• invalid or corrupted package (PGP signature)


    Hello! I tried to update my Antergos system today. It barfed with the message above on one package, so I googled and found this post. Following the guide it gets as far as installing the antergos-keyring and fails:-

    [[email protected] ~]$ sudo pacman -S antergos-keyring
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Download Size:   0.01 MiB
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] 
    :: Retrieving packages...
     antergos-keyring-20...    14.6 KiB   610K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] 
    error: failed to commit transaction (invalid or corrupted package (PGP signature))
    Errors occurred, no packages were upgraded.
    [[email protected] ~]$ 
    

    Here’s the output from the previous commands, in case they’re useful to debug.

    [[email protected] ~]$ sudo pacman -Scc
    
    Cache directory: /var/cache/pacman/pkg/
    :: Do you want to remove ALL files from cache? [y/N] y
    removing all files from cache...
    
    Database directory: /var/lib/pacman/
    :: Do you want to remove unused repositories? [Y/n] y
    removing unused sync repositories...
    [[email protected] ~]$ sudo pacman -Syy
    :: Synchronising package databases...
     antergos                 158.1 KiB  1491K/s 00:00 [######################] 100%
     core                     124.8 KiB   960K/s 00:00 [######################] 100%
     extra                   1684.2 KiB  2.97M/s 00:01 [######################] 100%
     community                  4.0 MiB  4.86M/s 00:01 [######################] 100%
     multilib                 173.3 KiB  5.13M/s 00:00 [######################] 100%
    [[email protected] ~]$ sudo pacman -S haveged
    warning: haveged-1.9.1-3 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) haveged-1.9.1-3
    
    Total Download Size:   0.04 MiB
    Total Installed Size:  0.14 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] 
    :: Retrieving packages...
     haveged-1.9.1-3-x86_64    41.3 KiB   430K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    (1/1) loading package files                        [######################] 100%
    (1/1) checking for file conflicts                  [######################] 100%
    (1/1) checking available disk space                [######################] 100%
    :: Processing package changes...
    (1/1) reinstalling haveged                         [######################] 100%
    :: Running post-transaction hooks...
    (1/1) Arming ConditionNeedsUpdate...
    [[email protected] ~]$ sudo haveged -w 1024
    [[email protected] ~]$ sudo pacman-key --init
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    [[email protected] ~]$ sudo pacman-key --populate archlinux antergos
    ==> Appending keys from archlinux.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Appending keys from antergos.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Locally signing trusted keys in keyring...
      -> Locally signing key DDB867B92AA789C165EEFA799B729B06A680C281...
      -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
      -> Locally signing key 24B445614FAC071891EDCE49CDBD406AA1AA7A1D...
      -> Locally signing key D95436A2E18DA94A72B1A5E2AEA529BF122902E5...
      -> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
      -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
      -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
      -> Locally signing key EC3B5CE8FE98DFDF51B705536D6DDA3D2A45C7B4...
      -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
    ==> Importing owner trust values...
    ==> Disabling revoked keys in keyring...
      -> Disabling key 7FA647CD89891DEDC060287BB9113D1ED21E1A55...
      -> Disabling key D4DE5ABDE2A7287644EAC7E36D1A9E70E19DAA50...
      -> Disabling key 40440DC037C05620984379A6761FAD69BA06C6A9...
      -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
      -> Disabling key 63F395DE2D6398BBE458F281F2DBB4931985A992...
      -> Disabling key 8F76BEEA0289F9E1D3E229C05F946DED983D4366...
      -> Disabling key 81D7F8241DB38BC759C80FCE3A726C6170E80477...
      -> Disabling key 5E7585ADFF106BFFBBA319DC654B877A0864983E...
      -> Disabling key E7210A59715F6940CF9A4E36A001876699AD6E84...
      -> Disabling key F5A361A3A13554B85E57DDDAAF7EF7873CFD4BB6...
      -> Disabling key 9515D8A8EAB88E49BB65EDBCE6B456CAF15447D5...
      -> Disabling key 4A8B17E20B88ACA61860009B5CED81B7C2E5C0D2...
      -> Disabling key 0B20CA1931F5DA3A70D0F8D2EA6836E1AB441196...
      -> Disabling key 66BD74A036D522F51DD70A3C7F2A16726521E06D...
      -> Disabling key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
    ==> Updating trust database...
    gpg: next trustdb check due at 2017-10-20
    [[email protected] ~]$ sudo pkill haveged
    
    

    Any suggestions on what to do to fix this would be most welcome. Thanks!

  • @popey your systems last update was how long ago?

    gpg: WARNING: server ‘gpg-agent’ is older than us (2.1.20 < 2.1.21)

    but you can try install the keyring manual:

    sudo pacman -U /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz
    

    [updates once a week] = [90% less problems]
    http://gofccyourself.com
    my-blog#k
    how to add system logs
    i3 GNOME

  • Thanks for the help!

    It’s a VM used for testing software on Antergos. Looking at last it was last booted back in July, 4 weeks back. It’s not a primary machine, just one of 20 virtual machines I need for testing things for work. So waking it up every week (or more) is a bit of a chore. But I guess I am going to have to, because it breaks pretty much every time these days, which can be quite frustrating for a part time user.

    I ignored the gpg warning, because it was a warning 🙂

    Looks like your command worked:-

    [[email protected] ~]$ sudo pacman -S antergos-keyring
    [sudo] password for alan: 
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Download Size:   0.01 MiB
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] y
    :: Retrieving packages...
     antergos-keyring-20...    14.6 KiB   102K/s 00:00 [######################] 100%
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    error: antergos-keyring: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] n
    error: failed to commit transaction (invalid or corrupted package (PGP signature))
    Errors occurred, no packages were upgraded.
    [[email protected] ~]$ sudo pacman -U /var/cache/pacman/pkg/antergos-keyring-20170524-1-any.pkg.tar.xz
    loading packages...
    warning: antergos-keyring-20170524-1 is up to date -- reinstalling
    resolving dependencies...
    looking for conflicting packages...
    
    Packages (1) antergos-keyring-20170524-1
    
    Total Installed Size:  0.04 MiB
    Net Upgrade Size:      0.00 MiB
    
    :: Proceed with installation? [Y/n] y
    (1/1) checking keys in keyring                     [######################] 100%
    (1/1) checking package integrity                   [######################] 100%
    (1/1) loading package files                        [######################] 100%
    (1/1) checking for file conflicts                  [######################] 100%
    (1/1) checking available disk space                [######################] 100%
    :: Processing package changes...
    (1/1) reinstalling antergos-keyring                [######################] 100%
    ==> Appending keys from antergos.gpg...
    gpg: WARNING: server 'gpg-agent' is older than us (2.1.20 < 2.1.21)
    ==> Locally signing trusted keys in keyring...
      -> Locally signing key 24B445614FAC071891EDCE49CDBD406AA1AA7A1D...
      -> Locally signing key D95436A2E18DA94A72B1A5E2AEA529BF122902E5...
      -> Locally signing key EC3B5CE8FE98DFDF51B705536D6DDA3D2A45C7B4...
    ==> Importing owner trust values...
    ==> Updating trust database...
    gpg: next trustdb check due at 2017-10-20
    :: Running post-transaction hooks...
    (1/1) Arming ConditionNeedsUpdate...
    [[email protected] ~]$ 
    

    However, it breaks again on the next one.

    ...
     xf86-video-vesa-2.3...    14.6 KiB  4.74M/s 00:00 [######################] 100%
     xorg-server-common-...    26.8 KiB  0.00B/s 00:00 [######################] 100%
     xorg-server-1.19.3-...  1302.5 KiB  3.49M/s 00:00 [######################] 100%
     hdf5-1.10.1-1-x86_64       2.9 MiB  5.62M/s 00:01 [######################] 100%
     netcdf-4.4.1.1-1-x86_64  471.0 KiB  5.48M/s 00:00 [######################] 100%
     qt5-styleplugins-5....   409.9 KiB  4.13M/s 00:00 [######################] 100%
     virtualbox-guest-dk...   568.3 KiB  5.39M/s 00:00 [######################] 100%
     virtualbox-guest-ut...  1232.2 KiB  5.73M/s 00:00 [######################] 100%
    (129/129) checking keys in keyring                 [######################] 100%
    (129/129) checking package integrity               [######################] 100%
    error: pamac: signature from "Antergos Build Server (Automated Package Build System) <[email protected]>" is marginal trust
    :: File /var/cache/pacman/pkg/pamac-5.0.0-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
    Do you want to delete it? [Y/n] 
    

    Should I manually update gpg itself first?

    Edit: Yes, I did gnupg and pamac manually using the above method, and now pacman -Syu is running happily. Thanks again.

  • I’m glad it worked!

    [updates once a week] = [90% less problems]
    http://gofccyourself.com
    my-blog#k
    how to add system logs
    i3 GNOME

invalid11 signature10 pgp10 corrupted7 Posts 4Views 547
Log in to reply
Bloom Email Optin Plugin

Looks like your connection to Antergos Community Forum was lost, please wait while we try to reconnect.