You are not logged in.
I've been trying to upgrade the lib32-cmocka AUR package, but I get an error saying the pgp key (7EE0FC4DCC014E3D) can't be found. I've tried using both gpg and pacman-key to import it, tried prefixing with 0x, and used every keyserver I could find, but I always get a server failure. Any way to resolve this?
Trying to fetch key:
$ sudo pacman-key --keyserver hkp://pgp.mit.edu --recv-keys 7EE0FC4DCC014E3D
gpg: keyserver receive failed: Server indicated a failure
==> ERROR: Remote key not fetched correctly from keyserver.
Relevant pacaur output:
$ pacaur -Syu
:: Checking lib32-cmocka integrity...
==> Making package: lib32-cmocka 1.1.1-1 (Fri Feb 2 09:12:53 EST 2018)
==> Retrieving sources...
-> Found cmocka-1.1.1.tar.xz
-> Found cmocka-1.1.1.tar.asc
==> Validating source files with sha512sums...
cmocka-1.1.1.tar.xz ... Passed
cmocka-1.1.1.tar.asc ... Skipped
==> Verifying source file signatures with gpg...
cmocka-1.1.1.tar ... FAILED (unknown public key 7EE0FC4DCC014E3D)
Last edited by ValkyrieC (2018-02-02 14:33:17)
Offline
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Online
Importing fails, as does using the key from validpgpkeys.
Import attempts:
$ sudo pacman-key -a ~/.cache/pacaur/lib32-cmocka/cmocka-1.1.1.tar.asc
gpg: no valid OpenPGP data found.
==> ERROR: A specified keyfile could not be added to the keyring.
$ gpg --import ~/.cache/pacaur/lib32-cmocka/cmocka-1.1.1.tar.asc
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
Key fetch attempts:
$ sudo pacman-key --recv-keys 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
gpg: keyserver receive failed: Server indicated a failure
==> ERROR: Remote key not fetched correctly from keyserver.
$ gpg --recv-keys 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
gpg: keyserver receive failed: Server indicated a failure
Offline
As a quick fix just to get it installed, I removed the pgp info from PKGBUILD and updated .SRCINFO. Not marking as solved as this isn't a permanent solution.
Offline
Nothing in post 2 has anything to do with what the link told you to do. You have to import the key into your keyring, not the signature and not into pacman's keyring.
Edit: OH! The last attempt was actually correct. So your gpg is broken, there's a number of thread around here about that.
Last edited by Scimmia (2018-02-02 15:32:37)
Offline
I'm not well qualified to help figure out what's wrong with your gpg when you finally used it correctly - but trying to import it with pacman-key is just completely wrong. Stop doing that.
FWIW, if your goal is to just ignore the key checks, the following is really not necessary:
As a quick fix just to get it installed, I removed the pgp info from PKGBUILD and updated .SRCINFO. Not marking as solved as this isn't a permanent solution.
Just use --skipinteg if you want to skip integrity checks.
Last edited by Trilby (2018-02-02 16:10:23)
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Online