You are not logged in.

#1 2024-03-16 14:53:52

rwd3
Member
Registered: 2023-08-10
Posts: 7

[SOLVED] signature is marginal trust error when upgrading

Hi all

I had not updated my arch32 system for a couple of months. When I did a pacman -Syu today I got this error about signature TasosSah for a number of packages and then the upgrade fails::

error: iana-etc: signature from "TasosSah (Arch32 Package Signing Key) <arch32@tasossah.com>" is marginal trust
:: File /var/cache/pacman/pkg/iana-etc-20231228-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).

Here is the Complete output of pacman -Syu.

I tried:

# pacman -Sy archlinux-keyring archlinux32-keyring 

But this gives the same error. I then tried:

# pacman-key --refresh-keys

But this does not resolve the issue. I then tried manually verifying the signature of archlinux-keyring, but that failed as well:

gpg --verify  /var/cache/pacman/pkg/archlinux-keyring-20231222-1.0-any.pkg.tar.zst.sig  /var/cache/pacman/pkg/archlinux-keyring-20231222-1.0-any.pkg.tar.zst
gpg: Signature made Sat 06 Jan 2024 04:52:51 AM CET
gpg:                using RSA key 80EC18799E8BCD375C6E64ABE4D41569196B1160
gpg: Can't check signature: No public key

How can I fix this? Should ignore pacman signature checking  for archlinux-keyring and archlinux32-keyring with '--ignore ' , or would that create more problems?

Last edited by rwd3 (2024-03-20 09:22:17)

Offline

#2 2024-03-17 09:35:11

abaumann
Administrator
From: Zurich
Registered: 2019-11-14
Posts: 1,032
Website

Re: [SOLVED] signature is marginal trust error when upgrading

You can set SigLevel=Never just to update the keyrings and then reenable it.

This could be of interest: https://bbs.archlinux32.org/viewtopic.p … 047#p10047

Offline

#3 2024-03-20 09:25:24

rwd3
Member
Registered: 2023-08-10
Posts: 7

Re: [SOLVED] signature is marginal trust error when upgrading

abaumann wrote:

You can set SigLevel=Never just to update the keyrings and then reenable it.

.
This solved it, although it does seems to me that installing keyrings without signature checking defeats the purpose of using a keyring.

Offline

#4 2024-03-20 15:02:20

abaumann
Administrator
From: Zurich
Registered: 2019-11-14
Posts: 1,032
Website

Re: [SOLVED] signature is marginal trust error when upgrading

True, but sometimes if you forget to sign the keyring and to update the PGP keys before that, there is really no alternative. :-)

Offline

Board footer

Powered by FluxBB