• Antergos Build Server is not trusted by pacman


    This started happening yesterday on update:

    sudo pacman -Syu
    :: Synchronizing package databases...
     antergos is up to date
     core is up to date
     extra is up to date
     community is up to date
     multilib is up to date
    :: Starting full system upgrade...
    warning: qemu: ignoring package upgrade (2.8.0-2 => 2.9.0-1)
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (25) antergos-keyring-20170524-1  apm-1.18.2-1  cinnamon-desktop-3.4.1-1  cinnamon-settings-daemon-3.4.1-1  cinnamon-translations-3.4.2-1  cjs-3.4.1-1  clang-4.0.0-3  confuse-3.1-1  lib32-openssl-1:1.1.0.f-1
                  libatomic_ops-7.4.6-1  libftdi-1.3-4  libtiff-4.0.8-1  lldb-4.0.0-3  llvm-4.0.0-3  llvm-libs-4.0.0-3  nemo-3.4.2-1  nodejs-7.10.0-2  openssl-1.0-1.0.2.l-1  opus-1.1.5-1  pango-1.40.6+9+g92cc73c8-1  qca-qt4-2.1.3-4
                  qt5-base-5.8.0-12  squid-3.5.25-3  strace-4.17-1  webkit2gtk-2.16.3-1
    
    Total Installed Size:  748.63 MiB
    Net Upgrade Size:        1.19 MiB
    
    :: Proceed with installation? [Y/n] 
    (25/25) checking keys in keyring                                                                                                               [########################################################################################] 100%
    (25/25) checking package integrity                                                                                                             [########################################################################################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-desktop: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-desktop-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-settings-daemon: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-settings-daemon-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cinnamon-translations: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cinnamon-translations-3.4.2-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: cjs: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/cjs-3.4.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: nemo: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is unknown trust
    :: File /var/cache/pacman/pkg/nemo-3.4.2-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: failed to commit transaction (invalid or corrupted package)
    Errors occurred, no packages were upgraded.
    

    I guess this is the result of Arch deprecating ABS, in which case I can’t really do something about it, so maybe Antergos maintainers can configure their build system accordingly and rebuild their packages.

  • https://forum.antergos.com/topic/6996/antergos-keyring-package-corrupted

    I'm not from this planet but if you speak to me nicely I may choose not to enslave you (for now anyway)…

  • Solved by:

    • disabling GPG signature checks for “antergos” repo in /etc/pacman.conf
    • reinstalling archlinux-keyring and antergos-keyring
    • re-enabling signature checks
  • @bytefu Hi, can you explain how you did that? The steps I mean. Thanks.

  • @declan.treanor

    sudo pacman -Scc
    sudo pacman-key --refresh-keys
    sudo pacman -Syu
    

    [updates once a week] = [90% less problems]
    [Li{u}n//u//{i}x] since 1988 - overcoming failure means success
    howto-install-antergos
    how to add system logs
    i3 GNOME

  • @joekamprad Thanks but i was referring to these steps:

    disabling GPG signature checks for “antergos” repo in /etc/pacman.conf
    reinstalling archlinux-keyring and antergos-keyring
    re-enabling signature checks

    However, they are outlined in the linked thread. It involves updating pacman.conf, then reinstalling antergos-keyring. Worked for me.

  • @declan.treanor the steps i gave you was mostly do the job, for most users here, without any security issue.

    [updates once a week] = [90% less problems]
    [Li{u}n//u//{i}x] since 1988 - overcoming failure means success
    howto-install-antergos
    how to add system logs
    i3 GNOME

trusted2 pacman80 Posts 7Views 4413
Log in to reply