA067: "Ike Devolder <ike.devolder@gmail.com>" not changed
key E8F18BA1615137BC:
6 signatures not checked due to missing keys
gpg: key E8F18BA1615137BC: "Ionut Biru <ibiru@archlinux.org>" not changed
uid  Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
sig!         7F2D434B9741E8AC 2012-02-05  Pierre Schmitz <pierre@archlinux.de>
sig!         F2DBB4931985A992 2012-02-05  Dieter Plaetinck <dieter@plaetinck.be>
sig!         C8880A6406361833 2012-02-05  Tom Gundersen <teg@jklm.no>
sig!3        A5E9288C4FA415FA 2011-08-25  [self-signature]
sig!3        A5E9288C4FA415FA 2011-11-16  [self-signature]
sig!         3348882F6AC6A4C2 2011-11-20  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         5184252D824B18E8 2011-11-22  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         7EFD567D4C7EA887 2011-11-26  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         A04F9397CDFD6BB0 2011-12-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
sig!         BA1DFB64FFF979E7 2011-12-05  Allan McRae (Arch Linux Master Key) <allan@master-key.
sig!         284FC34C8E4B1A25 2012-02-05  Thomas Bchler <thomas@bchlr.de>
sig!         A88E23E377514E00 2016-01-24  Florian Pritz (Arch Linux Master Key) <florian@master-
sig!         9B729B06A680C281 2017-07-13  Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <
uid  Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
sig!         7F2D434B9741E8AC 2012-02-05  Pierre Schmitz <pierre@archlinux.de>
sig!         F2DBB4931985A992 2012-02-05  Dieter Plaetinck <dieter@plaetinck.be>
sig!         C8880A6406361833 2012-02-05  Tom Gundersen <teg@jklm.no>
sig!3        A5E9288C4FA415FA 2011-11-03  [self-signature]
sig!         3348882F6AC6A4C2 2011-11-20  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         5184252D824B18E8 2011-11-22  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         7EFD567D4C7EA887 2011-11-26  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         A04F9397CDFD6BB0 2011-12-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
sig!         BA1DFB64FFF979E7 2011-12-05  Allan McRae (Arch Linux Master Key) <allan@master-key.
sig!         284FC34C8E4B1A25 2012-02-05  Thomas Bchler <thomas@bchlr.de>
sig!         A88E23E377514E00 2016-01-24  Florian Pritz (Arch Linux Master Key) <florian@master-
sig!         9B729B06A680C281 2017-07-13  Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <
uid  [jpeg image of size 3837]
sig!3        A5E9288C4FA415FA 2017-01-09  [self-signature]
sig!         9B729B06A680C281 2017-07-13  Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <
uid  [jpeg image of size 3865]
sig!         7F2D434B9741E8AC 2012-02-05  Pierre Schmitz <pierre@archlinux.de>
sig!         F2DBB4931985A992 2012-02-05  Dieter Plaetinck <dieter@plaetinck.be>
sig!         C8880A6406361833 2012-02-05  Tom Gundersen <teg@jklm.no>
sig!3        A5E9288C4FA415FA 2011-08-25  [self-signature]
sig!         3348882F6AC6A4C2 2011-11-20  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         5184252D824B18E8 2011-11-22  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         A04F9397CDFD6BB0 2011-12-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
sig!         BA1DFB64FFF979E7 2011-12-05  Allan McRae (Arch Linux Master Key) <allan@master-key.
sig!         284FC34C8E4B1A25 2012-02-05  Thomas Bchler <thomas@bchlr.de>
sig!         A88E23E377514E00 2016-01-24  Florian Pritz (Arch Linux Master Key) <florian@master-
sig!         9B729B06A680C281 2017-07-13  Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <
sub  B8520A561151A394
sig!         A5E9288C4FA415FA 2011-08-25  [self-signature]
key A5E9288C4FA415FA:
10 duplicate signatures removed
192 signatures not checked due to missing keys
gpg: key A5E9288C4FA415FA: "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" not changed
key DA6426DD215B37AD:
190 signatures not checked due to missing keys
gpg: key DA6426DD215B37AD: "Guillaume ALAUX <guillaume@archlinux.org>" not changed
key B7310AE5F04569AE:
13 signatures not checked due to missing keys
gpg: key B7310AE5F04569AE: "Giovanni Scafora <giovanni@archlinux.org>" not changed
key 786C63F330D7CB92:
268 signatures not checked due to missing keys
gpg: key 786C63F330D7CB92: "Felix Yan <felixonmars@gmail.com>" not changed
key 51E8B148A9999C34:
4 signatures not checked due to missing keys
gpg: key 51E8B148A9999C34: "Evangelos Foutras <evangelos@foutrelis.com>" not changed
key 654B877A0864983E:
8 signatures not checked due to missing keys
gpg: key 654B877A0864983E: "Martin Wimpress (http://www.flexion.org) <martin@flexion.org>" not changed
key 59B3122E2FA915EC:
1 signature not checked due to a missing key
gpg: key 59B3122E2FA915EC: "Alexandre Filgueira <alexfilgueira@cinnarch.com>" not changed
key A6234074498E9CEE:
64 signatures not checked due to missing keys
gpg: key A6234074498E9CEE: "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" not changed
key FCF2CB179205AC90:
1 signature not checked due to a missing key
gpg: key FCF2CB179205AC90: "Eric Belanger <eric@archlinux.org>" not changed
key 5FA5E5544F010D48:
6 signatures not checked due to missing keys
gpg: key 5FA5E5544F010D48: "Daniel Wallace <dwallace@saltstack.com>" not changed
key 1EB2638FF56C0C53:
10 signatures not checked due to missing keys
gpg: key 1EB2638FF56C0C53: "Dave Reisner <d@falconindy.com>" not changed
key 5ED514A45BD5C938:
2 signatures not checked due to missing keys
gpg: key 5ED514A45BD5C938: "Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>" not changed
key 761FAD69BA06C6A9:
1 signature not checked due to a missing key
gpg: key 761FAD69BA06C6A9: "Dicebot <public@dicebot.lv>" not changed
key E613C09CB4440678:
1 signature not checked due to a missing key
gpg: key E613C09CB4440678: "Daniel Isenmann <daniel@archlinux.org>" not changed
key 5C2E46A0F53A76ED:
14 signatures not checked due to missing keys
gpg: key 5C2E46A0F53A76ED: "Dan McGee <dpmcgee@gmail.com>" not changed
key C8880A6406361833:
5 signatures not checked due to missing keys
gpg: key C8880A6406361833: "Tom Gundersen <teg@jklm.no>" not changed
key 284FC34C8E4B1A25:
7 signatures not checked due to missing keys
1 bad signature
gpg: key 284FC34C8E4B1A25: "Thomas Bchler <thomas@bchlr.de>" not changed
key F9E712E59AF5F22A:
7 signatures not checked due to missing keys
gpg: key F9E712E59AF5F22A: "Daniel Micay <danielmicay@gmail.com>" not changed
key 7FB1A3800C84C0A5:
1 signature not checked due to a missing key
gpg: key 7FB1A3800C84C0A5: "Thomas Dziedzic <gostrc@gmail.com>" not changed
key 39E4B877E62EB915:
1 signature not checked due to a missing key
gpg: key 39E4B877E62EB915: "Sven-Hendrik Haase <svenstaro@gmail.com>" not changed
key 73B8ED52F1D357C1:
1 signature not checked due to a missing key
gpg: key 73B8ED52F1D357C1: "Lukas Jirkovsky <l.jirkovsky@gmail.com>" not changed
key 65C110C1EA433FC7:
4 signatures not checked due to missing keys
gpg: key 65C110C1EA433FC7: "Sergej Pupykin <arch@sergej.pp.ru>" not changed
key CF7037A4F27FB7DA:
3 signatures not checked due to missing keys
gpg: key CF7037A4F27FB7DA: "speps <speps@aur.archlinux.org>" not changed
key 8DBD63B82072D77A:
8 signatures not checked due to missing keys
gpg: key 8DBD63B82072D77A: "Sbastien Luttringer <seblu@seblu.net>" not changed
key 456C7A9B91B842AE:
1 signature not checked due to a missing key
gpg: key 456C7A9B91B842AE: "Jakob Gruber <jakob.gruber@gmail.com>" not changed
key 81AF739EC0711BF1:
1 signature not checked due to a missing key
gpg: key 81AF739EC0711BF1: "Rashif Rahman (Ray) <schiv@archlinux.org>" not changed
key 426991CD8406FFF3:
1 signature not checked due to a missing key
gpg: key 426991CD8406FFF3: "Ronald van Haren <ronald@archlinux.org>" not changed
key 206CBC892D1493D2:
12 signatures not checked due to missing keys
gpg: key 206CBC892D1493D2: "Rmy Oudompheng <remy@archlinux.org>" not changed
key 7F2D434B9741E8AC:
16 signatures not checked due to missing keys
1 bad signature
gpg: key 7F2D434B9741E8AC: "Pierre Schmitz <pierre@archlinux.de>" not changed
key B4360204B250F0D3:
92 signatures not checked due to missing keys
gpg: key B4360204B250F0D3: "Fabio Castelli <muflone@vbsimple.net>" not changed
key 94DD2393DA2EE423:
1 signature not checked due to a missing key
gpg: key 94DD2393DA2EE423: "Massimiliano Torromeo (Personal non-work identity) <massimiliano.torromeo@gmail.com>" not changed
key A91764759326B440:
3 signatures not checked due to missing keys
gpg: key A91764759326B440: "Lukas Fleischer <lfleischer@lfos.de>" not changed
key 06096A6AD1CEDDAC:
1 signature not checked due to a missing key
gpg: key 06096A6AD1CEDDAC: "Laurent Carlier <lordheavym@gmail.com>" not changed
key 396E3E25BAB142C1:
1 signature not checked due to a missing key
gpg: key 396E3E25BAB142C1: "Kyle Keen <keenerd@gmail.com>" not changed
key A3D9562A589874AB:
2 signatures not checked due to missing keys
gpg: key A3D9562A589874AB: "Jrgen Htzel <juergen@hoetzel.info>" not changed
key 332C9C40F40D2072:
4 signatures not checked due to missing keys
gpg: key 332C9C40F40D2072: "Jonathan Steel <mail@jsteel.org>" not changed
key 90CB3D62C13D4796:
4 signatures not checked due to missing keys
gpg: key 90CB3D62C13D4796: "Jiachen Yang <farseerfc@gmail.com>" not changed
gpg: key 9BDCF497A4BBCC7F: "Ambrevar <ambrevar@gmail.com>" not changed
key 50FB9B273A9D0BB5:
6 signatures not checked due to missing keys
gpg: key 50FB9B273A9D0BB5: "Johannes Lthberg <johannes@kyriasis.com>" not changed
key FC1B547C8D8172C8:
76 signatures not checked due to missing keys
gpg: key FC1B547C8D8172C8: "Levente Polyak (anthraxx) <levente@leventepolyak.net>" not changed
key 5CED81B7C2E5C0D2:
2 signatures not checked due to missing keys
gpg: key 5CED81B7C2E5C0D2: "Xyne. <xyne@archlinux.ca>" not changed
key EA6836E1AB441196:
1 signature not checked due to a missing key
gpg: key EA6836E1AB441196: "Stphane Gaudreault <stephane@archlinux.org>" not changed
key 3A726C6170E80477:
1 signature not checked due to a missing key
gpg: key 3A726C6170E80477: "\xd0\xa0\xd0\xbe\xd0\xbc\xd0\xb0\xd0\xbd \xd0\x9a\xd0\xb8\xd1\x80\xd0\xb8\xd0\xbb\xd0\xb8\xd1\x87 (Roman Kyrylych) <roman@archlinux.org>" not changed
uid  Peter Richard Lewis <pete@muddygoat.org>
sig!3        6D1A9E70E19DAA50 2011-10-29  [self-signature]
sig!         3348882F6AC6A4C2 2011-12-02  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         7EFD567D4C7EA887 2011-12-03  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         5184252D824B18E8 2011-12-04  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         A04F9397CDFD6BB0 2011-12-06  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         7EFD567D4C7EA887 2015-02-07  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
rev!         3348882F6AC6A4C2 2014-08-31  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
rev!         A04F9397CDFD6BB0 2014-09-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         5184252D824B18E8 2014-08-12  Thomas Bchler (Arch Linux Master Key) <thomas@master-
uid  Peter Richard Lewis <p.r.lewis@cs.bham.ac.uk>
sig!3        6D1A9E70E19DAA50 2008-03-04  [self-signature]
sig!         3348882F6AC6A4C2 2011-12-02  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         7EFD567D4C7EA887 2011-12-03  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         5184252D824B18E8 2011-12-04  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         A04F9397CDFD6BB0 2011-12-06  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         7EFD567D4C7EA887 2015-02-07  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
rev!         3348882F6AC6A4C2 2014-08-31  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
rev!         A04F9397CDFD6BB0 2014-09-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         5184252D824B18E8 2014-08-12  Thomas Bchler (Arch Linux Master Key) <thomas@master-
uid  Peter Richard Lewis <prlewis@letterboxes.org>
sig!3        6D1A9E70E19DAA50 2011-10-29  [self-signature]
sig!3        6D1A9E70E19DAA50 2006-03-01  [self-signature]
sig!3        6D1A9E70E19DAA50 2008-03-04  [self-signature]
sig!         3348882F6AC6A4C2 2011-12-02  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         7EFD567D4C7EA887 2011-12-03  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         5184252D824B18E8 2011-12-04  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         A04F9397CDFD6BB0 2011-12-06  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         7EFD567D4C7EA887 2015-02-07  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
rev!         3348882F6AC6A4C2 2014-08-31  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
rev!         A04F9397CDFD6BB0 2014-09-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         5184252D824B18E8 2014-08-12  Thomas Bchler (Arch Linux Master Key) <thomas@master-
uid  Peter Richard Lewis <plewis@aur.archlinux.org>
sig!3        6D1A9E70E19DAA50 2011-10-29  [self-signature]
sig!         3348882F6AC6A4C2 2011-12-02  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         7EFD567D4C7EA887 2011-12-03  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
sig!         5184252D824B18E8 2011-12-04  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         A04F9397CDFD6BB0 2011-12-06  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         7EFD567D4C7EA887 2015-02-07  Ionut Biru (Arch Linux Master Key) <ionut@master-key.a
rev!         3348882F6AC6A4C2 2014-08-31  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
rev!         A04F9397CDFD6BB0 2014-09-01  Dan McGee (Arch Linux Master Key) <dan@master-key.arch
rev!         5184252D824B18E8 2014-08-12  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sub  22AD5874F39D989F
sig!         6D1A9E70E19DAA50 2008-03-04  [self-signature]
sig!         6D1A9E70E19DAA50 2008-03-04  [self-signature]
sub  3D51F9A1FC776955
sig!         6D1A9E70E19DAA50 2008-03-04  [self-signature]
sub  BD95D10CC48DC525
sig!         6D1A9E70E19DAA50 2006-03-01  [self-signature]
sub  AD40D51F3C12E88A (reordered signatures follow)
sig!         6D1A9E70E19DAA50 2008-03-04  [self-signature]
key 6D1A9E70E19DAA50:
2 duplicate signatures removed
134 signatures not checked due to missing keys
1 signature reordered
gpg: key 6D1A9E70E19DAA50: "Peter Richard Lewis <pete@muddygoat.org>" not changed
key B9113D1ED21E1A55:
1 signature not checked due to a missing key
gpg: key B9113D1ED21E1A55: "Kaiting Chen <kaitocracy@gmail.com>" not changed
key 5F946DED983D4366:
1 signature not checked due to a missing key
gpg: key 5F946DED983D4366: "Justin Davis (juster) <jrcd83@gmail.com>" not changed
key AF7EF7873CFD4BB6:
1 signature not checked due to a missing key
gpg: key AF7EF7873CFD4BB6: "Jonathan Conder <jonno.conder@gmail.com>" not changed
key F2DBB4931985A992:
1 signature not checked due to a missing key
gpg: key F2DBB4931985A992: "Dieter Plaetinck <dieter@plaetinck.be>" not changed
key A001876699AD6E84:
6 signatures not checked due to missing keys
gpg: key A001876699AD6E84: "Gavin Marciniak-Bisesi <Daenyth@gmail.com>" not changed
key E6B456CAF15447D5:
4 signatures not checked due to missing keys
gpg: key E6B456CAF15447D5: "Federico Cinelli <cinelli@aur.archlinux.org>" not changed
key E2539214C6C11350:
1 signature not checked due to a missing key
gpg: key E2539214C6C11350: "Federico Cinelli <cinelli.federico@gmail.com>" not changed
key 7F2A16726521E06D:
5 signatures not checked due to missing keys
gpg: key 7F2A16726521E06D: "Christopher Brannon <chris@the-brannons.com>" not changed
key 1D1F0DC78F173680:
3 signatures not checked due to missing keys
gpg: key 1D1F0DC78F173680: "Xyne. (key #3) <xyne@archlinux.ca>" not changed
key 097D629E437520BD:
1 signature not checked due to a missing key
gpg: key 097D629E437520BD: "Vesa Kaihlavirta <vegai@iki.fi>" not changed
key 39E4F17F295AFBF4:
115 signatures not checked due to missing keys
gpg: key 39E4F17F295AFBF4: "Thorsten Tpper <atsutane@freethoughts.de>" not changed
key E711306E3C4F88BC:
2 signatures not checked due to missing keys
gpg: key E711306E3C4F88BC: "Timothy Redaelli <timothy.redaelli@gmail.com>" not changed
key 771DF6627EDF681F:
7 signatures not checked due to missing keys
gpg: key 771DF6627EDF681F: "Tobias Powalowski <tobias.powalowski@googlemail.com>" not changed
gpg: key 6104DEF8A5913D83: "HOMEINFO - Digitale Informationssysteme GmbH <info@homeinfo.de>" not changed
uid  Thore Bdecker <foxxx0@archlinux.org>
sig!         3348882F6AC6A4C2 2017-05-26  Pierre Schmitz (Arch Linux Master Key) <pierre@master-
sig!         5184252D824B18E8 2017-06-11  Thomas Bchler (Arch Linux Master Key) <thomas@master-
sig!         BA1DFB64FFF979E7 2017-05-31  Allan McRae (Arch Linux Master Key) <allan@master-key.
sig!         9B729B06A680C281 2017-05-25  Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <
sig!         A88E23E377514E00 2017-05-23  Florian Pritz (Arch Linux Master Key) <florian@master-
sub  69A65012074901CB
sig!         EB763B4E9DB887A6 2017-05-22  [self-signature]
uid  Thore Bdecker <foxxx0@archlinux.org> (reordered signatures follow)
sig!3        EB763B4E9DB887A6 2017-05-22  [self-signature]
key EB763B4E9DB887A6:
2 duplicate signatures removed
1 signature not checked due to a missing key
2 signatures reordered
gpg: key EB763B4E9DB887A6: "Thore Bdecker <foxxx0@archlinux.org>" not changed
key 9B729B06A680C281:
1 signature not checked due to a missing key
gpg: key 9B729B06A680C281: "Bart\xc5\x82omiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>" not changed
key 1F0CD4921ECAA030:
86 signatures not checked due to missing keys
gpg: key 1F0CD4921ECAA030: "Baptiste Jonglez <baptiste@bitsofnetworks.org>" not changed
key D21461E3DFE2060D:
10 signatures not checked due to missing keys
gpg: key D21461E3DFE2060D: "Christian Rebischke (Arch Linux Security Team-Member) <Chris.Rebischke@archlinux.org>" not changed
key 9D893EC4DAAF9129:
104 signatures not checked due to missing keys
gpg: key 9D893EC4DAAF9129: "Bruno Pagani <bruno.pagani@ens-lyon.org>" not changed
key F22FB1D78A77AEAB:
1 signature not checked due to a missing key
gpg: key F22FB1D78A77AEAB: "Giancarlo Razzolini (grazzolini) <grazzolini@archlinux.org>" not changed
key 51DAE9B7C1AE9161:
13 signatures not checked due to missing keys
gpg: key 51DAE9B7C1AE9161: "NicoHood <pgp@nicohood.de>" not changed
gpg: key C847B6AEB0544167: "Nicola Squartini <tensor5@gmail.com>" not changed
key A88E23E377514E00:
3 signatures not checked due to missing keys
gpg: key A88E23E377514E00: "Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>" not changed
gpg: Total number processed: 93
gpg:              unchanged: 93
$ LANG=en_US sudo pacman -S iperf
resolving dependencies...
looking for conflicting packages...

Packages (1) iperf-2.0.10-1

Total Installed Size:  0.09 MiB

:: Proceed with installation? [Y/n] 
(1/1) checking keys in keyring                                                                                                 [#############################################################################] 100%
(1/1) checking package integrity                                                                                               [#############################################################################] 100%
(1/1) loading package files                                                                                                    [#############################################################################] 100%
(1/1) checking for file conflicts                                                                                              [#############################################################################] 100%
(1/1) checking available disk space                                                                                            [#############################################################################] 100%
:: Processing package changes...
(1/1) installing iperf                                                                                                         [#############################################################################] 100%
:: Running post-transaction hooks...
(1/1) Arming ConditionNeedsUpdate...
$ LANG=en_US pacman -Qi archlinux-keyring 
Name            : archlinux-keyring
Version         : 20170611-1
Description     : Arch Linux PGP keyring
Architecture    : any
URL             : https://projects.archlinux.org/archlinux-keyring.git/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : None
Optional Deps   : None
Required By     : pacman
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 911.00 KiB
Packager        : Pierre Schmitz <pierre@archlinux.de>
Build Date      : Sun Jun 11 08:19:05 2017
Install Date    : Thu Aug 24 14:34:36 2017
Install Reason  : Installed as a dependency for another package
Install Script  : Yes
Validated By    : Signature

So I'll mark this issue as solved.

Online

#24 2017-08-27 17:42:25

Llama
Banned
From: St.-Petersburg, Russia
Registered: 2008-03-03
Posts: 1,379

Re: [solved] Cannot install faulty signed packages

To linux_dream:

$ sudo pacman -U [url]https://www.archlinux.org/packages/testing/any/archlinux-keyring/download/[/url]
error: failed retrieving file 'alpmtmp.cUs121' from [url=http://www.archlinux.org]www.archlinux.org[/url] : The requested URL returned error: 404
warning: failed to download [url]https://www.archlinux.org/packages/testing/any/archlinux-keyring/download/[/url]
error: '[url]https://www.archlinux.org/packages/testing/any/archlinux-keyring/download/[/url]': unexpected error
$ 

What is wrong with my configuration?

Last edited by Llama (2017-08-27 17:43:58)

Offline

#25 2017-08-27 17:53:23

eschwartz
Trusted User/Bug Wrangler
Registered: 2014-08-08
Posts: 2,853

Re: [solved] Cannot install faulty signed packages

The fact that the keyring is no longer available in testing is due to it having been moved to core.

pacman -Sy archlinux-keyring && pacman -Su

Last edited by eschwartz (2017-09-03 02:08:08)


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

Board footer

Powered by FluxBB