You are not logged in.

#1 2019-10-25 13:33:17

titaniumbones
Member
Registered: 2013-12-20
Posts: 52

AUR package installs hang on gpg error

I'm currently unable to install anything from the AUR because every invocation of gpg --list-keys hangs with:

gpg: key 38DBBDC86092693E: no user ID for key signature packet of class 11

Any idea how I should fix this issue? I recognize this could be a problem I've caused in GPG, but I can't even figure out how to locate the faulty key or how to sign it.  Thanks!

Offline

#2 2019-10-25 23:08:48

loqs
Member
Registered: 2014-03-06
Posts: 17,196

Re: AUR package installs hang on gpg error

What is the output of

pacman -Qi gpg

Edit:
Also please post the command you are running with its full output.
The output you posted I would expect from `gpg --recv-keys` not `gpg --lists-keys`.

Last edited by loqs (2019-10-25 23:13:46)

Offline

#3 2019-10-26 11:09:40

titaniumbones
Member
Registered: 2013-12-20
Posts: 52

Re: AUR package installs hang on gpg error

The problem was a poisoned key in my keyring. I used the solution posted here to identify it:

https://dev.gnupg.org/T3972#127356

and then followed instructions from here to mitigate the problem:

https://tech.michaelaltfield.net/2019/0 … tificates/

GPG is (mostly) working now and I seem to be able to install just about everything.

Offline

#4 2019-10-26 11:49:54

loqs
Member
Registered: 2014-03-06
Posts: 17,196

Re: AUR package installs hang on gpg error

I asked for version of gnupg your system was using as the current version of gnupg arch provides already has mitigation built in see https://bbs.archlinux.org/viewtopic.php … 1#p1868451

Offline

#5 2019-10-26 12:04:00

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: AUR package installs hang on gpg error

loqs wrote:

I asked for version of gnupg your system was using as the current version of gnupg arch provides already has mitigation built in see https://bbs.archlinux.org/viewtopic.php … 1#p1868451

I believe that mitigation is to prevent importing poisoned keys. I don't know if it will help if the keyring already contains such a key.


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#6 2019-10-26 12:10:19

loqs
Member
Registered: 2014-03-06
Posts: 17,196

Re: AUR package installs hang on gpg error

The update with the mitigation was pushed four months ago so I was working on the assumption quite possibly wrongly that the issue has occurred recently and with the current version of gnupg.
Edit:
Also has gnupg been updated to work with UID less keys which keys.openpgp.org may provide?

Last edited by loqs (2019-10-26 12:12:33)

Offline

#7 2019-10-26 13:20:55

2ManyDogs
Forum Moderator
Registered: 2012-01-15
Posts: 4,645

Re: AUR package installs hang on gpg error

Moving to AUR issues.


How to post. A sincere effort to use modest and proper language and grammar is a sign of respect toward the community.

Offline

#8 2019-10-26 13:59:59

titaniumbones
Member
Registered: 2013-12-20
Posts: 52

Re: AUR package installs hang on gpg error

Thanks everyone and srry @loqs that I didn't answer your question properly -- I had just finished the update when I saw your post, so I wasn't sure how to tell you what the version *had  been*. I just realized I could check the pacman log, which shows me that gnupg was upgraded on July 30:

2092381:[2019-07-30 13:14] [ALPM] upgraded gnupg (2.2.16-1 -> 2.2.17-2)

I guess I must have ingested the poisoned key before then, and somehow been able to upgrade from the package repositories, as I'be been doing regular pacman -Syus; but some how the AUR wasn't working. And a bunch of other stuff was broken as well, so it's  nice to have this out of hte way...

Offline

#9 2019-10-26 18:19:43

loqs
Member
Registered: 2014-03-06
Posts: 17,196

Re: AUR package installs hang on gpg error

pacman has a variable GPGDir default /etc/pacman.d/gnupg/ to locate its gpg settings meaning it has a separate keyring to that used by your user.

Offline

#10 2019-10-26 18:23:44

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: AUR package installs hang on gpg error

loqs wrote:

Edit:
Also has gnupg been updated to work with UID less keys which keys.openpgp.org may provide?

I do not believe so.  https://dev.gnupg.org/T4393


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

Board footer

Powered by FluxBB