You are not logged in.
when I download deepin and deepin-extra I get an error:
error: jxrlib: signature from "Filipe Lans (FFY00) <lains@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
How do I download Deepin?
Offline
What does `pacman-key --list-sigs FFY00` give you?
Offline
Just had the same problem myself while installing deepin in a VM. Seems like the maintainer's signature has expired or something and the package is currently orphaned.
This is my output of `pacman-key --list-sigs FFY00`:
gpg: Note: trustdb not writable
pub rsa4096 2018-04-18 [SC] [expires: 2023-04-17]
3DCE51D60930EBA47858BA4146F633CBB0EB4BF2
uid [ full ] Filipe Laíns (FFY00) <lains@archlinux.org>
sig 3348882F6AC6A4C2 2018-10-03 Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>
sig BA1DFB64FFF979E7 2018-08-08 Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>
sig 9B729B06A680C281 2018-07-31 Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
sig A88E23E377514E00 2018-07-28 Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
sig 3 46F633CBB0EB4BF2 2018-07-27 Filipe Laíns (FFY00) <lains@archlinux.org>
sig 6BC26A17B9B7018A 2019-10-05 Alad Wenter <alad@archlinux.org>
sig 06096A6AD1CEDDAC 2019-10-06 Laurent Carlier <lordheavym@gmail.com>
sig 12C87A28FEAC6B20 2019-10-07 Maxim Baz <pgp@maximbaz.com>
sig 6E80CA1446879D04 2019-10-07 Jonas Witschel <diabonas@gmx.de>
sig 3 786C63F330D7CB92 2019-10-06 Felix Yan <felixonmars@archlinux.org>
sig 7258734B41C31549 2019-10-05 David Runge <dvzrv@archlinux.org>
sig 89AA27231C530226 2019-10-10 Konstantin Gizdov <arch@kge.pw>
sig 3 8DBD63B82072D77A 2019-10-13 Sébastien Luttringer <seblu@seblu.net>
sig C91A9911192C187A 2019-11-14 Daurnimator <quae@daurnimator.com>
sig 9C02FF419FECBE16 2019-11-16 Morten Linderud <morten@linderud.pw>
uid [ full ] Filipe Laíns (FFY00) <lains@aurorafoss.org>
sig BA1DFB64FFF979E7 2018-08-08 Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>
sig 9B729B06A680C281 2018-07-31 Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
sig A88E23E377514E00 2018-07-28 Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
sig 3 46F633CBB0EB4BF2 2018-07-27 Filipe Laíns (FFY00) <lains@archlinux.org>
sig 6BC26A17B9B7018A 2019-10-05 Alad Wenter <alad@archlinux.org>
sig 06096A6AD1CEDDAC 2019-10-06 Laurent Carlier <lordheavym@gmail.com>
sig 12C87A28FEAC6B20 2019-10-07 Maxim Baz <pgp@maximbaz.com>
sig 6E80CA1446879D04 2019-10-07 Jonas Witschel <diabonas@gmx.de>
sig 3 786C63F330D7CB92 2019-10-06 Felix Yan <felixonmars@archlinux.org>
sig 89AA27231C530226 2019-10-10 Konstantin Gizdov <arch@kge.pw>
sig 3 8DBD63B82072D77A 2019-10-13 Sébastien Luttringer <seblu@seblu.net>
sig C91A9911192C187A 2019-11-14 Daurnimator <quae@daurnimator.com>
uid [ full ] Filipe Laíns (FFY00) <filipe.lains@gmail.com>
sig BA1DFB64FFF979E7 2018-08-08 Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>
sig 9B729B06A680C281 2018-07-31 Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
sig A88E23E377514E00 2018-07-28 Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
sig 3 46F633CBB0EB4BF2 2018-07-27 Filipe Laíns (FFY00) <lains@archlinux.org>
sig 6BC26A17B9B7018A 2019-10-05 Alad Wenter <alad@archlinux.org>
sig 06096A6AD1CEDDAC 2019-10-06 Laurent Carlier <lordheavym@gmail.com>
sig 3 786C63F330D7CB92 2019-10-06 Felix Yan <felixonmars@archlinux.org>
sig 89AA27231C530226 2019-10-10 Konstantin Gizdov <arch@kge.pw>
sig 12C87A28FEAC6B20 2019-10-07 Maxim Baz <pgp@maximbaz.com>
sig 6E80CA1446879D04 2019-10-07 Jonas Witschel <diabonas@gmx.de>
sig 3 8DBD63B82072D77A 2019-10-13 Sébastien Luttringer <seblu@seblu.net>
sig C91A9911192C187A 2019-11-14 Daurnimator <quae@daurnimator.com>
sig 9C02FF419FECBE16 2019-11-16 Morten Linderud <morten@linderud.pw>
sub rsa4096 2018-04-18 [E] [expires: 2023-04-17]
sig 46F633CBB0EB4BF2 2018-04-18 Filipe Laíns (FFY00) <lains@archlinux.org>
sub rsa4096 2019-10-13 [A] [expires: 2021-10-12]
sig 46F633CBB0EB4BF2 2019-10-13 Filipe Laíns (FFY00) <lains@archlinux.org>
Last edited by sadboi777 (2020-08-14 10:18:40)
Offline
sadboi777, you're getting the same error, that they key is unknown trust? The output you gave clearly shows that it's full trust.
And please use code tags.
Offline
sadboi777, you're getting the same error, that they key is unknown trust? The output you gave clearly shows that it's full trust.
And please use code tags.
Yes I'm getting the exact same error.
I even tried downloading it from another mirror, same error. Maybe it got corrupted somehow then? Should I file a bug report? How can I get the attention of the Arch devs on this? Deepin is a supported DE in the wiki and it depends on this package.
Last edited by sadboi777 (2020-08-14 11:26:49)
Offline
Unknown trust does not indicate a corrupted file, the issue is in your keyring. Looking at it, you're missing two subkeys, including the signing one needed for this package. I just checked to be sure, and it's in the current archlinux-keyring package. What version of that package do you have?
Offline
$ sudo pacman -Swdd --debug jxrlib
[...]
debug: found cached pkg: /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz
debug: found cached pkg: /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz.sig
checking keyring...
debug: found signature key: F893C674816AA95D
debug: looking up key F893C674816AA95D locally
debug: key lookup success, key exists
checking package integrity...
debug: found cached pkg: /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz
debug: sig data: iQIzBAABCAAdFiEE0jW0leqs33gyftiw+JPGdIFqqV0FAlt62xYACgkQ+JPGdIFqqV1OxQ//cBZDapwiS0jYyhNUQs6L88ZOucQ2iF0x3kyJKcitarJTpCaV+F8xYYaeB8LVDWPheg8oIVGcSbOP2n5ngcBKSB3/QBYA9AfKzKlFRXevipLXsP/yH5zM1S3a45NUzM5nKXmUaPXK9fcsg+J6JpD72eymxnCqRAj5L23z0Bmw6RYO+dpiaLUDFtrYq/7vkftTHU4WsBkyrYDKn/rolZZrTNQHkA3yBvixjZK6aveWVwWkv/si1PD54XGR14V5vb0QvJqNsO3hMD1VeCCVsc+VHPCC4lTrbFf3QcnUw+5ynT1+EKRQNV3yi4SQl7Vn+w580gVV4ZjbpGhAdE49FAwqbaQPbDhxlVIuQItVoaJ17spyiZld5NgGj/xNsa/Fd1vS+eJC2gleqwKY1VCDevRHEtNnO3kHOXNUbzbNaKcYDP8LLFfWUhWV7+h2J5WyXZVAiJIPbNlx0cHi9plIKZgPA4b+WfyHtJmY29KwfMAZi9MnDeftVyT01527a2KyQ6IuL5PIxqGf5t2uITiQFJascs3jxfF25aY80dYCKCcevR6/hTTqd1nkc6mlbtI9KEJi7MR9leGwTg4rAXUgeBlE3NyCL2k+0HqyoXJJ04xX67DbduBi3Gdoyjz6ruz0Gpy5IwnZryZp1nAc1jV0hJyDyICfoHy9KMbSHBksmqeiVGA=
debug: checking signature for /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz
debug: 1 signatures returned
debug: fingerprint: D235B495EAACDF78327ED8B0F893C674816AA95D
debug: summary: valid
debug: summary: green
debug: status: Success
debug: timestamp: 1534778134
debug: exp_timestamp: 0
debug: validity: full; reason: Success
debug: key: 3DCE51D60930EBA47858BA4146F633CBB0EB4BF2, Filipe Laíns (FFY00) <lains@archlinux.org>, owner_trust unknown, disabled 0
debug: signature is valid
debug: signature is fully trusted
[...]
Works for me.
$ pacman-key --verify /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz.sig
==> Checking /var/cache/pacman/pkg/jxrlib-0.2.1-3-x86_64.pkg.tar.xz.sig... (detached)
gpg: Signature made Mon 20 Aug 2018 11:15:34 AM EDT
gpg: using RSA key D235B495EAACDF78327ED8B0F893C674816AA95D
gpg: Note: trustdb not writable
gpg: Good signature from "Filipe Laíns (FFY00) <lains@archlinux.org>" [full]
gpg: aka "Filipe Laíns (FFY00) <lains@aurorafoss.org>" [full]
gpg: aka "Filipe Laíns (FFY00) <filipe.lains@gmail.com>" [full]
Managing AUR repos The Right Way -- aurpublish (now a standalone tool)
Offline
Unknown trust does not indicate a corrupted file, the issue is in your keyring. Looking at it, you're missing two subkeys, including the signing one needed for this package. I just checked to be sure, and it's in the current archlinux-keyring package. What version of that package do you have?
All my packages are up to date but yeah the problem was in keyring packaage I reintalled it by pacman -S and now it works fine. It must have been corrupted somehow. Thank you for your time guys. I have never seen this happen before.
Offline