You are not logged in.

#1 2021-01-06 09:17:32

hayao
Member
From: Japanese
Registered: 2020-04-30
Posts: 32
Website

Error verifying signature of a particular person

I installed archlinux 32-keyring on Arch Linux and ran pacman.
When I install the base package, I get the following error.

error: linux-api-headers: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/linux-api-headers-5.8-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: tzdata: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/tzdata-2020d-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: ncurses: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/ncurses-6.2-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: attr: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/attr-2.4.48-3.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: gmp: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/gmp-6.2.1-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libutil-linux: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libutil-linux-2.36-3.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: openssl: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/openssl-1.1.1.i-2.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libldap: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libldap-2.4.56-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: keyutils: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/keyutils-1.6.3-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: pambase: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/pambase-20200721.1-2.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libcap-ng: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libcap-ng-0.8.2-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: pam: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/pam-1.5.0-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: findutils: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/findutils-4.7.0-2.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libgcrypt: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libgcrypt-1.8.7-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: lz4: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/lz4-1:1.9.3-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: glib2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/glib2-2.64.4-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libxml2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libxml2-2.9.10-8.2-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: util-linux: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/util-linux-2.36-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: licenses: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/licenses-20200427-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libarchive: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libarchive-3.4.3-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: ca-certificates-mozilla: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/ca-certificates-mozilla-3.60-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libidn2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libidn2-2.3.0-1.1-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libpsl: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libpsl-0.21.0-2.4-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libnghttp2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libnghttp2-1.41.0-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libassuan: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libassuan-2.5.4-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libsecret: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libsecret-0.20.4-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: pacman-mirrorlist: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/pacman-mirrorlist-20200924-1.2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: archlinux-keyring: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20201210-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: pacman: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/pacman-5.2.2-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: device-mapper: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/device-mapper-2.02.187-3.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: popt: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/popt-1.18-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: argon2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/argon2-20190702-3.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: cryptsetup: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/cryptsetup-2.3.3-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libnftnl: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libnftnl-1.1.8-1.1-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: iptables: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/iptables-1:1.8.6-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libelf: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libelf-0.181-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: pcre2: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/pcre2-10.36-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: m4: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/m4-1.4.18-3.1-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: autoconf: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/autoconf-2.70-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: elfutils: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/elfutils-0.181-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: bison: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/bison-3.7.2-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: fakeroot: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/fakeroot-1.25.3-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libmpc: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/libmpc-1.2.1-1.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: groff: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/groff-1.22.4-3.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: gc: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/gc-8.0.4-4.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: guile: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/guile-2.2.6-2.1-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: patch: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/patch-2.7.6-8.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: syslinux: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/syslinux-6.04.pre2.r11.gbf6db5b4-3.0-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: mkinitcpio-busybox: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/mkinitcpio-busybox-1.31.1-2.0-i686.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: mkinitcpio: signature from "Erich Eckner (just to sign arch packages) <arch-packages@eckner.net>" is unknown trust
:: File /var/cache/pacman/pkg/mkinitcpio-29-1.0-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package)

So I ran the following command, but it doesn't work.

yay -Scc
sudo pacman-key --init
sudo pacman-key --populate archlinux32
sudo pacman-key --refresh-keys

Also, similar errors have been seen on multiple machines.

Offline

#2 2021-01-06 09:30:10

levi
Moderator
From: Yorkshire, UK
Registered: 2018-06-16
Posts: 1,197

Re: Error verifying signature of a particular person

You're running from the live iso I assume.  Or at the very least a fairly new install.

When I run '$ pacman-key --list-keys|grep Erich' it tells me that the key for Erich Echner (just to sign packages) has been revoked, and now we're using the key belonging to 'Erich Eckner <email>' to sign packages.  I guess if you add a '-y' to your pacman call to install base for example '%pacman -Sy base' that might resolve this, as that should update the package indexes and get the latest versions of all the packages which should have been released by a currently valid key.  Or if you want to go back to the live iso and try again, you could just not do the update of archlinux32-keyring before you install base; I'm not sure why you decided to do that at all tbh.


Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.

Offline

#3 2021-01-06 09:38:06

hayao
Member
From: Japanese
Registered: 2020-04-30
Posts: 32
Website

Re: Error verifying signature of a particular person

I'm not running from liveiso.
I'm trying to build a chroot container using pacstrap from an already built Arch Linux.
I have already updated the package index many times.

Offline

#4 2021-01-07 08:55:30

hayao
Member
From: Japanese
Registered: 2020-04-30
Posts: 32
Website

Re: Error verifying signature of a particular person

I also tried deleting /etc/pacman.d/gnupg, but there is no sign of improvement.

Offline

#5 2021-01-07 09:23:50

levi
Moderator
From: Yorkshire, UK
Registered: 2018-06-16
Posts: 1,197

Re: Error verifying signature of a particular person

You might also need to clear or otherwise hide the contents of your /var/cache/pacman/pkg folder.  It seems to be trying to install those first.


Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.

Offline

#6 2021-01-07 15:18:29

deep42thought
Administrator
From: Jena, Germany
Registered: 2017-06-17
Posts: 617

Re: Error verifying signature of a particular person

I would say, my key is genuine too old in the keyring - I'll see to fix that asap. In the meantime, you can fetch the latest version from https://archlinux32.org/keys.php?k=5FDC … DB9A12601A and manually import it in /etc/pacman.d/gnupg:

curl -Ss https://archlinux32.org/keys.php?k=5FDCA472AB93292BC678FD59255A76DB9A12601A | gpg --homedir /etc/pacman.d/gnupg --import

Offline

#7 2021-01-30 05:19:33

busterdog
Member
Registered: 2021-01-30
Posts: 1

Re: Error verifying signature of a particular person

deep42thought wrote:

I would say, my key is genuine too old in the keyring - I'll see to fix that asap. In the meantime, you can fetch the latest version from https://archlinux32.org/keys.php?k=5FDC … DB9A12601A and manually import it in /etc/pacman.d/gnupg:

curl -Ss https://archlinux32.org/keys.php?k=5FDCA472AB93292BC678FD59255A76DB9A12601A | gpg --homedir /etc/pacman.d/gnupg --import

That fixed it for me. Thanks!

Offline

#8 2021-01-30 11:11:41

mistersmee
Member
From: India
Registered: 2020-12-24
Posts: 65

Re: Error verifying signature of a particular person

This problem won't crop up if the downloads page on the website listed the up-to-date ISOs. The mirrors show that the latest available ISO is of 2020.11.01, while the downloads page list the magnet link to 2020.07.03 and the direct download lists the iso of 2020.08.04. The .torrent lists the ISO of 2020.07.03.
Maybe instead of linking to specific ISOs, magnet urls and .torrents, link to the mirror folder only? That would remove the need to update the links every time a new iso comes out, and the need to hack together an automator to do the same.
The entirety of the download page is out of date, now that I checked it properly.
The release info is out of date, and the India mirrors do not exist.

The links are out of date, so the ISO people download is out of date, so the keyring on the iso is out of date, hence, OP's problem occurs.

Last edited by mistersmee (2021-01-30 11:20:44)

Offline

#9 2021-01-30 11:43:34

abaumann
Administrator
From: Zurich
Registered: 2019-11-14
Posts: 1,032
Website

Re: Error verifying signature of a particular person

Yep, this is unfortunate, everything is automatic including the building of the ISO, just the web page is not.

Offline

#10 2021-01-30 18:56:54

levi
Moderator
From: Yorkshire, UK
Registered: 2018-06-16
Posts: 1,197

Re: Error verifying signature of a particular person

Look like someone's updated the downloads page already.  I'll just note that it's not ideal to indicate the folder in magnet or torrent links because users using those links will without further configuration download all of the isos in that folder,


Architecture: pentium4, Testing repos: Yes, Hardware: EeePC 901+2GB RAM+OS half on the SD card.

Offline

#11 2021-01-30 22:57:18

deep42thought
Administrator
From: Jena, Germany
Registered: 2017-06-17
Posts: 617

Re: Error verifying signature of a particular person

abaumann wrote:

Yep, this is unfortunate, everything is automatic including the building of the ISO, just the web page is not.

That's only half true: both is automatic, but the update-the-website part got stuck due to a merge conflict, apparently!?

Offline

#12 2021-01-31 15:39:25

abaumann
Administrator
From: Zurich
Registered: 2019-11-14
Posts: 1,032
Website

Re: Error verifying signature of a particular person

Oups, merge conflict would sound like me then *whistle*.. sorry. :-)

Offline

#13 2021-01-31 15:47:14

mistersmee
Member
From: India
Registered: 2020-12-24
Posts: 65

Re: Error verifying signature of a particular person

levi wrote:

Look like someone's updated the downloads page already.  I'll just note that it's not ideal to indicate the folder in magnet or torrent links because users using those links will without further configuration download all of the isos in that folder,

Oh, right. I automatically assumed that people go onto the website and download by clicking. Using curl, or wget to get the ISO did not even occur to me. big_smile

Offline

#14 2021-01-31 16:42:41

deep42thought
Administrator
From: Jena, Germany
Registered: 2017-06-17
Posts: 617

Re: Error verifying signature of a particular person

abaumann wrote:

Oups, merge conflict would sound like me then *whistle*.. sorry. :-)

Should not happen, though - the script first does a `git pull`, then the update and at the end a `git push` ...

Offline

#15 2021-01-31 16:52:15

deep42thought
Administrator
From: Jena, Germany
Registered: 2017-06-17
Posts: 617

Re: Error verifying signature of a particular person

btw: I created a bug to not forget about iso build robustness smile

Offline

#16 2022-02-06 09:16:34

hayao
Member
From: Japanese
Registered: 2020-04-30
Posts: 32
Website

Re: Error verifying signature of a particular person

Hello, This problem has recurred over a year.Please update `archlinux32-keyring` package.
I sovled it with adding key myself but chroot environment that is built by scripts has yet.

Offline

#17 2022-02-06 09:17:50

hayao
Member
From: Japanese
Registered: 2020-04-30
Posts: 32
Website

Re: Error verifying signature of a particular person

Offline

#18 2022-02-07 11:29:47

abaumann
Administrator
From: Zurich
Registered: 2019-11-14
Posts: 1,032
Website

Re: Error verifying signature of a particular person

There are now new web links, torrents and magnet links for the ISO archlinux32-2022.02.01-i686.iso, I hope they contain the new keyrings..

Offline

Board footer

Powered by FluxBB