You are not logged in.
Edit: This issue has been solved; see post #30.
I transitioned to archlinux32 successfully some time ago and as far as I recall, was able to update the system afterward. However, currently I'm having an issue similar to 310 and possibly 402, but the solutions suggested therein and here are not working for me. It's not clear when the pacman-key commands should be run, but I've tried this:
ntpd -qg && hwclock --systohc
vim /etc/pacman.d/mirrolist
rm -rf /var/cache/pacman/*
pacman-key --init
pacman-key --populate
pacman -Syy archlinux32-keyring-transition
pacman-key --init
pacman-key --populate
pacman -SyuuI must be missing something.
Last edited by kdsch (2018-01-07 01:29:17)
Offline
probably, you may need to install archlinux32-keyring as first of the new packages (should be pulled in as a dependency anyway), because abaumann's key is in that package but not in archlinux32-keyring-transition.
Offline
I'm having trouble understanding what you mean. Should I run this:
pacman -S archlinux32-keyring
pacman -S archlinux32-keyring-transition?
I am guessing that this issue is highly dependent on the state of my machine, and I don't fully understand the dependence, or what state is relevant. As a point of reference:
Currently if I run
pacman -Syuuit asks to replace the transition package with archlinux32-keyring. Then packages are retrieved. Then
error: filesystem: signature from "Erich Eckner (just to sign arch packages) <arch@eckner.net>" is marginal trust
:: File /var/cache/pacman/pkg/filesystem-2017.10-2.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).Offline
I'm having a similar issue today on both my Arch32 systems:
[root@rpc ~]# pacman -Syyu
:: Synchronizing package databases...
core 172.5 KiB 1369K/s 00:00 [##############################] 100%
extra 2.2 MiB 3.77M/s 00:01 [##############################] 100%
community 4.6 MiB 4.27M/s 00:01 [##############################] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...
Packages (3) archlinux32-keyring-20180104-1 nano-2.9.2-1.0 pacman-mirrorlist-20180103-1.1
Total Download Size: 0.43 MiB
Total Installed Size: 2.28 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
:: Retrieving packages...
nano-2.9.2-1.0-i686 435.9 KiB 1955K/s 00:00 [##############################] 100%
(3/3) checking keys in keyring [##############################] 100%
(3/3) checking package integrity [##############################] 100%
error: nano: signature from "Andreas Baumann (sign) <mail@andreasbaumann.cc>" is marginal trust
:: File /var/cache/pacman/pkg/nano-2.9.2-1.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
[root@rpc ~]#
Offline
Me too, I did like this, temporarily uninstalling nano:
sudo pacman -R nano
sudo pacman -Syyu
sudo pacman -S nanoOffline
What happens it you just upgrade the archlinux32-keyring first separately?
Offline
I just tried ula8000's solution. Worked for me too. Strangely, I also then reran the update attempt on my other Arch32 system and the keys updated and it worked just fine. I wonder if something was fixed on the servers.
Last edited by Quantum (2018-01-06 10:24:06)
Offline
abaumann's key is not in archlinux32-keyring-transition, but only in archlinux32-keyring. So you need to install the latter before nano (and possibly others).
Offline
I see, that this information was missing on archlinux32.org/download - I've put it there, it should appear online soon.
Offline
What happens it you just upgrade the archlinux32-keyring first separately?
karl ~ » sudo pacman -S archlinux32-keyring
[sudo] password for karl:
resolving dependencies...
looking for conflicting packages...
:: archlinux32-keyring and archlinux32-keyring-transition are in conflict. Remove archlinux32-keyring-transition? [y/N] y
Packages (2) archlinux32-keyring-transition-20170628-1 [removal]
archlinux32-keyring-20180104-1
Total Installed Size: 0.04 MiB
Net Upgrade Size: 0.03 MiB
:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring [####################] 100%
(1/1) checking package integrity [####################] 100%
error: archlinux32-keyring: signature from "Erich Eckner (just to sign arch packages) <arch@eckner.net>" is marginal trust
:: File /var/cache/pacman/pkg/archlinux32-keyring-20180104-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]Offline
hmm, this key should be trusted if you installed archlinux32-keyring-transition. Try running
sudo pacman-key --populate archlinux32manually (again) before trying to install archlinux32-keyring.
Offline
hmm, this key should be trusted if you installed archlinux32-keyring-transition. Try running
sudo pacman-key --populate archlinux32manually (again) before trying to install archlinux32-keyring.
karl ~ » sudo pacman-key --populate archlinux32
[sudo] password for karl:
==> Appending keys from archlinux32.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signing key CE0BDE71A759A87F23F0F7D8B61DBCE10901C163...
-> Locally signing key A0B250C0FC9FC079EC04ADB7A50C0F20AEC3AF00...
-> Locally signing key 194E37A47A4C671807BACB37B1117BC1094EA6E9...
==> Importing owner trust values...
==> Updating trust database...
gpg: next trustdb check due at 2018-04-13
karl ~ » sudo pacman -Syy archlinux32-keyring
:: Synchronizing package databases...
core 173.2 KiB 1082K/s 00:00 [####################] 100%
extra 2.2 MiB 1421K/s 00:02 [####################] 100%
community 4.7 MiB 1352K/s 00:04 [####################] 100%
resolving dependencies...
looking for conflicting packages...
:: archlinux32-keyring and archlinux32-keyring-transition are in conflict. Remove archlinux32-keyring-transition? [y/N] y
Packages (2) archlinux32-keyring-transition-20170628-1 [removal]
archlinux32-keyring-20180104-1
Total Download Size: 0.02 MiB
Total Installed Size: 0.04 MiB
Net Upgrade Size: 0.03 MiB
:: Proceed with installation? [Y/n] y
:: Retrieving packages...
archlinux32-keyring... 21.6 KiB 7.02M/s 00:00 [####################] 100%
(1/1) checking keys in keyring [####################] 100%
(1/1) checking package integrity [####################] 100%
error: archlinux32-keyring: signature from "Erich Eckner (just to sign arch packages) <arch@eckner.net>" is marginal trust
:: File /var/cache/pacman/pkg/archlinux32-keyring-20180104-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]Offline
What does
pacman-key --list-sigs '7C98C4C3DE926168DC46FBAA3D06644243BF68D3'say? It should show signatures from at least the three master keys you posted above.
Offline
What does
pacman-key --list-sigs '7C98C4C3DE926168DC46FBAA3D06644243BF68D3'say? It should show signatures from at least the three master keys you posted above.
karl ~ » pacman-key --list-sigs '7C98C4C3DE926168DC46FBAA3D06644243BF68D3'
gpg: Note: trustdb not writable
pub rsa4096 2016-04-13 [SC] [expires: 2018-04-13]
7C98C4C3DE926168DC46FBAA3D06644243BF68D3
uid [marginal] Erich Eckner (just to sign arch packages) <arch@eckner.net>
sig 3 3D06644243BF68D3 2016-04-13 Erich Eckner (just to sign arch packages) <arch@eckner.net>
sig B1117BC1094EA6E9 2017-05-27 Erich Eckner <deep42thought@archlinux32.org>
sig B61DBCE10901C163 2017-05-14 Balló György <ballogyor@gmail.com>
sig A50C0F20AEC3AF00 2017-05-15 Polichronucci (Arch Linux 32 Master Key) <polichronucci@archlinux.gr>
sig F3229B16A539A308 2017-05-15 [User ID not found]
sig 0AEEC90755DA7B5A 2017-05-14 [User ID not found]
sub rsa4096 2016-04-13 [S] [expires: 2018-04-13]
sig 3D06644243BF68D3 2016-04-13 Erich Eckner (just to sign arch packages) <arch@eckner.net>Offline
hmm, I don't understand. This looks alright to me: The respective key is signed by >=3 master keys which are signed with your local key. So it should _not_ be "marginally" trusted but "fully" trusted.
As a workaround you can try to install archlinux32-keyring w/o checking the signature, e.g.
pacman -U /var/cache/pacman/pkg/archlinux32-keyring-20180104-1-any.pkg.tar.xzOffline
hmm, I don't understand. This looks alright to me: The respective key is signed by >=3 master keys which are signed with your local key. So it should _not_ be "marginally" trusted but "fully" trusted.
As a workaround you can try to install archlinux32-keyring w/o checking the signature, e.g.pacman -U /var/cache/pacman/pkg/archlinux32-keyring-20180104-1-any.pkg.tar.xz
I had to first retrieve the package and then run the quoted command. But after this,
pacman -Syuuis still rejecting the signatures.
It may be useful to know that prior to starting this thread, I had suspected that the time error on my system was a problem for PGP. It seems to be OK now, after my attempts to correct it, but perhaps it has caused some corrupted state on my machine.
Last edited by kdsch (2018-01-06 20:45:18)
Offline
ah, that might explain it: can you have a look for your private pacman-key - I'm afraid, it might have an invalid date (future?). If that's the case, you need to
pacman-key --init
pacman-key --populate archlinux-keyring
pacman-key --populate archlinux-keyring32and then you should have a valid keyring
Offline
You should be able to either track it via
pacman-key --list-sigsbecause the master keys should be signed with your private key. On the other hand, you could simply
sudo gpg --homedir /etc/pacman.d/gnupg --list-secret-keysto find it.
Offline
the first command needs to be appended by the master key id(s) - the latter should work as is
Offline
I don't understand. But I ran
karl ~ » sudo pacman-key --init
[sudo] password for karl:
karl ~ » sudo pacman-key --populate archlinux-keyring
==> ERROR: The keyring file /usr/share/pacman/keyrings/archlinux-keyring.gpg does not exist.Offline
ah, sry, my bad it should be
pacman-key --populate archlinux
pacman-key --populate archlinux32Offline
Hmm, your private key seems ok, then the question would be what date the signature on the master keys has, e.g.
pacman-key --list-sigs CE0BDE71A759A87F23F0F7D8B61DBCE10901C163
pacman-key --list-sigs A0B250C0FC9FC079EC04ADB7A50C0F20AEC3AF00
pacman-key --list-sigs 194E37A47A4C671807BACB37B1117BC1094EA6E9Offline