Pacman keyring issues
Sometimes it happens that you get errors like this:
error: signature from "xyz <[email protected]>" is unknown trust :: File /var/cache/pacman/pkg/packagename.tar.xz is corrupted (invalid or corrupted package (PGP signature)). Do you want to delete it? [Y/n]
(4/4) checking package integrity [#######################################] 100%
error: packagename: signature from "X Y <[email protected]>" is unknown trust
:: File /var/cache/pacman/pkg/packagename.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
Here are the usual fixes
The first thing to try is to reinstall archlinux-keyring package as it will help in 99% of cases already to get working keys back:
sudo pacman -S archlinux-keyring
If this is not solving the issue with updating/installing you should try to manually reinstall the archlinux-keyring
package. Download the package file https://archlinux.org/packages/core/any/archlinux-keyring/download
and install it manually from that local file sudo pacman -U archlinux-keyring* this will update trust database and should make keyring checking work again:
» sudo pacman -U archlinux-keyring*
loading packages...
warning: archlinux-keyring-20220111-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Package (1) Old Version New Version Net Change
archlinux-keyring 20220111-1 20220111-1 0,00 MiB
Total Installed Size: 1,41 MiB
Net Upgrade Size: 0,00 MiB
:: Proceed with installation? [Y/n] Y
(1/1) checking keys in keyring [--------------------------------------------------------] 100%
(1/1) checking package integrity [--------------------------------------------------------] 100%
(1/1) loading package files [--------------------------------------------------------] 100%
(1/1) checking for file conflicts [--------------------------------------------------------] 100%
:: Processing package changes...
(1/1) reinstalling archlinux-keyring [--------------------------------------------------------] 100%
==> Appending keys from archlinux.gpg...
==> Updating trust database...
gpg: next trustdb check due at 2022-05-06
==> Updating trust database...
gpg: next trustdb check due at 2022-05-06
:: Running post-transaction hooks...
(1/3) Arming ConditionNeedsUpdate...
If this does not help and the issue persists try a bit harder:
sudo pacman-key --init
sudo pacman-key --populate archlinux endeavouros
sudo pacman -Syyu
Archlinux changed default server upstream on Archlinux to ubuntu.com
so problematic sks server pool is not used anymore. Before it was a known issue to fail because of the sks keyservers:
Caused by https://bugs.archlinux.org/task/71078 sks keyserver pool issues and gone obsolete default keyserver is now set to hkps://keyserver.ubuntu.com
so currently (August 2021) there is no such issue other than WKD is still new and using pacman-key will spam a lot of errors because it does not get WKD data for keys (developer simply do not provide it mostly) Some info: https://wiki.gnupg.org/WKD.
Only one keyserver line is allowed adding more will simply be ignored.
save the file [Ctrl+X] and try again (to update system or renew pacman keys) it is also known that using hkp:// protocol is a workaround if you are behind a proxy.
Only EndeavourOS packages failed with key error:
There are also some harder ways if nothing helps:
sudo pacman-key --add /usr/share/pacman/keyrings/endeavouros.gpg
sudo pacman-key --lsign-key 497AF50C92AD2384C56E1ACA003DB8B0CB23504F
sudo pacman-key --populate
sudo pacman-key --refresh-keys
sudo pacman -Syy
This will recopy EndeavourOS key back into pacmans keyring.
GPGME error with all mirrors
If you got an error for synchronizing all databases like this:
error: GPGME error: No data
error: failed to synchronize all databases (invalid or corrupted database (PGP signature))
sudo cp -f "/etc/pacman.conf" "/etc/pacman.conf.orig"
sudo sed -i 's/SigLevel.*/SigLevel = Never/' /etc/pacman.conf
sudo pacman -Syy gnupg archlinux-keyring endeavouros-keyring
sudo mv -f "/etc/pacman.conf.orig" "/etc/pacman.conf"
sudo pacman -Syu
Connect with us: