You are not logged in.
When downloading Spotify using yay, I get the following error:
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... FAILED
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
-> error downloading sources: spotify
context: exit status 1
I've tried most of the solutions posted on https://aur.archlinux.org/packages/spotify, including importing a new GPG key, changing the sha512sums on the PKGBUILD file and deleting the yay and Pacman cache, all resulting in the same error once again.
Any help is highly appreciated.
Last edited by Daniel27110 (2022-05-06 02:33:42)
Offline
Is the error you posted the first one you got, or is that what you saw after editing the sha512sum line in the PKGBUILD? How did you edit the sha512sum (i.e., what did you replace it with).
The current checksum is valid. But you will need to import the relevant gpg key.
Please try building again just with makepkg, and post the complete command and output if there is an error.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
That was the first error I got, here is the complete output
[daniel@aspireone ~]$ yay -G spotify
:: (1/1) Downloaded PKGBUILD: spotify
[daniel@aspireone ~]$ cd spotify
[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:01:32)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Downloading spotify-1.1.84.716-x86_64.deb...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 534 100 534 0 0 1385 0 --:--:-- --:--:-- --:--:-- 1387
-> Downloading spotify-1.1.84.716-1-Release...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 479 100 479 0 0 10298 0 --:--:-- --:--:-- --:--:-- 10413
-> Downloading spotify-1.1.84.716-1-Release.sig...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 483 100 483 0 0 49752 0 --:--:-- --:--:-- --:--:-- 53666
-> Downloading spotify-1.1.84.716-1-x86_64-Packages...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 502 100 502 0 0 53885 0 --:--:-- --:--:-- --:--:-- 55777
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... FAILED
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
[daniel@aspireone spotify]$
Using yay then gives the same output, only that yay tries making the package again before failing.
[daniel@aspireone ~]$ yay -S spotify
:: There are 7 providers available for spotify:
:: Repository AUR
1) spotify 2) spotify-1.1.42-deb 3) spotify-dev 4) spotify-edge 5) spotify-legacy 6) spotify-snapstore 7) spotify094
Enter a number (default=1):
==>
:: Checking for conflicts...
:: Checking for inner conflicts...
[Aur:1] spotify-1:1.1.84.716-1
1 spotify (Build Files Exist)
==> Packages to cleanBuild?
==> [N]one [A]ll [Ab]ort [I]nstalled [No]tInstalled or (1 2 3, 1-3, ^4)
==>
:: PKGBUILD up to date, Skipping (1/0): spotify
:: (1/1) Parsing SRCINFO: spotify
1 spotify (Build Files Exist)
==> PKGBUILDs to edit?
==> [N]one [A]ll [Ab]ort [I]nstalled [No]tInstalled or (1 2 3, 1-3, ^4)
==>
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:04:54)
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Found spotify-1.1.84.716-x86_64.deb
-> Found spotify-1.1.84.716-1-Release
-> Found spotify-1.1.84.716-1-Release.sig
-> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... FAILED
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
-> error downloading sources: spotify
context: exit status 1
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:04:56)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Found spotify-1.1.84.716-x86_64.deb
-> Found spotify-1.1.84.716-1-Release
-> Found spotify-1.1.84.716-1-Release.sig
-> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... FAILED
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> ERROR: One or more files did not pass the validity check!
-> error making: spotify
[daniel@aspireone ~]$
A comment in the aur suggested changing the sha512sum to:
sha512sums=('999abe46766a4101e27477f5c9f69394a4bb5c097e2e048ec2c6cb93dfa1743eb436bde3768af6ba1b90eaac78ea8589d82e621f9cbe7d9ab3f41acee6e8ca20'
'2e16f7c7b09e9ecefaa11ab38eb7a792c62ae6f33d95ab1ff46d68995316324d8c5287b0d9ce142d1cf15158e61f594e930260abb8155467af8bc25779960615'
'SKIP'
'SKIP'
'SKIP'
'SKIP')
Essentially skipping the third checksum. Changing the sha512sum in this way results in the following output:
[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 16:14:25)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Found spotify-1.1.84.716-x86_64.deb
-> Found spotify-1.1.84.716-1-Release
-> Found spotify-1.1.84.716-1-Release.sig
-> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... Skipped
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
spotify-1.1.84.716-1-Release ... FAILED
==> ERROR: One or more PGP signatures could not be verified!
[daniel@aspireone spotify]$
Which makes me believe the sha512sum is not the problem and the current chechsum is currently up-to-date.
Lastly, the pinned comment suggests importing a new gpg using
curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
which results in the same output as the first, probably since the gpg wouldn't change
[daniel@aspireone spotify]$ curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
gpg: key 5E3C45D7B312C643: "Spotify Public Repository Signing Key <tux@spotify.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
So maybe the suggested gpg is outdated.
Thank you for your reply.
Last edited by Daniel27110 (2022-05-05 21:33:34)
Offline
I could not reproduce the issue:
$ git clone https://aur.archlinux.org/spotify.git
Cloning into 'spotify'...
remote: Enumerating objects: 409, done.
remote: Counting objects: 100% (409/409), done.
remote: Compressing objects: 100% (258/258), done.
remote: Total 409 (delta 150), reused 405 (delta 148), pack-reused 0
Receiving objects: 100% (409/409), 175.70 KiB | 1.50 MiB/s, done.
Resolving deltas: 100% (150/150), done.
$ cd spotify/
$ makepkg --verifysource
==> Making package: spotify 1:1.1.84.716-1 (Thu 05 May 2022 21:52:00 UTC)
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Downloading spotify-1.1.84.716-x86_64.deb...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 114M 100 114M 0 0 12.8M 0 0:00:08 0:00:08 --:--:-- 13.1M
-> Downloading spotify-1.1.84.716-1-Release...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2447 100 2447 0 0 13521 0 --:--:-- --:--:-- --:--:-- 13594
-> Downloading spotify-1.1.84.716-1-Release.sig...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 833 100 833 0 0 13904 0 --:--:-- --:--:-- --:--:-- 14118
-> Downloading spotify-1.1.84.716-1-x86_64-Packages...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1220 100 1220 0 0 15076 0 --:--:-- --:--:-- --:--:-- 15250
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... Passed
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
spotify-1.1.84.716-1-Release ... FAILED (unknown public key 5E3C45D7B312C643)
==> ERROR: One or more PGP signatures could not be verified!
$ curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
gpg: key 5E3C45D7B312C643: public key "Spotify Public Repository Signing Key <tux@spotify.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
$ makepkg --verifysource
==> Making package: spotify 1:1.1.84.716-1 (Thu 05 May 2022 21:52:36 UTC)
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Found spotify-1.1.84.716-x86_64.deb
-> Found spotify-1.1.84.716-1-Release
-> Found spotify-1.1.84.716-1-Release.sig
-> Found spotify-1.1.84.716-1-x86_64-Packages
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... Passed
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
spotify-1.1.84.716-1-Release ... Passed
$ git rev-parse HEAD
2adc25a348846328c62b38e2d400c59b8823dfde
Last edited by loqs (2022-05-05 21:57:54)
Offline
which results in the same output as the first, probably since the gpg wouldn't change
If it's the same output as the first, then the gpg is not likely the issue (anymore).
You are facing two issues, one is the checksum of the download not matching which I was not able to replicate and it appears loqs can't either. The checksum listed in the PKBUILD is valid, but somehow you are getting a corrupted download.
The second issue is that the gpg key will still be required even once you have a valid download. But as you have already run the command to fix that issue, this part should be fine once you get to it.
So the question is how / why you are getting an invalid download. Please post the output of the following after a failed attempt:
sha512sum spotify-1.1.84.716-x86_64.deb
ls -l spotify-1.1.84.716-x86_64.deb
file spotify-1.1.84.716-x86_64.deb
EDIT: that PKGBUILD does some very suspicous looking (or at very least very poorly coded) things in the prepare function - but right now that's not relevant as the prepare function doesn't run until makepkg has validated the sources.
Last edited by Trilby (2022-05-06 01:17:46)
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
After a reboot, while trying to get the output for sha512sum spotify-1.1.84.716-x86_64.deb, the installation actually worked... for some reason. I've been trying to install this package throughout the week, so the issue was probably in some outdated package which update was only applied after reboot.
Thank you all for your help, I'll now mark the issue as solved
Complete build output:
[daniel@aspireone ~]$ yay -G spotify
:: (1/1) Downloaded PKGBUILD: spotify
[daniel@aspireone ~]$ cd spotify
[daniel@aspireone spotify]$ makepkg -si
==> Making package: spotify 1:1.1.84.716-1 (jue 05 may 2022 21:08:29)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found spotify.protocol
-> Found LICENSE
-> Downloading spotify-1.1.84.716-x86_64.deb...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:- 0 114M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:- 3 114M 3 3742k 0 0 2711k 0 0:00:43 0:00:01 0:00:4 11 114M 11 13.0M 0 0 5651k 0 0:00:20 0:00:02 0:00:1 19 114M 19 22.1M 0 0 6781k 0 0:00:17 0:00:03 0:00:1 26 114M 26 30.1M 0 0 6915k 0 0:00:16 0:00:04 0:00:1 32 114M 32 36.8M 0 0 6988k 0 0:00:16 0:00:05 0:00:1 39 114M 39 45.3M 0 0 7237k 0 0:00:16 0:00:06 0:00:1 47 114M 47 54.3M 0 0 7538k 0 0:00:15 0:00:07 0:00:0 54 114M 54 62.6M 0 0 7647k 0 0:00:15 0:00:08 0:00:0 61 114M 61 70.2M 0 0 7688k 0 0:00:15 0:00:09 0:00:0 68 114M 68 77.8M 0 0 7702k 0 0:00:15 0:00:10 0:00:0 76 114M 76 87.3M 0 0 7879k 0 0:00:14 0:00:11 0:00:0 83 114M 83 94.9M 0 0 7850k 0 0:00:14 0:00:12 0:00:0 89 114M 89 101M 0 0 7811k 0 0:00:14 0:00:13 0:00:0 96 114M 96 110M 0 0 7836k 0 0:00:14 0:00:14 --:--:-100 114M 100 114M 0 0 7924k 0 0:00:14 0:00:14 --:--:-- 8447k
-> Downloading spotify-1.1.84.716-1-Release...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 2447 100 2447 0 0 4905 0 --:--:-- --:--:-- --:--:-100 2447 100 2447 0 0 4898 0 --:--:-- --:--:-- --:--:-- 4894
-> Downloading spotify-1.1.84.716-1-Release.sig...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 833 100 833 0 0 1539 0 --:--:-- --:--:-- --:--:-- 1542
-> Downloading spotify-1.1.84.716-1-x86_64-Packages...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-100 1220 100 1220 0 0 2190 0 --:--:-- --:--:-- --:--:-100 1220 100 1220 0 0 2184 0 --:--:-- --:--:-- --:--:-- 2182
==> Validating source files with sha512sums...
spotify.protocol ... Passed
LICENSE ... Passed
spotify-1.1.84.716-x86_64.deb ... Passed
spotify-1.1.84.716-1-Release ... Skipped
spotify-1.1.84.716-1-Release.sig ... Skipped
spotify-1.1.84.716-1-x86_64-Packages ... Skipped
==> Verifying source file signatures with gpg...
spotify-1.1.84.716-1-Release ... Passed
==> Extracting sources...
-> Extracting spotify-1.1.84.716-x86_64.deb with bsdtar
==> Starting prepare()...
spotify-1.1.84.716-1-x86_64-Packages: OK
spotify-1.1.84.716-x86_64.deb: OK
==> Entering fakeroot environment...
==> Starting package()...
==> Tidying install...
-> Removing libtool files...
-> Purging unwanted files...
-> Removing static library files...
-> Compressing man and info pages...
==> Checking for packaging issues...
==> Creating package "spotify"...
-> Generating .PKGINFO file...
-> Generating .BUILDINFO file...
-> Generating .MTREE file...
-> Compressing package...
==> Leaving fakeroot environment.
==> Finished making: spotify 1:1.1.84.716-1 (jue 05 may 2022 21:09:28)
==> Installing package spotify with pacman -U...
[sudo] password for daniel:
loading packages...
resolving dependencies...
looking for conflicting packages...
Packages (1) spotify-1:1.1.84.716-1
Total Installed Size: 284,98 MiB
:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [#############] 100%
(1/1) checking package integrity [#############] 100%
(1/1) loading package files [#############] 100%
(1/1) checking for file conflicts [#############] 100%
:: Processing package changes...
(1/1) installing spotify [#############] 100%
Optional dependencies for spotify
ffmpeg-compat-57: Adds support for playback of local files
zenity: Adds support for importing local files
libnotify: Desktop notifications [installed]
:: Running post-transaction hooks...
(1/3) Arming ConditionNeedsUpdate...
(2/3) Updating icon theme caches...
(3/3) Updating the desktop file MIME type cache...
[daniel@aspireone spotify]$
Offline