• invalid or corrupted package (PGP signature)


    Hello! I tried to update my Antergos system today. It barfed with the message above on one package, so I googled and found this post. Following the guide it gets as far as installing the antergos-keyring and fails:-

    [[email protected] ~]$ sudo pacman -S antergos-keyring
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Download Size:   0.01 MiB
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] 
    :: Retrieving packages...
     antergos-keyring-20...    14.6 KiB   610K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] 
    error: failed to commit transaction (invalid or corrupted package (PGP signature))
    Errors occurred, no packages were upgraded.
    [[email protected] ~]$ 
    

    Here’s the output from the previous commands, in case they’re useful to debug.

    [[email protected] ~]$ sudo pacman -Scc
    
    Cache directory: /var/cache/pacman/pkg/
    :: Do you want to remove ALL files from cache? [y/N] y
    removing all files from cache...
    
    Database directory: /var/lib/pacman/
    :: Do you want to remove unused repositories? [Y/n] y
    removing unused sync repositories...
    [[email protected] ~]$ sudo pacman -Syy
    :: Synchronising package databases...
     antergos                 158.1 KiB  1491K/s 00:00 [######################] 100%
     core                     124.8 KiB   960K/s 00:00 [######################] 100%
     extra                   1684.2 KiB  2.97M/s 00:01 [######################] 100%
     community                  4.0 MiB  4.86M/s 00:01 [######################] 100%
     multilib                 173.3 KiB  5.13M/s 00:00 [######################] 100%
    [[email protected] ~]$ sudo pacman -S haveged
    warning: haveged-1.9.1-3 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) haveged-1.9.1-3
    
    Total Download Size:   0.04 MiB
    Total Installed Size:  0.14 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] 
    :: Retrieving packages...
     haveged-1.9.1-3-x86_64    41.3 KiB   430K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    (1/1) loading package files                        [######################] 100%
    (1/1) checking for file conflicts                  [######################] 100%
    (1/1) checking available disk space                [######################] 100%
    :: Processing package changes...
    (1/1) reinstalling haveged                         [######################] 100%
    :: Running post-transaction hooks...
    (1/1) Arming ConditionNeedsUpdate...
    [[email protected] ~]$ sudo haveged -w 1024
    [[email protected] ~]$ sudo pacman-key --init
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    [[email protected] ~]$ sudo pacman-key --populate archlinux antergos
    ==> Appending keys from archlinux.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Appending keys from antergos.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Locally signing trusted keys in keyring...
      -> Locally signing key DDB867B92AA789C165EEFA799B729B06A680C281...
      -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
      -> Locally signing key 24B445614FAC071891EDCE49CDBD406AA1AA7A1D...
      -> Locally signing key D95436A2E18DA94A72B1A5E2AEA529BF122902E5...
      -> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
      -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
      -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
      -> Locally signing key EC3B5CE8FE98DFDF51B705536D6DDA3D2A45C7B4...
      -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
    ==> Importing owner trust values...
    ==> Disabling revoked keys in keyring...
      -> Disabling key 7FA647CD89891DEDC060287BB9113D1ED21E1A55...
      -> Disabling key D4DE5ABDE2A7287644EAC7E36D1A9E70E19DAA50...
      -> Disabling key 40440DC037C05620984379A6761FAD69BA06C6A9...
      -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
      -> Disabling key 63F395DE2D6398BBE458F281F2DBB4931985A992...
      -> Disabling key 8F76BEEA0289F9E1D3E229C05F946DED983D4366...
      -> Disabling key 81D7F8241DB38BC759C80FCE3A726C6170E80477...
      -> Disabling key 5E7585ADFF106BFFBBA319DC654B877A0864983E...
      -> Disabling key E7210A59715F6940CF9A4E36A001876699AD6E84...
      -> Disabling key F5A361A3A13554B85E57DDDAAF7EF7873CFD4BB6...
      -> Disabling key 9515D8A8EAB88E49BB65EDBCE6B456CAF15447D5...
      -> Disabling key 4A8B17E20B88ACA61860009B5CED81B7C2E5C0D2...
      -> Disabling key 0B20CA1931F5DA3A70D0F8D2EA6836E1AB441196...
      -> Disabling key 66BD74A036D522F51DD70A3C7F2A16726521E06D...
      -> Disabling key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
    ==> Updating trust database...
    gpg: next trustdb check due at 2017-10-20
    [[email protected] ~]$ sudo pkill haveged
    
    

    Any suggestions on what to do to fix this would be most welcome. Thanks!

  • @popey your systems last update was how long ago?

    gpg: WARNING: server ‘gpg-agent’ is older than us (2.1.20 < 2.1.21)

    but you can try install the keyring manual:

    sudo pacman -U /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz
    

    [updates once a week] = [90% less problems]
    [Li{u}n//u//{i}x] since 1988 - overcoming failure means success
    howto-install-antergos
    how to add system logs
    i3-wm#gnome-shell

  • Thanks for the help!

    It’s a VM used for testing software on Antergos. Looking at last it was last booted back in July, 4 weeks back. It’s not a primary machine, just one of 20 virtual machines I need for testing things for work. So waking it up every week (or more) is a bit of a chore. But I guess I am going to have to, because it breaks pretty much every time these days, which can be quite frustrating for a part time user.

    I ignored the gpg warning, because it was a warning :)

    Looks like your command worked:-

    [[email protected] ~]$ sudo pacman -S antergos-keyring
    [sudo] password for alan: 
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Download Size:   0.01 MiB
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] y
    :: Retrieving packages...
     antergos-keyring-20...    14.6 KiB   102K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: failed to commit transaction (invalid or corrupted package (PGP signature))
    Errors occurred, no packages were upgraded.
    [[email protected] ~]$ sudo pacman -U /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz
    loading packages...
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] y
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    (1/1) loading package files                        [######################] 100%
    (1/1) checking for file conflicts                  [######################] 100%
    (1/1) checking available disk space                [######################] 100%
    :: Processing package changes...
    (1/1) reinstalling antergos-keyring                [######################] 100%
    ==> Appending keys from antergos.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Locally signing trusted keys in keyring...
      -> Locally signing key 24B445614FAC071891EDCE49CDBD406AA1AA7A1D...
      -> Locally signing key D95436A2E18DA94A72B1A5E2AEA529BF122902E5...
      -> Locally signing key EC3B5CE8FE98DFDF51B705536D6DDA3D2A45C7B4...
    ==> Importing owner trust values...
    ==> Updating trust database...
    gpg: next trustdb check due at 2017-10-20
    :: Running post-transaction hooks...
    (1/1) Arming ConditionNeedsUpdate...
    [[email protected] ~]$ 
    

    However, it breaks again on the next one.

    ...
     xf86-video-vesa-2.3...    14.6 KiB  4.74M/s 00:00 [######################] 100%
     xorg-server-common-...    26.8 KiB  0.00B/s 00:00 [######################] 100%
     xorg-server-1.19.3-...  1302.5 KiB  3.49M/s 00:00 [######################] 100%
     hdf5-1.10.1-1-x86_64       2.9 MiB  5.62M/s 00:01 [######################] 100%
     netcdf-4.4.1.1-1-x86_64  471.0 KiB  5.48M/s 00:00 [######################] 100%
     qt5-styleplugins-5....   409.9 KiB  4.13M/s 00:00 [######################] 100%
     virtualbox-guest-dk...   568.3 KiB  5.39M/s 00:00 [######################] 100%
     virtualbox-guest-ut...  1232.2 KiB  5.73M/s 00:00 [######################] 100%
    (129/129) checking keys in keyring                 [######################] 100%
    (129/129) checking package integrity               [######################] 100%
    error: pamac: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/pamac-5.0.0-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] 
    

    Should I manually update gpg itself first?

    Edit: Yes, I did gnupg and pamac manually using the above method, and now pacman -Syu is running happily. Thanks again.

  • I’m glad it worked!

    [updates once a week] = [90% less problems]
    [Li{u}n//u//{i}x] since 1988 - overcoming failure means success
    howto-install-antergos
    how to add system logs
    i3-wm#gnome-shell

invalid9 signature8 corrupted7 pgp8 Posts 4Views 243
Log in to reply