• Antergos Build Server is not trusted by pacman


    This started happening yesterday on update:

    sudo pacman -Syu
    :: Synchronizing package databases...
     antergos is up to date
     core is up to date
     extra is up to date
     community is up to date
     multilib is up to date
    :: Starting full system upgrade...
    warning: qemu: ignoring package upgrade (2.8.0-2 => 2.9.0-1)
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (25) antergos-keyring-20170524-1  apm-1.18.2-1  cinnamon-desktop-3.4.1-1  cinnamon-settings-daemon-3.4.1-1  cinnamon-translations-3.4.2-1  cjs-3.4.1-1  clang-4.0.0-3  confuse-3.1-1  lib32-openssl-1:1.1.0.f-1
                  libatomic_ops-7.4.6-1  libftdi-1.3-4  libtiff-4.0.8-1  lldb-4.0.0-3  llvm-4.0.0-3  llvm-libs-4.0.0-3  nemo-3.4.2-1  nodejs-7.10.0-2  openssl-1.0-1.0.2.l-1  opus-1.1.5-1  pango-1.40.6+9+g92cc73c8-1  qca-qt4-2.1.3-4
                  qt5-base-5.8.0-12  squid-3.5.25-3  strace-4.17-1  webkit2gtk-2.16.3-1
    
    Total Installed Size:  748.63 MiB
    Net Upgrade Size:        1.19 MiB
    
    :: Proceed with installation? [Y/n] 
    (25/25) checking keys in keyring                                                                                                               [########################################################################################] 100%
    (25/25) checking package integrity                                                                                                             [########################################################################################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-desktop: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-desktop-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-settings-daemon: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-settings-daemon-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-translations: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-translations-3.4.2-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cjs: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cjs-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: nemo: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/nemo-3.4.2-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: failed to commit transaction (invalid or corrupted package)
    Errors occurred, no packages were upgraded.
    

    I guess this is the result of Arch deprecating ABS, in which case I can’t really do something about it, so maybe Antergos maintainers can configure their build system accordingly and rebuild their packages.

  • https://forum.antergos.com/topic/6996/antergos-keyring-package-corrupted

    I'm not from this planet but if you speak to me nicely I may choose not to enslave you (for now anyway)…

  • Solved by:

    • disabling GPG signature checks for “antergos” repo in /etc/pacman.conf
    • reinstalling archlinux-keyring and antergos-keyring
    • re-enabling signature checks
  • @bytefu Hi, can you explain how you did that? The steps I mean. Thanks.

  • @declan.treanor

    sudo pacman -Scc
    sudo pacman-key --refresh-keys
    sudo pacman -Syu
    

    [updates once a week] = [90% less problems]
    my#repo
    my-blog#k
    how to add system logs
    i3-°-xfce

  • @joekamprad Thanks but i was referring to these steps:

    disabling GPG signature checks for “antergos” repo in /etc/pacman.conf
    reinstalling archlinux-keyring and antergos-keyring
    re-enabling signature checks

    However, they are outlined in the linked thread. It involves updating pacman.conf, then reinstalling antergos-keyring. Worked for me.

  • @declan.treanor the steps i gave you was mostly do the job, for most users here, without any security issue.

    [updates once a week] = [90% less problems]
    my#repo
    my-blog#k
    how to add system logs
    i3-°-xfce

pacman86 trusted2 Posts 7Views 5106
Log in to reply
Bloom Email Optin Plugin

Looks like your connection to Antergos Community Forum was lost, please wait while we try to reconnect.