You are not logged in.
@myhost ~]$ sudo pacman -S pacman
[sudo] Passwort für arch:
Löse Abhängigkeiten auf...
Suche nach in Konflikt stehenden Paketen...
Pakete (1) pacman-5.1.3-1.6
Gesamtgröße der installierten Pakete: 5,13 MiB
Größendifferenz der Aktualisierung: 0,00 MiB
:: Installation fortsetzen? [J/n] j
(1/1) Prüfe Schlüssel im Schlüsselring [#######################################################] 100%
(1/1) Überprüfe Paket-Integrität [#######################################################] 100%
Fehler: pacman: signature from "Erich Eckner (just to sign arch packages) <arch@eckner.net>" is marginal trust
:: Datei /var/cache/pacman/pkg/pacman-5.1.3-1.6-i686.pkg.tar.xz ist beschädigt (Ungültiges oder beschädigtes Paket (PGP-Signatur)).
Soll die Datei entfernt werden? [J/n] n
Fehler: Konnte den Vorgang nicht durchführen (Ungültiges oder beschädigtes Paket (PGP-Signatur))
Fehler sind aufgetreten, keine Pakete wurden aktualisiert. Last edited by ess (2019-06-03 09:00:09)
Offline
sudo pacman-key --refresh-keysOK. Works.
Offline
Hi,
In my case the key refresh does not work.
Nor does what is said in this post work
[cinde@LenovoLinux ~]$ sudo pacman -Syu
:: Sincronizando las bases de datos de los paquetes...
core está actualizado
extra está actualizado
community está actualizado
:: Iniciando actualización completa del sistema...
advertencia: bluez-libs: la versión instalada (5.50-6.0) es más nueva que extra (5.50-5.0)
advertencia: libutil-linux: la versión instalada (2.33.2-1.2) es más nueva que core (2.33.2-1.1)
resolviendo dependencias...
buscando conflictos entre paquetes...
Paquetes (39) audit-2.8.5-2.0 curl-7.65.0-2.0 double-conversion-3.1.5-1.0 e2fsprogs-1.45.2-1.0 file-5.37-2.0
filesystem-2019.05-2.0 glibc-2.29-1.27 glslang-7.11.3214-1.0 gnupg-2.2.16-1.0 gnutls-3.6.8-1.0
gparted-1.0.0-1.0 gst-plugins-base-1.16.0-3.0 gst-plugins-base-libs-1.16.0-3.0 gstreamer-1.16.0-2.0
gtkmm3-3.24.1-1.0 harfbuzz-2.5.1-1.0 harfbuzz-icu-2.5.1-1.0 iana-etc-20190504-1.0 libebml-1.3.9-1.0
libmatroska-1.5.2-1.0 libnewt-0.52.21-1.0 libnma-1.8.22-1.0 libseccomp-2.4.1-2.0 libsodium-1.0.18-1.0
libsoup-2.66.2+4+g716acf96-1.0 linux-5.1.6.arch1-1.0 linux-headers-5.1.6.arch1-1.0 mesa-19.0.5-1.0
network-manager-applet-1.8.22-1.0 nm-connection-editor-1.8.22-1.0 openssl-1.1.1.c-1.0 p11-kit-0.23.16.1-1.0
pacman-5.1.3-1.6 qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0 re2-20190601-1.0
thin-provisioning-tools-0.8.3-1.0 vulkan-icd-loader-1.1.108-1.0 xorg-server-1.20.5-1.0
xorg-server-common-1.20.5-1.0
Tamaño total de la instalación: 440,81 MiB
Tamaño neto tras actualizar: 11,68 MiB
:: ¿Continuar con la instalación? [S/n]
(39/39) comprobando las claves del depósito [###########################################] 100%
(39/39) verificando la integridad de los paquetes [###########################################] 100%
error: qt5-webkit: la firma de «Erich Eckner (just to sign arch packages) <arch@eckner.net>» no es válida
:: El archivo /var/cache/pacman/pkg/qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0-pentium4.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n]Pentium 4(i686), Lenovo Ideapad S10-2 [Intel(R) Atom(TM) CPU N280 @ 1.66GHz, 1 GB RAM]
Offline
What does updating archlinux32-keyring give you?
Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.
Offline
What does updating archlinux32-keyring give you?
This is the response
[cinde@LenovoLinux ~]$ sudo pacman -Sy archlinux32-keyring
:: Sincronizando las bases de datos de los paquetes...
core 184,5 KiB 18,0K/s 00:10 [######################] 100%
extra 2,3 MiB 15,1K/s 02:35 [######################] 100%
community 5,8 MiB 17,8K/s 05:36 [######################] 100%
advertencia: archlinux32-keyring-20190108-1.0 está actualizado -- reinstalándolo
resolviendo dependencias...
buscando conflictos entre paquetes...
Paquetes (1) archlinux32-keyring-20190108-1.0
Tamaño total de la instalación: 0,06 MiB
Tamaño neto tras actualizar: 0,00 MiB
:: ¿Continuar con la instalación? [S/n]
(1/1) comprobando las claves del depósito [######################] 100%
(1/1) verificando la integridad de los paquetes [######################] 100%
(1/1) cargando los archivos de los paquetes [######################] 100%
(1/1) comprobando conflictos entre archivos [######################] 100%
(1/1) comprobando el espacio disponible en el ... [######################] 100%
:: Procesando los cambios de los paquetes...
(1/1) reinstalando archlinux32-keyring [######################] 100%
==> Añadiendo las claves de archlinux32.gpg...
==> Firmando localmente las claves de confianza en el depósito...
-> Firmando localmente la clave A0B250C0FC9FC079EC04ADB7A50C0F20AEC3AF00...
-> Firmando localmente la clave D92CDDC155BCC8F550B5FCEC30AB721FE7400FCD...
-> Firmando localmente la clave 194E37A47A4C671807BACB37B1117BC1094EA6E9...
-> Firmando localmente la clave 2FF1E976D6EB2E954A87DC14443904EC9EC51A8A...
-> Firmando localmente la clave CE0BDE71A759A87F23F0F7D8B61DBCE10901C163...
==> Importando los valores de los propietarios de confianza...
==> Desactivando las claves revocadas en el depósito...
-> Desactivando la clave 7C98C4C3DE926168DC46FBAA3D06644243BF68D3...
-> Desactivando la clave C3A8190912128B5A2E96C6023ED6490AEF932C8A...
==> Actualizando la base de datos de claves de confianza...
gpg: siguiente comprobación de base de datos de confianza el: 2019-06-23
:: Ejecutando los «hooks» de posinstalación...
(1/1) Arming ConditionNeedsUpdate...Pentium 4(i686), Lenovo Ideapad S10-2 [Intel(R) Atom(TM) CPU N280 @ 1.66GHz, 1 GB RAM]
Offline
That seems to have worked if my understanding of spanish is good enough. Does that not resolve your problem? I note that after being told not to bump and old thread for a new issue, you bumped an old thread, so I can't tell by looking at my title bar whether you're all fixed up or not.
Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.
Offline
Hello,
no, it does not solve it since after carrying out this action and trying to update the system it generates the error that I reported before which I quote:
[cinde@LenovoLinux ~]$ sudo pacman -Syu :: Sincronizando las bases de datos de los paquetes... core está actualizado extra está actualizado community está actualizado :: Iniciando actualización completa del sistema... advertencia: bluez-libs: la versión instalada (5.50-6.0) es más nueva que extra (5.50-5.0) advertencia: libutil-linux: la versión instalada (2.33.2-1.2) es más nueva que core (2.33.2-1.1) resolviendo dependencias... buscando conflictos entre paquetes... Paquetes (39) audit-2.8.5-2.0 curl-7.65.0-2.0 double-conversion-3.1.5-1.0 e2fsprogs-1.45.2-1.0 file-5.37-2.0 filesystem-2019.05-2.0 glibc-2.29-1.27 glslang-7.11.3214-1.0 gnupg-2.2.16-1.0 gnutls-3.6.8-1.0 gparted-1.0.0-1.0 gst-plugins-base-1.16.0-3.0 gst-plugins-base-libs-1.16.0-3.0 gstreamer-1.16.0-2.0 gtkmm3-3.24.1-1.0 harfbuzz-2.5.1-1.0 harfbuzz-icu-2.5.1-1.0 iana-etc-20190504-1.0 libebml-1.3.9-1.0 libmatroska-1.5.2-1.0 libnewt-0.52.21-1.0 libnma-1.8.22-1.0 libseccomp-2.4.1-2.0 libsodium-1.0.18-1.0 libsoup-2.66.2+4+g716acf96-1.0 linux-5.1.6.arch1-1.0 linux-headers-5.1.6.arch1-1.0 mesa-19.0.5-1.0 network-manager-applet-1.8.22-1.0 nm-connection-editor-1.8.22-1.0 openssl-1.1.1.c-1.0 p11-kit-0.23.16.1-1.0 pacman-5.1.3-1.6 qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0 re2-20190601-1.0 thin-provisioning-tools-0.8.3-1.0 vulkan-icd-loader-1.1.108-1.0 xorg-server-1.20.5-1.0 xorg-server-common-1.20.5-1.0 Tamaño total de la instalación: 440,81 MiB Tamaño neto tras actualizar: 11,68 MiB :: ¿Continuar con la instalación? [S/n] (39/39) comprobando las claves del depósito [###########################################] 100% (39/39) verificando la integridad de los paquetes [###########################################] 100% error: qt5-webkit: la firma de «Erich Eckner (just to sign arch packages) <arch@eckner.net>» no es válida :: El archivo /var/cache/pacman/pkg/qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0-pentium4.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)). ¿Quiere eliminarlo? [S/n]
I clarify that I use this thread because the error that the user who created it reported is exactly the same: qt5-webkit: the signature of "Erich Eckner (just to sign arch packages) <arch@eckner.net>" is not valid.
My mistake persists so I ask the community for help, thank you.
Pentium 4(i686), Lenovo Ideapad S10-2 [Intel(R) Atom(TM) CPU N280 @ 1.66GHz, 1 GB RAM]
Offline
Hmm, I'm afraid I'm pretty much out of ideas in that case. I tried installing qt5-webkit here and it went though without error for me at least.
FWIW, I recall that erich echner (just to sign arch packages) key coming through the last time I got a key update because it had an unusual name. I just checked some random packages I had and at the very least webkit2gtk and firefox were build by a Mr Erich Echner and I guess he used that key to sign those packages. In fact 768 of my installed packages out of a total of 940 were built by that fellow. Are you able to update other packages you might have installed?
Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.
Offline
Hi mate, thank you for your interest in my problem.
To your question, I have not been able to update any package since Pacman does not let me update the packages because of the signature error, could I update the other packages and somehow skip this one that generates an error?
Pentium 4(i686), Lenovo Ideapad S10-2 [Intel(R) Atom(TM) CPU N280 @ 1.66GHz, 1 GB RAM]
Offline
You can always set "SigLevel = Never" temporarily, for instance to update the archlinux32-keyring package
(because you are updating a pre-Archlinux32 system directly). Then reenable the SigLevel to what it was
before ("SigLevel = Required DatabaseOptional DatabaseTrustAll").
Are you updating a pre-Archlinux32 system by any chance (before November 2017)? If yes, then you have to
do the Archlinux->Archlinux32 migration with archlinux32-keyring-transition (see https://www.archlinux32.org),
but it can easily be, that some of the keys are no longer valid (I remember that I had also some issues
when upgrading a really old machine which never received updates anymore).
Note: Setting "SigLevel = Never" counteracts security, so use at your own risk!
Offline
Ah, I see, that was all tested above, ok.
Did you try deleting qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0-pentium4.pkg.tar.xz in the cache /var/cache/pacman/pkg?
Does it happen only with that package or with others too?
Offline
Hi, andreas
Try in the first instance, clear the cache and it worked for me, thank you very much.
My problems are solved
Ah, I see, that was all tested above, ok.
Did you try deleting qt5-webkit-5.212.0alpha2+156+g95401fe3908-1.0-pentium4.pkg.tar.xz in the cache /var/cache/pacman/pkg?
Does it happen only with that package or with others too?
Pentium 4(i686), Lenovo Ideapad S10-2 [Intel(R) Atom(TM) CPU N280 @ 1.66GHz, 1 GB RAM]
Offline
Ah, right. Digging in my /etc/pacman.d/gnupg it seems I have three keys for Erich:
1 of Erich Eckner with his username here in the email address, generated at the end of May 2017
1 of Erich Eckner (just to sign arch packages) revoked in the last key update
1 or Erich Eckner (just to sign arch packages) generated just before I did the last key update
I guess the version in the cache was signed with the old revoked key. I don't quite understand why it wasn't downloading a new version signed with the latest key, since it seemed to claim to be downloading a fresh version. Something funny going on in the repo selected maybe? Or perhaps Erich re-released the same version of qt5-webkit with a newly signed version, but pacman had the original version in its cache, and didn't decide to download what it thought was the same version? If that's the case I guess Erich should have updated the arch build number but didn't. Oh well, at least it's been sorted out now.
Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.
Offline