You are not logged in.

Pages: 1

#1 2025-09-05 01:04:57

leyendecker
Member
Registered: 2025-09-01
Posts: 9

[SOLVED] Pacman installing AUR builds causes corrupted package errors

For a bit there, makepkg was also failing its validity checks, but then:

$ git pull
$ makepkg -g
$ updpkgsums
$ makepkg

resolved that particular issue and the AUR packages in question were all successfully built.

But upon calling

# pacman -U insert_package_name.pkg.tar.zst
error: 'insert_package_name.pkg.tar.zst': invalid or corrupted package (PGP signature)

results.

I've tried deleting the Gnupg cache, re-initializing with pacman-key, re-syncing the archlinux-keyring, and refreshing with pacman-key. Which is all to say I tried the solutions of whomever and however many times this has occurred in the past per some search results, but all to no avail.

Also, while troubleshooting, I noticed my other computer's time was off by about one second; unsure if that's the difference in wherever a Windows 10 machine would sync its RTC vs. where Arch would with its server, or if there's a problem with systemd-timesyncd, or something else causing the time to be desynced enough to cause all those types of PGP problems.

It says NTP is up, though.

$ timedatectl
               Local time: Thu 2025-09-04 21:43:29 ADT
           Universal time: Fri 2025-09-05 00:43:29 UTC
                 RTC time: Fri 2025-09-05 00:43:29
                Time zone: Canada/Atlantic (ADT, -0300)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

The suspicion now is that there's some conflicting .conf somewhere between the global settings in /etc and the per-user settings.

But which config files should I go about checking, and what would be the best way to post their contents to the forum if my version of Vim doesn't have access to the system clipboard?

Should I drill in on makepkg.conf alone, or is there something else I'm blanking on? Because there wasn't anything that seemed too egregious in there. I could be totally off-base though, stranger things have happened.

It's a problem with all the AUR packages I have built, and nothing comparable stuck out on each respective package's comment thread, which is why I figure it's an issue with my system alone if it's afflicting every one of them.

Thanks in advance!

Last edited by leyendecker (2025-09-08 13:41:38)

Offline

#2 2025-09-05 01:35:55

Scimmia
Fellow
Registered: 2012-09-01
Posts: 13,148

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

Arch's pacman defaults to 'LocalFileSigLevel = Optional'. You must have changed this to require signatures for local files, and since you're not signing your local builds, the lack of a sig means failure.

Last edited by Scimmia (2025-09-05 01:36:20)

Online

#3 2025-09-06 03:12:35

leyendecker
Member
Registered: 2025-09-01
Posts: 9

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

Scimmia wrote:

Arch's pacman defaults to 'LocalFileSigLevel = Optional'. You must have changed this to require signatures for local files, and since you're not signing your local builds, the lack of a sig means failure.

I didn't change it, I swear! Haha
Not intentionally, anyway.

Sure enough:

/etc/pacman.conf
. . . 
SigLevel    = Required DatabaseOptional
LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required

Apparently, SigLevel overrides LocalFileSigLevel? The man pages state it uses SigLevel as its default. But speaking of which, pacman.conf(5) claims:

 SigLevel = Optional TrustedOnly

is the built-in default. Dunno what the implication for SigLevel and LocalFileSigLevel settings is, then.

I changed SigLevel to reflect that last value, but the error persists. I'm open to anymore ideas before I go digging around in pacman.d tomorrow morning, though.

Offline

#4 2025-09-06 09:58:05

Lone_Wolf
Administrator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 14,370

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

SigLevel    = Required DatabaseOptional

archlinux default is not the same as upstream default, the arch default pacman.conf can be found at https://gitlab.archlinux.org/archlinux/ … acman.conf .

This may be a permission error with the download user, try commenting the line that starts with DownloadUser .

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building not flexible enough ?
Try clean chroot manager by graysky

Offline

#5 2025-09-06 13:26:40

loqs
Member
Registered: 2014-03-06
Posts: 18,645

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

Please run the failing pacman command with the --debug option added and post the output.

Offline

#6 2025-09-08 02:38:12

leyendecker
Member
Registered: 2025-09-01
Posts: 9

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

Lone_Wolf wrote:
SigLevel    = Required DatabaseOptional

archlinux default is not the same as upstream default, the arch default pacman.conf can be found at https://gitlab.archlinux.org/archlinux/ … acman.conf .

This may be a permission error with the download user, try commenting the line that starts with DownloadUser .

Worth a shot, but the error persisted, so I uncommented it again.

loqs wrote:

Please run the failing pacman command with the --debug option added and post the output.

Dunno how I always forget debug flags, seems like the first order of business, thank you. And damn, I think I forgot to do something important with my PGP key after I renewed it a few months back,
it was set to expire in May:

# pacman -U librewolf-bin-1:142.0.1_1-1-x86_64.pkg.tar.zst --debug
debug: pacman v7.0.0 - libalpm v15.0.0
debug: config: new section 'options'
debug: config: HoldPkg: pacman
debug: config: HoldPkg: glibc
debug: config: Architecture: auto
debug: config: arch: x86_64
debug: config: NoExtract: etc/pacman.d/mirrorlist
debug: config: SigLevel: Required
debug: config: SigLevel: DatabaseOptional
debug: config: LocalFileSigLevel: Optional
debug: config: new section 'core'
debug: config file /etc/pacman.conf, line 78: including /etc/pacman.d/mirrorlist
debug: config: new section 'extra'
debug: config file /etc/pacman.conf, line 84: including /etc/pacman.d/mirrorlist
debug: config: finished parsing /etc/pacman.conf
debug: setup_libalpm called
debug: option 'logfile' = /var/log/pacman.log
debug: option 'gpgdir' = /etc/pacman.d/gnupg/
debug: option 'hookdir' = /etc/pacman.d/hooks/
debug: option 'cachedir' = /var/cache/pacman/pkg/
debug: registering sync database 'core'
debug: database path for tree core set to /var/lib/pacman/sync/core.db
debug: "/var/lib/pacman/sync/core.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/core.db.sig could not be opened
debug: got error 43 at _alpm_gpgme_checksig (../lib/libalpm/signing.c: 599) : missing PGP signature
debug: missing optional signature
debug: setting usage of 15 for core repository
debug: adding new server URL to database 'core': https://london.mirror.pkgbuild.com/core/os/x86_64
debug: adding new server URL to database 'core': https://losangeles.mirror.pkgbuild.com/core/os/x86_64
debug: adding new server URL to database 'core': https://taipei.mirror.pkgbuild.com/core/os/x86_64
debug: adding new server URL to database 'core': https://mirror.ubrco.de/archlinux/core/os/x86_64
debug: adding new server URL to database 'core': https://mirror.lcarilla.de/archlinux/core/os/x86_64
debug: registering sync database 'extra'
debug: database path for tree extra set to /var/lib/pacman/sync/extra.db
debug: "/var/lib/pacman/sync/extra.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/extra.db.sig could not be opened
debug: got error 43 at _alpm_gpgme_checksig (../lib/libalpm/signing.c: 599) : missing PGP signature
debug: missing optional signature
debug: setting usage of 15 for extra repository
debug: adding new server URL to database 'extra': https://london.mirror.pkgbuild.com/extra/os/x86_64
debug: adding new server URL to database 'extra': https://losangeles.mirror.pkgbuild.com/extra/os/x86_64
debug: adding new server URL to database 'extra': https://taipei.mirror.pkgbuild.com/extra/os/x86_64
debug: adding new server URL to database 'extra': https://mirror.ubrco.de/archlinux/extra/os/x86_64
debug: adding new server URL to database 'extra': https://mirror.lcarilla.de/archlinux/extra/os/x86_64
debug: option 'sandboxuser' = (null)
loading packages...
debug: GPGME version: 2.0.0
debug: GPGME engine info: file=/usr/bin/gpg, home=/etc/pacman.d/gnupg/
debug: looking up key 5990A09864D768FE locally
debug: key lookup success, key exists
debug: sig data: <from .sig>
debug: checking signature for librewolf-bin-1:142.0.1_1-1-x86_64.pkg.tar.zst
debug: 1 signatures returned
debug: fingerprint: 6644E295155D0D5343F51B805990A09864D768FE
debug: summary: (empty)
debug: status: Success
debug: timestamp: 1757030115
debug: exp_timestamp: 0
debug: validity: unknown; reason: Success
debug: key: 6644E295155D0D5343F51B805990A09864D768FE, *insert_my_name* <my_names@address.com>, owner_trust unknown, disabled 0
debug: signature is valid
debug: signature is unknown trust
error: 'librewolf-bin-1:142.0.1_1-1-x86_64.pkg.tar.zst': invalid or corrupted package (PGP signature)
debug: unregistering database 'local'
debug: unregistering database 'core'
debug: unregistering database 'extra'

Or is it moreso that error 43 when alpm can't find the PGP sig?

Offline

#7 2025-09-08 04:46:47

GerBra
Forum Fellow
From: Bingen/Germany
Registered: 2007-05-10
Posts: 239

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

I think I forgot to do something important with my PGP key after I renewed it a few months back

If you locally sign your AUR builded packages with your own key (6644E295155D0D5343F51B805990A09864D768FE belongs to a owner "Tonebone Malone", is this your local pgp key?) then you must add this key to the pacman keyring and mark it as a trusted key.
See: https://wiki.archlinux.org/title/Pacman … icial_keys

Last edited by GerBra (2025-09-08 04:47:59)

Offline

#8 2025-09-08 13:39:56

leyendecker
Member
Registered: 2025-09-01
Posts: 9

Re: [SOLVED] Pacman installing AUR builds causes corrupted package errors

GerBra wrote:

I think I forgot to do something important with my PGP key after I renewed it a few months back

If you locally sign your AUR builded packages with your own key (6644E295155D0D5343F51B805990A09864D768FE belongs to a owner "Tonebone Malone", is this your local pgp key?) then you must add this key to the pacman keyring and mark it as a trusted key.
See: https://wiki.archlinux.org/title/Pacman … icial_keys

Haha, guilty as charged, that's my nickname.

I'd forgotten to sign my own key locally with

# pacman-key --lsign-key 6644E295155D0D5343F51B805990A09864D768FE

D'oh.

Thanks for everyone's help.

Offline

Pages: 1

Board footer

Powered by FluxBB