You are not logged in.
When doing my package upgrades today, I had to import a new key. During this import, free() apparently got passed an invalid pointer resulting in the error message
free(): invalid pointer
and pacman exiting without removing db.lck.
On subsequent updates, I was told that the key that failed is not trusted and that the packages signed with this key are corrupted.
Looking around on the Arch wiki, I found the advice to remove /etc/pacman.d/gnupg and re-initialize the keyring.
When doing so, however, I am faced with the same free() error again.
Any advice on how I can get keys working again?
Last edited by vdrummer (2021-06-21 06:28:25)
Offline
Please paste the output of `pacman -Syu --debug`
Offline
The last few lines which are most likely relevant:
downloading required keys...
:: Import PGP key 24E4CDB0013C2580, "Jaroslav Lichtblau <svetlemodry@archlinux.org>"? [Y/n]
debug: looking up key svetlemodry@archlinux.org using WKD
:: Import PGP key EA4F7B321A906AD9, "Daniel M. Capella <polyzen@archlinux.org>"? [Y/n]
debug: looking up key polyzen@archlinux.org using WKD
:: Import PGP key E0959FEA8B550539, "George Rawlinson <grawlinson@archlinux.org>"? [Y/n]
debug: looking up key grawlinson@archlinux.org using WKD
debug: gpg error: End of file
debug: looking up key E0959FEA8B550539 remotely
debug: key "George Rawlinson <george@rawlinson.net.nz>" on keyserver
debug: importing key
free(): invalid pointer
If you need more, let me know. I didn't want to post 12.000 lines of log output.
-------
Edit: Related to the failed key:
debug: found signature key: E0959FEA8B550539
debug: looking up key E0959FEA8B550539 locally
debug: key lookup failed, unknown key
Last edited by vdrummer (2021-06-20 07:59:51)
Offline
I have a similar problem; `pacman -Syu` told me to import new key from George Rawlinson, but then designated my packages as corrupt, and now I cannot update anything. I am afraid to reboot my machine I did not get any `free()` errors, however.
Here is the messages I get:
...
:: Proceed with installation? [Y/n] Y
(36/36) checking keys in keyring [######################] 100%
(36/36) checking package integrity [######################] 100%
error: libzen: signature from "George Rawlinson <george@rawlinson.net.nz>" is unknown trust
:: File /var/cache/pacman/pkg/libzen-0.4.39-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
....
and so on.
**EDIT** I tried doing
sudo pacman-key --refresh-keys
which resulted in hundreds of gpg errors incuding "no data", "general error" "no route to host" an many more. Eventually it completed, but when I ran pacman -Syu again, the packages still appear corrupted.
I finally fixed the error by first updating the keyring with pacman -S archlinux-keyring and then doing the general update.
Last edited by ykonstant (2021-06-20 15:49:55)
Offline
I tried doing
sudo pacman-key --refresh-keys
which resulted in hundreds of gpg errors incuding "no data", "general error" "no route to host" an many more. Eventually it completed, but when I ran pacman -Syu again, the packages still appear corrupted sad
Same here. This is not normal.
Edit. Ah. Of course
pacman -S archlinux-keyring
helped. ykonstant said it right above.
Last edited by Herr_Irrtum (2021-06-20 15:56:36)
Offline
pacman 6.0.0-3 (since ten days ago) includes a backported patch to fix this segfault.
You may hit this error if you try to pacman -Syu and in the same transaction providing pacman itself, you *also* get a package that tries to import keys. It will depend on how frequently you updated, as the new keyring (and George Rawlinson's key) landed in the repos 6 days after pacman did. Unfortunately, many people update at a fairly reasonable pace of once a week, which is 7 days not 6...
Managing AUR repos The Right Way -- aurpublish (now a standalone tool)
Offline
pacman -S archlinux-keyring
did the trick. Thanks everyone! Marking as solved.
Offline
Thank you, helped me as well.
Perhaps this is a newbie question, but should something about this be posted in the Arch news feed? I usually check that on the homepage before doing updates, as recommended in the wiki.
Offline
Thank you, helped me as well.
Perhaps this is a newbie question, but should something about this be posted in the Arch news feed? I usually check that on the homepage before doing updates, as recommended in the wiki.
pacman -S archlinux-keyring also fixed it for me
I also agree that maybe this should be in the news feed, although I did find this post pretty easily from a google search so /shrug
And the worldly life is not but amusement and diversion; but the home of the Hereafter is best for those who fear Allah, so will you not reason? {6:32}
Offline
The default key server used ( hkps://hkps.pool.sks-keyservers.net ) seems to be broken. I can't even resolve the address. Is there another address that can be used?
Offline
The default key server used ( hkps://hkps.pool.sks-keyservers.net ) seems to be broken. I can't even resolve the address. Is there another address that can be used?
https://bugs.archlinux.org/task/71078
Last edited by progandy (2021-06-22 06:39:29)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
This service is deprecated. This means it is no longer maintained, and new HKPS certificates will not be issued. Service reliability should not be expected.
Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all.
https://wiki.archlinux.org/title/Pacman … _keyserver
Edit: grrrr… ;-)
Last edited by seth (2021-06-22 06:46:30)
Online