You are not logged in.
edit:
SOLVED
the issue seemed to be with the archzfs repository I have added to my pacman.conf.
Removing, updating and re-adding the repository and signatures resolved the issue.
Further detail at the end of my final post below
_________________________________________________________________________________________
When I try to update my system it fails:
error: aom: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/aom-3.8.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: npm: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/npm-10.2.5-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: ostree: signature from "David Runge <dvzrv@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/ostree-2023.8-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: postgresql-libs: signature from "Evangelos Foutras <evangelos@foutrelis.com>" is unknown trust
:: File /var/cache/pacman/pkg/postgresql-libs-16.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: python-setuptools: signature from "Felix Yan <felixonmars@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/python-setuptools-1:68.2.2-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: scrcpy: signature from "Alexander F. Rødseth <xyproto@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/scrcpy-2.3.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: signal-desktop: signature from "kpcyrd <git@rxv.cc>" is unknown trust
:: File /var/cache/pacman/pkg/signal-desktop-6.41.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.I have tried reinstalling the archlinux-keyring, which fails like above.
I have tried installing gnupg manually by downloading from here and installing locally and then restarting with
gpgconf --kill alland I have tried refreshing the keys with
sudo pacman-key --refresh-keysAt one point, I got an error saying
gpg: WARNING: server 'gpg-agent' is older than us (2.2.41 < 2.4.3) which is likely a factor, but I do not know how to resolve that.
Any help would be greatly appreciated.
Last edited by DrLucky (2023-12-07 16:47:05)
Offline
Did you try https://wiki.archlinux.org/title/Pacman … _regularly ?
Offline
Did you try https://wiki.archlinux.org/title/Pacman … _regularly ?
Yes, I get a similar 'invalid or corrupted package PGP signature' error:
❯ sudo pacman -Sy archlinux-keyring && sudo pacman -Su
:: Synchronizing package databases...
core 129.4 KiB 286 KiB/s 00:00 [------------------------------------------] 100%
extra 8.2 MiB 10.5 MiB/s 00:01 [------------------------------------------] 100%
community is up to date
archzfs is up to date
warning: archlinux-keyring-20231130-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Package (1) Old Version New Version Net Change Download Size
core/archlinux-keyring 20231130-1 20231130-1 0.00 MiB 1.15 MiB
Total Download Size: 1.15 MiB
Total Installed Size: 1.64 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
:: Retrieving packages...
archlinux-keyring-20231130-1-any 1178.0 KiB 2010 KiB/s 00:01 [------------------------------------------] 100%
(1/1) checking keys in keyring [------------------------------------------] 100%
(1/1) checking package integrity [------------------------------------------] 100%
error: archlinux-keyring: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20231130-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.And following section 4.1 seems sucessful until I try a pacman -Syu at the end of the process:
❯ sudo hwclock -w
❯ sudo pacman -Scc
Cache directory: /var/cache/pacman/pkg/
:: Do you want to remove ALL files from cache? [y/N] y
removing all files from cache...
Database directory: /var/lib/pacman/
:: Do you want to remove unused repositories? [Y/n] y
removing unused sync repositories...
❯ sudo rm -r /etc/pacman.d/gnupg
❯ sudo pacman-key --init
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/F079FE5AFF84CB8A6117A68EE36CD6E17C7E6E52.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
❯ sudo pacman-key --populate
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signed 6 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
-> Disabled 41 keys.
==> Updating trust database...
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: (use option "--allow-weak-key-signatures" to override)
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 6 signed: 97 trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2 valid: 75 signed: 21 trust: 75-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2023-12-31
❯ sudo pacman -Syu
error: archzfs: key "DDF7DB817396A49B2A2723F7403BD972F75D9D76" is unknown
:: Import PGP key DDF7DB817396A49B2A2723F7403BD972F75D9D76? [Y/n] y
error: archzfs: signature from "ArchZFS Bot <buildbot@archzfs.com>" is unknown trust
:: Synchronizing package databases...
core is up to date
extra is up to date
community is up to date
archzfs 14.9 KiB 21.9 KiB/s 00:01 [------------------------------------------] 100%
error: archzfs: signature from "ArchZFS Bot <buildbot@archzfs.com>" is unknown trust
error: failed to synchronize all databases (invalid or corrupted database (PGP signature))Last edited by DrLucky (2023-12-07 16:28:52)
Offline
I commented out the archzfs repository from pacman.conf and am now able to update successfully with no errors.
Adding the repo back in:
...
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
...and re-running a simple pacman -Syyy, the errors return:
error: archzfs: signature from "ArchZFS Bot <buildbot@archzfs.com>" is unknown trust
:: Synchronizing package databases...
core 129.4 KiB 271 KiB/s 00:00 [-------------------------------------------------------------------] 100%
extra 8.2 MiB 9.22 MiB/s 00:01 [-------------------------------------------------------------------] 100%
community 45.0 B 127 B/s 00:00 [-------------------------------------------------------------------] 100%
archzfs 14.9 KiB 24.5 KiB/s 00:01 [-------------------------------------------------------------------] 100%
error: archzfs: signature from "ArchZFS Bot <buildbot@archzfs.com>" is unknown trust
error: failed to synchronize all databases (invalid or corrupted database (PGP signature)) I̶s̶ ̶t̶h̶i̶s̶ ̶a̶n̶ ̶i̶s̶s̶u̶e̶ ̶o̶n̶ ̶a̶r̶c̶h̶z̶f̶s̶'̶s̶ ̶s̶i̶d̶e̶ ̶o̶r̶ ̶a̶n̶ ̶i̶s̶s̶u̶e̶ ̶w̶i̶t̶h̶ ̶m̶y̶ ̶s̶y̶s̶t̶e̶m̶?̶
edit: SOLVED
I removed the archzfs repository from pacman.conf again, and reinstalled archlinux-keyring
I then re-added the repository via these instructions on the archzfs github
https://github.com/archzfs/archzfs/wiki
which has resolved the issue.
Last edited by DrLucky (2023-12-07 16:45:17)
Offline