You are not logged in.
Update of ArchLinux system (pacman -Su) fails due to invalid signatures (installed in VirtualBox http://scicomp.web.unc.edu/scicompunc/)
Example message:
error: icu: signature from "Andreas Radke <andyrtr@archlinux.org>" is invalid
:: File /var/cache/pacman/pkg/icu-67.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Similar messages for all packages.
Notes:
1. Have tried pacman -Sy archlinux-keyring && pacman -Su
2. Have tried pacman -Sy archlinux-keyring && pacman-key --populate archlinux
3. Time seems accurate but ntpd not active (cannot install it due to above PGP signature errors)
This is a system provided for students in scientific computation, but I'm not a SysAdmin expert. Help resolving the update issue is most appreciated.
Last edited by smit1208 (2020-10-14 16:16:33)
Offline
What is the output of
pacman-key --list-keys ADC8A1FCC15E01D45310419E94657AB20F2A092B
Offline
pacman-key --list-keys ADC8A1FCC15E01D45310419E94657AB20F2A092B
gpg: Note: trustdb not writable
pub rsa2048 2011-05-14 [SC]
ADC8A1FCC15E01D45310419E94657AB20F2A092B
uid [ full ] Andreas Radke <andyrtr@archlinux.org>
uid [marginal] Andreas Radke <andyrtr@mailbox.org>
uid [marginal] Andreas Radke <andreas.radke@mailbox.org>
sub rsa2048 2011-05-14 [E]
Last edited by smit1208 (2020-10-14 16:17:00)
Offline
https://wiki.archlinux.org/index.php/Pa … l_the_keys
I recently had this issue, it may be just as expedient to remove all the keys (/etc/pacman.d/gnupg) as per the above wiki section "Resetting all the keys", then re-init and populate the keys also in the instructions in that section.
However you could instead target the specific problematic keys.
Last edited by GeorgeRaven (2020-10-14 10:46:49)
Offline
Removing /etc/pacman.d/gnupg followed by re-init and populate does not solve the problem. After pacman -Su
:: Proceed with installation? [Y/n]
(1220/1220) checking keys in keyring [###############################################] 100%
(1220/1220) checking package integrity [###############################################] 100%
error: glibc: signature from "Bartlomiej Piotrowski <b@bpiotrowski.pl>" is invalid
:: File /var/cache/pacman/pkg/glibc-2.32-4-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: gcc-libs: signature from "Evangelos Foutras <evangelos@foutrelis.com>" is invalid
:: File /var/cache/pacman/pkg/gcc-libs-10.2.0-3-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
Last edited by smit1208 (2020-10-14 16:17:22)
Offline
Hmm then im not sure, in theory those should be fresh keys.
Outside of rebooting to ensure the system is in a good state, I dont know what to do outside of manually checking those invalid keys/ packages if they are indeed corrupt which I think will be unlikely but we may need to use y flag to refresh.
What is the result if you reboot and instead force a refresh and update with pacman -Syyuu ?
Offline
[Deleted]
Last edited by Mortimer Houghton (2020-10-14 12:40:32)
Offline
Upon reboot, key reinit, and pacman -Syyuu the behavior is the same, invalid PGP key.
If anyone has the time/inclination, the virtual machine is downloadable from http://scicomp.web.unc.edu/mathunc/. Thanks.
Offline
pacman-key --list-sigs Master
Offline
You either are actually getting corrupt packages, or you're running into a bug in VirtualBox on Windows.
Edit: For everyone trying to help, look at the actual error! This isn't unknown trust. This isn't missing keys.
Last edited by Scimmia (2020-10-14 14:05:43)
Offline
Indeed, but then the most likely reason is still that
3. Time seems accurate but ntpd not active (cannot install it due to above PGP signature errors)
"seems" is far too close to "should"
date --utc
stat /var/cache/pacman/pkg/glibc-2.32-4-x86_64.pkg.tar.zst
md5sum /var/cache/pacman/pkg/glibc-2.32-4-x86_64.pkg.tar.zst
Offline
pacman-key --list-sigs Master
gpg: Note: trustdb not writable
pub rsa2048 2020-03-05 [SC]
393A6C51E405F6D4E5F71DEA5542D4548F04E95E
uid [ultimate] Pacman Keyring Master Key <pacman@localhost>
sig 3 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
pub rsa4096 2011-11-29 [SC]
AB19265E5D7D20687D303246BA1DFB64FFF979E7
uid [ full ] Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>
sig 3 BA1DFB64FFF979E7 2011-11-29 Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>
sig F99FFE0FEAE999BD 2011-11-30 Allan McRae <me@allanmcrae.com>
sig 06096A6AD1CEDDAC 2011-11-30 Laurent Carlier <lordheavym@gmail.com>
sig L 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
pub rsa4096 2018-11-08 [SC]
D8AFDDA07A5B6EDFA7D8CCDAD6D055F927843F1C
uid [ full ] Levente Polyak (Arch Linux Master Key) <anthraxx@master-key.archlinux.org>
sig 3 D6D055F927843F1C 2018-11-08 Levente Polyak (Arch Linux Master Key) <anthraxx@master-key.archlinux.org>
sig 39E4B877E62EB915 2018-12-28 Sven-Hendrik Haase <svenstaro@gmail.com>
sig FC1B547C8D8172C8 2018-11-12 Levente Polyak (anthraxx) <levente@leventepolyak.net>
sig L 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
sub rsa4096 2018-11-08 [E]
sig D6D055F927843F1C 2018-11-08 Levente Polyak (Arch Linux Master Key) <anthraxx@master-key.archlinux.org>
sub rsa4096 2018-11-08 [A]
sig D6D055F927843F1C 2018-11-08 Levente Polyak (Arch Linux Master Key) <anthraxx@master-key.archlinux.org>
pub rsa4096 2017-05-15 [SC]
DDB867B92AA789C165EEFA799B729B06A680C281
uid [ full ] Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
sig 3 9B729B06A680C281 2017-05-15 Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
sig BBE43771487328A9 2017-05-15 Bartlomiej Piotrowski <b@bpiotrowski.pl>
sig L 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
sub rsa4096 2017-05-15 [E]
sig 9B729B06A680C281 2017-05-15 Bartłomiej Piotrowski (Arch Linux Master Key) <bpiotrowski@master-key.archlinux.org>
pub rsa4096 2015-12-17 [SC]
91FFE0700E80619CEB73235CA88E23E377514E00
uid [ full ] Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
sig 3 A88E23E377514E00 2015-12-17 Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
sig 6D1655C14CE1C13E 2015-12-17 Florian Pritz <bluewind@xinu.at>
sig L 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
sub rsa4096 2015-12-17 [E]
sig A88E23E377514E00 2015-12-17 Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>
pub rsa3072 2011-11-18 [SC]
0E8B644079F599DFC1DDC3973348882F6AC6A4C2
uid [ full ] Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>
sig 3 3348882F6AC6A4C2 2011-11-18 Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>
sig 7F2D434B9741E8AC 2011-11-18 Pierre Schmitz <pierre@archlinux.de>
sig L 5542D4548F04E95E 2020-03-05 Pacman Keyring Master Key <pacman@localhost>
sub rsa1024 2011-11-18 [E]
sig 3348882F6AC6A4C2 2011-11-18 Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>
sub rsa3072 2011-11-18 [A]
sig 3348882F6AC6A4C2 2011-11-18 Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>
pub rsa3072 2011-11-29 [SC] [revoked: 2011-11-29]
27FFC4769E19F096D41D9265A04F9397CDFD6BB0
rev A04F9397CDFD6BB0 2011-11-29 Dan McGee (Arch Linux Master Key) <dan@master-key.archlinux.org>
reason for revocation: No reason specified
revocation comment: Revocation certificate held by another developer
uid [ revoked] Dan McGee (Arch Linux Master Key) <dan@master-key.archlinux.org>
sig 3 A04F9397CDFD6BB0 2011-11-29 Dan McGee (Arch Linux Master Key) <dan@master-key.archlinux.org>
sig 5C2E46A0F53A76ED 2011-11-29 Dan McGee <dpmcgee@gmail.com>
sig 06096A6AD1CEDDAC 2011-11-30 Laurent Carlier <lordheavym@gmail.com>
pub rsa3072 2011-11-25 [SC] [revoked: 2011-11-25]
44D4A033AC140143927397D47EFD567D4C7EA887
rev 7EFD567D4C7EA887 2011-11-25 Ionut Biru (Arch Linux Master Key) <ionut@master-key.archlinux.org>
reason for revocation: No reason specified
revocation comment: Something bad happened
uid [ revoked] Ionut Biru (Arch Linux Master Key) <ionut@master-key.archlinux.org>
sig 3 7EFD567D4C7EA887 2011-11-25 Ionut Biru (Arch Linux Master Key) <ionut@master-key.archlinux.org>
sig E8F18BA1615137BC 2011-11-25 Ionut Biru <ibiru@archlinux.org>
pub rsa3072 2011-11-19 [SC] [revoked: 2011-11-20]
684148BB25B49E986A4944C55184252D824B18E8
rev 5184252D824B18E8 2011-11-20 Thomas Bächler (Arch Linux Master Key) <thomas@master-key.archlinux.org>
reason for revocation: No reason specified
revocation comment: Master Key revoked by Revocation Certificate holder Tobias Powalowski.
uid [ revoked] Thomas Bächler (Arch Linux Master Key) <thomas@master-key.archlinux.org>
sig 3 5184252D824B18E8 2011-11-19 Thomas Bächler (Arch Linux Master Key) <thomas@master-key.archlinux.org>
sig 284FC34C8E4B1A25 2011-11-19 Thomas Bächler <thomas@bchlr.de>
Last edited by smit1208 (2020-10-14 16:16:12)
Offline
sudo pacman -Sy firefox
:: Synchronizing package databases...
core is up to date
extra is up to date
community is up to date
multilib is up to date
resolving dependencies...
looking for conflicting packages...
Packages (1) firefox-81.0.2-1
Total Installed Size: 206.77 MiB
Net Upgrade Size: 20.00 MiB
:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [###############################################################] 100%
(1/1) checking package integrity [###############################################################] 100%
error: firefox: signature from "Jan Alexander Steffens (heftig) <heftig@archlinux.org>" is invalid
:: File /var/cache/pacman/pkg/firefox-81.0.2-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
@scicomp:~>date --utc
Wed 14 Oct 2020 03:45:36 PM UTC
@scicomp:~>stat /var/cache/pacman/pkg/firefox-81.0.2-1-x86_64.pkg.tar.zst
File: /var/cache/pacman/pkg/firefox-81.0.2-1-x86_64.pkg.tar.zst
Size: 60494828 Blocks: 118160 IO Block: 4096 regular file
Device: 803h/2051d Inode: 4325498 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-14 11:43:16.961151032 -0400
Modify: 2020-10-12 18:15:59.000000000 -0400
Change: 2020-10-14 11:43:16.791236033 -0400
Birth: 2020-10-14 11:43:14.972146035 -0400
@scicomp:~>md5sum /var/cache/pacman/pkg/firefox-81.0.2-1-x86_64.pkg.tar.zst
73cdbd9c943a17a996ebf3606536805a /var/cache/pacman/pkg/firefox-81.0.2-1-x86_64.pkg.tar.zst
Last edited by smit1208 (2020-10-14 16:15:50)
Offline
Please edit your posts and wrap the output in code tags, https://bbs.archlinux.org/help.php#bbcode
Dates and md5sum are ok, though.
Offline
Will do. Thanks.
Offline
I'm guessing you're on an old version of VirtualBox, right?
Offline
No, it's VirtualBox 6.1.14 r140239, most recent version.
Offline
Bad signature calculations has been in issue in VirtualBox since they released their hyper-v backend. A couple of people reported that it was fixed in 6.1.14, but maybe not completely.
Offline
Here are some things you can try out, e.g. changing clocksource, disable rdtscp, change gnupg hardware features, ...
https://bbs.archlinux.org/viewtopic.php … 3#p1923583
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
I encounter the same problem but outside of VBox
Offline
I was having this problem (virtualbox on windows) and I found upgrading to 6.1.16 fixed the issue.
Offline