You are not logged in.
Hi all
I had not updated my arch32 system for a couple of months. When I did a pacman -Syu today I got this error about signature TasosSah for a number of packages and then the upgrade fails::
error: iana-etc: signature from "TasosSah (Arch32 Package Signing Key) <arch32@tasossah.com>" is marginal trust
:: File /var/cache/pacman/pkg/iana-etc-20231228-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).Here is the Complete output of pacman -Syu.
I tried:
# pacman -Sy archlinux-keyring archlinux32-keyring But this gives the same error. I then tried:
# pacman-key --refresh-keysBut this does not resolve the issue. I then tried manually verifying the signature of archlinux-keyring, but that failed as well:
gpg --verify /var/cache/pacman/pkg/archlinux-keyring-20231222-1.0-any.pkg.tar.zst.sig /var/cache/pacman/pkg/archlinux-keyring-20231222-1.0-any.pkg.tar.zst
gpg: Signature made Sat 06 Jan 2024 04:52:51 AM CET
gpg: using RSA key 80EC18799E8BCD375C6E64ABE4D41569196B1160
gpg: Can't check signature: No public keyHow can I fix this? Should ignore pacman signature checking for archlinux-keyring and archlinux32-keyring with '--ignore ' , or would that create more problems?
Last edited by rwd3 (2024-03-20 09:22:17)
Offline
You can set SigLevel=Never just to update the keyrings and then reenable it.
This could be of interest: https://bbs.archlinux32.org/viewtopic.p … 047#p10047
Offline
You can set SigLevel=Never just to update the keyrings and then reenable it.
.
This solved it, although it does seems to me that installing keyrings without signature checking defeats the purpose of using a keyring.
Offline