signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust #1

New Issue

Closed

opened 2023-05-04 12:48:11 +02:00 by BarbUk · 47 comments

BarbUk commented 2023-05-04 12:48:11 +02:00

Copy Link

Hi,

The gpg key expire today:

pub   rsa4096 2021-05-04 [SC] [expired: 2023-05-04]
      2E3B2B05A332A7DB9019797848998B4039BED1CA
uid           [ expired] Giovanni Harting <g.harting@mailstash.org>

This produce the following error with pacman --sync:

error: core-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))

Hi, The gpg key expire today: ```bash pub rsa4096 2021-05-04 [SC] [expired: 2023-05-04] 2E3B2B05A332A7DB9019797848998B4039BED1CA uid [ expired] Giovanni Harting <g.harting@mailstash.org> ``` This produce the following error with `pacman --sync`: ```bash error: core-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) error: database 'community-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) ```

anonfunc commented 2023-05-04 14:10:06 +02:00

Owner

Copy Link

Must have missed the date. I have updated the keyring, should be fixed with 20230504-1

Must have missed the date. I have updated the keyring, should be fixed with `20230504-1`

anonfunc added the

bug

label 2023-05-04 14:10:57 +02:00

BarbUk commented 2023-05-04 14:36:23 +02:00

Author

Copy Link

There is an error in the PKGBUILD:

PKGBUILD: line 17: cd: alhp-keyring: No such file or directory
==> ERROR: A failure occurred in package().
    Aborting...
 -> error making: alhp-keyring-exit status 4
 -> Failed to install the following packages. Manual intervention is required:
alhp-keyring - exit status 4

This patch fix it:

diff --git a/PKGBUILD b/PKGBUILD
index e6e5dc7..9d9a473 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -14,6 +14,6 @@ b2sums=('14ea5ad83c3a98b7369e619b05a331a16e173108df763698bdbc1bd3e845c3955e7ec76
 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA')  # Giovanni Harting <g.harting@mailstash.org>
 
 package() {
-  cd $pkgname
+  cd $pkgname-$pkgver
   make PREFIX=/usr DESTDIR="$pkgdir" install
 }

I can install it after commenting alhp entry in /etc/pacman.conf but still got an error after:

==> Retrieving sources...
 -> Found alhp-keyring-20230504.tar.gz
 -> Found alhp-keyring-20230504.tar.gz.sig
==> Validating source files with b2sums...
   alhp-keyring-20230504.tar.gz ... FAILED
   alhp-keyring-20230504.tar.gz.sig ... Skipped
==> ERROR: One or more files did not pass the validity check!
-> error making: alhp-keyring-exit status 1

There is an error in the `PKGBUILD`: ```bash PKGBUILD: line 17: cd: alhp-keyring: No such file or directory ==> ERROR: A failure occurred in package(). Aborting... -> error making: alhp-keyring-exit status 4 -> Failed to install the following packages. Manual intervention is required: alhp-keyring - exit status 4 ``` This patch fix it: ```patch diff --git a/PKGBUILD b/PKGBUILD index e6e5dc7..9d9a473 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -14,6 +14,6 @@ b2sums=('14ea5ad83c3a98b7369e619b05a331a16e173108df763698bdbc1bd3e845c3955e7ec76 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA') # Giovanni Harting <g.harting@mailstash.org> package() { - cd $pkgname + cd $pkgname-$pkgver make PREFIX=/usr DESTDIR="$pkgdir" install } ``` I can install it after commenting alhp entry in `/etc/pacman.conf` but still got an error after: ```bash ==> Retrieving sources... -> Found alhp-keyring-20230504.tar.gz -> Found alhp-keyring-20230504.tar.gz.sig ==> Validating source files with b2sums... alhp-keyring-20230504.tar.gz ... FAILED alhp-keyring-20230504.tar.gz.sig ... Skipped ==> ERROR: One or more files did not pass the validity check! -> error making: alhp-keyring-exit status 1 ```

anonfunc commented 2023-05-04 15:32:05 +02:00

Owner

Copy Link

I already fixed that one. Was just me uploading the wrong version of file. Just have to figure out why the extended key is unknown trust now.

I already fixed that one. Was just me uploading the wrong version of file. Just have to figure out why the extended key is unknown trust now.

BarbUk commented 2023-05-04 15:38:07 +02:00

Author

Copy Link

This is just the b2sum in the pkgbuild no ?

❯ makepkg -g
==> Retrieving sources...
  -> Found alhp-keyring-20230504.tar.gz
  -> Found alhp-keyring-20230504.tar.gz.sig
==> Generating checksums for source files...
b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51'
        'SKIP')

diff --git a/PKGBUILD b/PKGBUILD
index c37a5bb..7e7bbb2 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -9,8 +9,9 @@ url='https://somegit.dev/ALHP/alhp-keyring'
 license=(GPL)
 install=$pkgname.install
 source=(https://f.alhp.dev/$pkgname/${pkgname}-${pkgver}.tar.gz{,.sig})
-b2sums=('5420e30f8d1749ef6f247b0a0c1dc2b3b6b8ced5b3d9c26a8285c22fb1d76936503ed38cfc4c187b295e6cd3b1f88bcf8bbbd1c3f4843337f1ea69033957ce05'
+b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51'
         'SKIP')
+
 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA')  # Giovanni Harting <g.harting@mailstash.org>
 
 package() {

EDIT:

But still the same issue:

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust

This is just the b2sum in the pkgbuild no ? ```bash ❯ makepkg -g ==> Retrieving sources... -> Found alhp-keyring-20230504.tar.gz -> Found alhp-keyring-20230504.tar.gz.sig ==> Generating checksums for source files... b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51' 'SKIP') ``` ```patch diff --git a/PKGBUILD b/PKGBUILD index c37a5bb..7e7bbb2 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -9,8 +9,9 @@ url='https://somegit.dev/ALHP/alhp-keyring' license=(GPL) install=$pkgname.install source=(https://f.alhp.dev/$pkgname/${pkgname}-${pkgver}.tar.gz{,.sig}) -b2sums=('5420e30f8d1749ef6f247b0a0c1dc2b3b6b8ced5b3d9c26a8285c22fb1d76936503ed38cfc4c187b295e6cd3b1f88bcf8bbbd1c3f4843337f1ea69033957ce05' +b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51' 'SKIP') + validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA') # Giovanni Harting <g.harting@mailstash.org> package() { ``` *EDIT*: But still the same issue: ```bash error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust ```

anonfunc commented 2023-05-04 15:47:27 +02:00

Owner

Copy Link

EDIT:

But still the same issue:

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust

This is what I meant with

Just have to figure out why the extended key is unknown trust now.

PGP can be confusing sometimes, since this key should have a chain of trust from the master.

EDIT: Seems it was the update-keys script not refreshing the keys correctly.

> *EDIT*: > > But still the same issue: > > ```bash > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > ``` This is what I meant with > Just have to figure out why the extended key is unknown trust now. PGP can be confusing sometimes, since this key should have a chain of trust from the master. *EDIT*: Seems it was the update-keys script not refreshing the keys correctly.

anonfunc commented 2023-05-04 16:00:34 +02:00

Owner

Copy Link

Can you try again with 20230504-4? Btw: If you get validation errors, let yay or whatever you are using clean-build, or if you build manually, issue an git clean -xdf

Can you try again with `20230504-4`? Btw: If you get validation errors, let `yay` or whatever you are using clean-build, or if you build manually, issue an `git clean -xdf`

Stebalien commented 2023-05-04 17:49:02 +02:00

Copy Link

Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug.

Deleting `/etc/pacman.d/gnupg/` then running `pacman-key --init` and `pacman-key --populate` seems to fix it. So this looks like an upstream bug.

👍 3

anonfunc referenced this issue from ALHP/ALHP.GO 2023-05-04 18:38:00 +02:00

GPG verification somehow broke #179

BarbUk commented 2023-05-04 18:43:15 +02:00

Author

Copy Link

Can you try again with 20230504-4?

Still the same issue.

Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug.

This fix the issue, thanks.

> Can you try again with 20230504-4? Still the same issue. > Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug. This fix the issue, thanks.

anonfunc commented 2023-05-04 21:15:38 +02:00

Owner

Copy Link

Only refreshing the packager key with

pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298

also seems to do the trick if anyone runs into unknown trust after updating the keyring.

Another here mentioned method:

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Only refreshing the packager key with ``` pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 ``` also seems to do the trick if anyone runs into unknown trust after updating the keyring. Another here mentioned method: ``` rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

gladykov commented 2023-05-04 22:10:57 +02:00

Copy Link

Had to remove alhp-keyring before cleaning everything

Had to remove alhp-keyring before cleaning everything

Ghost commented 2023-05-04 23:15:13 +02:00

Copy Link

doing sudo pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 gives:

gpg: error retrieving 'cie@harting.dev' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Idk if this is just my problem.

Removing / Moving /etc/pacman.d/gnupg and doing pacman-key --init && pacman-key --populate works without problems

doing `sudo pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298` gives: ``` gpg: error retrieving 'cie@harting.dev' via WKD: No data gpg: error reading key: No data gpg: refreshing 1 key from hkps://keyserver.ubuntu.com gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 ``` Idk if this is just my problem. Removing / Moving `/etc/pacman.d/gnupg` and doing `pacman-key --init && pacman-key --populate` works without problems

pega2k commented 2023-05-05 20:55:24 +02:00

Copy Link

Hi,

Can you try again with 20230504-4? Btw: If you get validation errors, let yay or whatever you are using clean-build, or if you build manually, issue an git clean -xdf

Deleting the *.gz and *.sign and making a clean build with makepkg -Ci to download again the needed files resolved this for me.

Thanks

Hi, > Can you try again with `20230504-4`? Btw: If you get validation errors, let `yay` or whatever you are using clean-build, or if you build manually, issue an `git clean -xdf` > Deleting the *.gz and *.sign and making a clean build with `makepkg -Ci` to download again the needed files resolved this for me. Thanks

t0kieu commented 2023-05-07 22:50:44 +02:00

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

Hi, for me is not resolved issue, I sill has that error: ```bash ==> Installing package alhp-keyring with pacman -U... error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) loading packages... error: failed to prepare transaction (invalid or corrupted database) ==> WARNING: Failed to install built package(s). ```

anonfunc commented 2023-05-07 22:53:43 +02:00

Owner

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

What exactly did you try?

> Hi, for me is not resolved issue, I sill has that error: > > ```bash > ==> Installing package alhp-keyring with pacman -U... > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > loading packages... > error: failed to prepare transaction (invalid or corrupted database) > ==> WARNING: Failed to install built package(s). > ``` What exactly did you try?

Ghost commented 2023-05-07 22:56:46 +02:00

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

To fix this, at least for me, i changed the SigLevel = <whatever> (in /etc/pacman.conf) to SigLevel = Never, installed the packages and then put the SigLevel back to the default values

> Hi, for me is not resolved issue, I sill has that error: > > ```bash > ==> Installing package alhp-keyring with pacman -U... > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > loading packages... > error: failed to prepare transaction (invalid or corrupted database) > ==> WARNING: Failed to install built package(s). > ``` To fix this, at least for me, i changed the `SigLevel = <whatever>` (in `/etc/pacman.conf`) to `SigLevel = Never`, installed the packages and then put the `SigLevel` back to the default values

t0kieu commented 2023-05-07 22:58:20 +02:00

Copy Link

Manually build package alhp-keyring by command makepkg -Ci and then install it.
The same error is occured while updating packages.

Manually build package `alhp-keyring` by command `makepkg -Ci` and then install it. The same error is occured while updating packages.

anonfunc commented 2023-05-07 23:07:12 +02:00

Owner

Copy Link

Have you tried this?

Another here mentioned method:

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Have you tried this? > Another here mentioned method: > > ``` > rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

t0kieu commented 2023-05-07 23:16:52 +02:00

Copy Link

Yes, I first did cleanup in /etc/pacman.d/gnupg/ by your command sequence mentioned above, then I tried build a new one package and problem still exists.

@Fijxu I don't prefer disable security checks :( by disabling SigLevel. I hope there exists some way how to resolve that problem by secure way.

Yes, I first did cleanup in `/etc/pacman.d/gnupg/` by your command sequence mentioned above, then I tried build a new one package and problem still exists. @Fijxu I don't prefer disable security checks :( by disabling `SigLevel`. I hope there exists some way how to resolve that problem by secure way.

Ghost commented 2023-05-07 23:25:49 +02:00

Copy Link

Yes, I first did cleanup in /etc/pacman.d/gnupg/ by your command sequence mentioned above, then I tried build a new one package and problem still exists.

@Fijxu I don't prefer disable security checks :( by disabling SigLevel. I hope there exists some way how to resolve that problem by secure way.

You can disable them temporally just to install that package, then reenable it again obviously.

> Yes, I first did cleanup in `/etc/pacman.d/gnupg/` by your command sequence mentioned above, then I tried build a new one package and problem still exists. > > @Fijxu I don't prefer disable security checks :( by disabling `SigLevel`. I hope there exists some way how to resolve that problem by secure way. You can disable them temporally just to install that package, then reenable it again obviously.

👍 1

DexterHaxxor commented 2023-07-16 17:41:21 +02:00

Copy Link

Happening to me right now:

# sudo pacman -Syyu
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
:: Synchronising package databases...
 core-x86-64-v2                                                 157.6 KiB  1313 KiB/s 00:00 [######################################################] 100%
 extra-x86-64-v2                                                  4.7 MiB  5.90 MiB/s 00:01 [######################################################] 100%
 core                                                           131.0 KiB  1617 KiB/s 00:00 [######################################################] 100%
 extra                                                            8.3 MiB  6.15 MiB/s 00:01 [######################################################] 100%
 multilib-x86-64-v2                                             186.4 KiB  1381 KiB/s 00:00 [######################################################] 100%
 multilib                                                       140.7 KiB   531 KiB/s 00:00 [######################################################] 100%
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
error: failed to synchronize all databases (unexpected error)

Might be related? Only has an issue with extra-x86_64-v2, though.

Happening to me right now: ``` # sudo pacman -Syyu error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid :: Synchronising package databases... core-x86-64-v2 157.6 KiB 1313 KiB/s 00:00 [######################################################] 100% extra-x86-64-v2 4.7 MiB 5.90 MiB/s 00:01 [######################################################] 100% core 131.0 KiB 1617 KiB/s 00:00 [######################################################] 100% extra 8.3 MiB 6.15 MiB/s 00:01 [######################################################] 100% multilib-x86-64-v2 186.4 KiB 1381 KiB/s 00:00 [######################################################] 100% multilib 140.7 KiB 531 KiB/s 00:00 [######################################################] 100% error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid error: failed to synchronize all databases (unexpected error) ``` Might be related? Only has an issue with extra-x86_64-v2, though.

anonfunc commented 2023-07-16 19:17:14 +02:00

Owner

Copy Link

@DexterHaxxor This was actually the same as https://aur.archlinux.org/packages/alhp-keyring#comment-924652. I assumed it was only affecting v3. Fixed v2 just now.

@DexterHaxxor This was actually the same as https://aur.archlinux.org/packages/alhp-keyring#comment-924652. I assumed it was only affecting v3. Fixed v2 just now.

Samisafool commented 2023-11-22 14:39:53 +01:00

Copy Link

Hi. This has once again happened. Same error as original issue on v3

Hi. This has once again happened. Same error as original issue on v3

anonfunc commented 2023-11-24 12:18:40 +01:00

Owner

Copy Link

Hi, sorry to get back to you so late. Is this still happening? What mirror are you using?

Hi, sorry to get back to you so late. Is this still happening? What mirror are you using?

Samisafool commented 2023-11-24 17:10:47 +01:00

Copy Link

My mirrorlist is default:

───────┬────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
       │ File: /etc/pacman.d/alhp-mirrorlist
───────┼────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
   1   │ ##
   2   │ ## ALHP repository mirrorlist
   3   │ ## Updated on 2023-08-31
   4   │ ## https://somegit.dev/ALHP/alhp-mirrorlist
   5   │ ##
   6   │ ## There is an IPFS mirror available.
   7   │ ## Setup instructions in /etc/pacman.d/alhp-mirrorlist.ipfs.
   8   │ ##
   9   │ 
  10   │ ## Worldwide (Cloudfare)
  11   │ Server = https://alhp.krautflare.de/$repo/os/$arch/
  12   │ 
  13   │ ## Europe
  14   │ Server = https://mirror.sunred.org/alhp/$repo/os/$arch/
  15   │ Server = https://alhp.nox.panibrez.com/$repo/os/$arch/
  16   │ Server = https://alhp.dev/$repo/os/$arch/
  17   │ 
  18   │ ## Asia
  19   │ Server = https://mirrors.shanghaitech.edu.cn/alhp/$repo/os/$arch/
───────┴────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

This is definitely still happening.

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: multilib-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'multilib-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))

My mirrorlist is default: ``` ───────┬──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── │ File: /etc/pacman.d/alhp-mirrorlist ───────┼──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ ## 2 │ ## ALHP repository mirrorlist 3 │ ## Updated on 2023-08-31 4 │ ## https://somegit.dev/ALHP/alhp-mirrorlist 5 │ ## 6 │ ## There is an IPFS mirror available. 7 │ ## Setup instructions in /etc/pacman.d/alhp-mirrorlist.ipfs. 8 │ ## 9 │ 10 │ ## Worldwide (Cloudfare) 11 │ Server = https://alhp.krautflare.de/$repo/os/$arch/ 12 │ 13 │ ## Europe 14 │ Server = https://mirror.sunred.org/alhp/$repo/os/$arch/ 15 │ Server = https://alhp.nox.panibrez.com/$repo/os/$arch/ 16 │ Server = https://alhp.dev/$repo/os/$arch/ 17 │ 18 │ ## Asia 19 │ Server = https://mirrors.shanghaitech.edu.cn/alhp/$repo/os/$arch/ ───────┴──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── ``` This is definitely still happening. ``` error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: multilib-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'multilib-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) ```

anonfunc commented 2023-11-24 17:27:08 +01:00

Owner

Copy Link

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Have you tried this? I'm not able to reproduce this here with a fresh install (or with a older one for that matter).

> ``` > rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate Have you tried this? I'm not able to reproduce this here with a fresh install (or with a older one for that matter).

Samisafool commented 2023-11-25 11:48:53 +01:00

Copy Link

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

anonfunc commented 2023-11-27 16:43:24 +01:00

Owner

Copy Link

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

It's listed somewhere in this thread. I'll add this to the FAQ.

> Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it It's listed somewhere in this thread. I'll add this to the FAQ.

sv8Wl1 commented 2023-12-17 10:27:35 +01:00

Copy Link

I am having the same issue and cant seem to fix it.

1. rm -rf /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate didn't work
2. pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 didn't work

error mess:
:: keys need to be imported: 2E3B2B05A332A7DB9019797848998B4039BED1CA wanted by: alhp-keyring-20230504-4 :: import? [Y/n]: y gpg: keyserver receive failed: Server indicated a failure error: failed to run: gpg --recv-keys 2E3B2B05A332A7DB9019797848998B4039BED1CA:

I am having the same issue and cant seem to fix it. 1. `rm -rf /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate` didn't work 2. `pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298` didn't work **error mess:** `:: keys need to be imported: 2E3B2B05A332A7DB9019797848998B4039BED1CA wanted by: alhp-keyring-20230504-4 :: import? [Y/n]: y gpg: keyserver receive failed: Server indicated a failure error: failed to run: gpg --recv-keys 2E3B2B05A332A7DB9019797848998B4039BED1CA:`

anonfunc commented 2023-12-17 15:22:52 +01:00

Owner

Copy Link

@sv8Wl1 You have alhp-keyring installed I presume?

@sv8Wl1 You have `alhp-keyring` installed I presume?

sv8Wl1v2 commented 2023-12-17 22:40:47 +01:00

Copy Link

@sv8Wl1 You have alhp-keyring installed I presume?

no, i was trying to install it.

> @sv8Wl1 You have `alhp-keyring` installed I presume? no, i was trying to install it.

anonfunc commented 2023-12-17 22:44:55 +01:00

Owner

Copy Link

You need to install the keyring before you insert any of ALHP's repo into pacman.conf.

You need to install the keyring **before** you insert any of ALHP's repo into `pacman.conf`.

sv8Wl1v2 commented 2023-12-17 22:54:21 +01:00

Copy Link

You need to install the keyring before you insert any of ALHP's repo into pacman.conf.

Yes, I was following the official guide

> You need to install the keyring **before** you insert any of ALHP's repo into `pacman.conf`. Yes, I was following the [official guide ](https://somegit.dev/ALHP/ALHP.GO#2-install-keyring--mirrorlist)

alhp.png

85 KiB

anonfunc commented 2023-12-17 22:59:37 +01:00

Owner

Copy Link

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your /etc/resolv.conf contain valid entries?

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your `/etc/resolv.conf` contain valid entries?

sv8Wl1v2 commented 2023-12-17 23:06:32 +01:00

Copy Link

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your /etc/resolv.conf contain valid entries?

Yup, that fixed it, it was systemd-resloved, i forgot to configure my reslov.conf.

Thank you.

The command I used if anyone needs it, but only if you are using Arch with systemd-resloved.
# ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

> Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your `/etc/resolv.conf` contain valid entries? Yup, that [fixed](https://wiki.archlinux.org/title/Systemd-resolved#DNS) it, it was systemd-resloved, i forgot to configure my reslov.conf. Thank you. The command I used if anyone needs it, but only if you are using Arch with **systemd-resloved**. `# ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`

sibwase commented 2024-05-13 20:07:58 +02:00

Copy Link

@anonfunc i've got an issue while trying to update my packages from v4 repo: extra-x86-64-v4: подпись от "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" некорректна. It says that signature is incorrect
How can I fix it?

@anonfunc i've got an issue while trying to update my packages from v4 repo: `extra-x86-64-v4: подпись от "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" некорректна`. It says that signature is incorrect How can I fix it?

anonfunc commented 2024-05-13 20:12:28 +02:00

Owner

Copy Link

@sibwase Is your alhp-keyring package up-to-date?

@sibwase Is your `alhp-keyring` package up-to-date?

sibwase commented 2024-05-13 20:14:04 +02:00

Copy Link

@sibwase Is your alhp-keyring package up-to-date?

if the latest version is alhp-keyring-20240426-2 then yes

> @sibwase Is your `alhp-keyring` package up-to-date? if the latest version is `alhp-keyring-20240426-2` then yes

anonfunc commented 2024-05-13 20:24:36 +02:00

Owner

Copy Link

Seems to be only affecting v4. See ALHP/ALHP.GO#245.

Seems to be only affecting v4. See https://somegit.dev/ALHP/ALHP.GO/issues/245.

👍 1

anonfunc commented 2024-05-28 19:49:42 +02:00

Owner

Copy Link

I think this years key extension went well, in contrast to last years :) I'll close this issue, please open a new one if you encounter any problems.

I think this years key extension went well, in contrast to last years :) I'll close this issue, please open a new one if you encounter any problems.

anonfunc closed this issue 2024-05-28 19:49:42 +02:00

incognico commented 2024-07-24 14:43:34 +02:00

Copy Link

Weird, haven't updated in a while but not I face a similar issue.

gpg: error retrieving 'cie@harting.dev' via WKD: No fingerprint
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'g.harting@mailstash.org' via WKD: General error
gpg: error reading key: General error
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 48998B4039BED1CA: "Giovanni Harting <g.harting@mailstash.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
root@contrite:~ # pacman -Suy
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
:: Synchronizing package databases...
 core-x86-64-v3                                                                                                                                                  79.7 KiB  9.73 MiB/s 00:00 [#####################################################################################################################] 100%
 extra-x86-64-v3                                                                                                                                               1027.9 KiB   112 MiB/s 00:00 [#####################################################################################################################] 100%
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: failed to synchronize all databases (unexpected error)

I've tried every single solution posted here, even in various orders but nothing helps. alhp-keyring-20240426-2 is installed, tried pacman-key refresh, also init+populate, tried receiving it manually, even imported alhp.gpg manually. Still the same problem. 🤔

Weird, haven't updated in a while but not I face a similar issue. ``` gpg: error retrieving 'cie@harting.dev' via WKD: No fingerprint gpg: refreshing 1 key from hkps://keyserver.ubuntu.com gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: error retrieving 'g.harting@mailstash.org' via WKD: General error gpg: error reading key: General error gpg: refreshing 1 key from hkps://keyserver.ubuntu.com gpg: key 48998B4039BED1CA: "Giovanni Harting <g.harting@mailstash.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 root@contrite:~ # pacman -Suy error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust :: Synchronizing package databases... core-x86-64-v3 79.7 KiB 9.73 MiB/s 00:00 [#####################################################################################################################] 100% extra-x86-64-v3 1027.9 KiB 112 MiB/s 00:00 [#####################################################################################################################] 100% core is up to date extra is up to date community is up to date multilib is up to date error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: failed to synchronize all databases (unexpected error) ``` I've tried every single solution posted here, even in various orders but nothing helps. alhp-keyring-20240426-2 is installed, tried pacman-key refresh, also init+populate, tried receiving it manually, even imported alhp.gpg manually. Still the same problem. 🤔

anonfunc commented 2024-07-24 20:03:25 +02:00

Owner

Copy Link

What mirror do you use?

Can you paste pacman-key -l cie@harting.dev?

What mirror do you use? Can you paste `pacman-key -l cie@harting.dev`?

incognico commented 2024-07-29 14:34:04 +02:00

Copy Link

As I am a mirror myself, I use local files with a file:/// scheme.

pub   rsa4096 2020-08-12 [SC] [expires: 2026-04-24]
      0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298
uid           [ unknown] Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>

As I am a mirror myself, I use local files with a file:/// scheme. ``` pub rsa4096 2020-08-12 [SC] [expires: 2026-04-24] 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 uid [ unknown] Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev> ```

mihalycsaba commented 2024-10-07 18:55:48 +02:00

Copy Link

Happened to me to, tried the clean up command, didn't help. Is it safe to put SigLevel = Never?

[root@csaba-mini csaba]# rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/6373641437E7F93AF10072DE37C311D213B6B962.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
==> Appending keys from alhp.gpg...
==> Appending keys from archlinux.gpg...
==> Appending keys from endeavouros.gpg...
==> Locally signing trusted keys in keyring...
  -> Locally signed 13 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 5
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
  -> Disabled 45 keys.
==> Updating trust database...
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: (use option "--allow-weak-key-signatures" to override)
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:  13  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:  13  signed: 102  trust: 0-, 0q, 0n, 12m, 1f, 0u
gpg: depth: 2  valid:  78  signed:  22  trust: 78-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2024-11-09
[root@csaba-mini csaba]# yay
 -> Avoid running yay as root/sudo.
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
:: Synchronizing package databases...
 endeavouros is up to date
 core-x86-64-v3 is up to date
 extra-x86-64-v3                                                                                                                       1058.2 KiB  1721 KiB/s 00:01 [-----------------------------------------------------------------------------------------------------] 100%
 multilib-x86-64-v3 is up to date
 core is up to date
 extra is up to date
 multilib is up to date
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
error: failed to synchronize all databases (unexpected error)
 -> error refreshing databases - exit status 1

Happened to me to, tried the clean up command, didn't help. Is it safe to put `SigLevel = Never`? ``` [root@csaba-mini csaba]# rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created gpg: no ultimately trusted keys found gpg: starting migration from earlier GnuPG versions gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent gpg: migration succeeded ==> Generating pacman master key. This may take some time. gpg: Generating pacman keyring master key... gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/6373641437E7F93AF10072DE37C311D213B6B962.rev' gpg: Done ==> Updating trust database... gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u ==> Appending keys from alhp.gpg... ==> Appending keys from archlinux.gpg... ==> Appending keys from endeavouros.gpg... ==> Locally signing trusted keys in keyring... -> Locally signed 13 keys. ==> Importing owner trust values... gpg: setting ownertrust to 5 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: inserting ownertrust of 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 gpg: setting ownertrust to 4 ==> Disabling revoked keys in keyring... -> Disabled 45 keys. ==> Updating trust database... gpg: Note: third-party key signatures using the SHA1 algorithm are rejected gpg: (use option "--allow-weak-key-signatures" to override) gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 13 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: depth: 1 valid: 13 signed: 102 trust: 0-, 0q, 0n, 12m, 1f, 0u gpg: depth: 2 valid: 78 signed: 22 trust: 78-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2024-11-09 [root@csaba-mini csaba]# yay -> Avoid running yay as root/sudo. error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid :: Synchronizing package databases... endeavouros is up to date core-x86-64-v3 is up to date extra-x86-64-v3 1058.2 KiB 1721 KiB/s 00:01 [-----------------------------------------------------------------------------------------------------] 100% multilib-x86-64-v3 is up to date core is up to date extra is up to date multilib is up to date error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid error: failed to synchronize all databases (unexpected error) -> error refreshing databases - exit status 1 ```

anonfunc commented 2024-10-07 20:50:31 +02:00

Owner

Copy Link

@mihalycsaba You seem to have a different problem, have a look at #4.

@mihalycsaba You seem to have a different problem, have a look at https://somegit.dev/ALHP/alhp-keyring/issues/4.

incognico commented 2024-10-09 15:24:06 +02:00

Copy Link

I fixed my problem by temporarily setting SigLevel to Never and installing alhp-keyring with makepkgs '--skippgpcheck' option. Every other method did not work for me.

I fixed my problem by temporarily setting SigLevel to Never and installing alhp-keyring with makepkgs '--skippgpcheck' option. Every other method did not work for me.

gladykov commented 2024-10-09 15:51:30 +02:00

Copy Link

I fixed my problem by temporarily setting SigLevel to Never and installing alhp-keyring with makepkgs '--skippgpcheck' option. Every other method did not work for me.

@incognico This is does not feel like a sane solution, because you just temporarily disabled security measure. You make yourself open to a problem.

Look on my output of pacman-key -l cie@harting.dev

gpg: Note: trustdb not writable
pub   rsa4096 2020-08-12 [SC] [expires: 2026-04-24]
      0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298
uid           [  full  ] Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>

Take a look on my uuid - it is full, while yours is unknown. You say you are a mirror yourself. So is your errors coming from configuration of this repo or from yor local mirror config? If your local config then you should fix it on your local.

> I fixed my problem by temporarily setting SigLevel to Never and installing alhp-keyring with makepkgs '--skippgpcheck' option. Every other method did not work for me. @incognico This is does not feel like a sane solution, because you just temporarily disabled security measure. You make yourself open to a problem. Look on my output of `pacman-key -l cie@harting.dev` ``` gpg: Note: trustdb not writable pub rsa4096 2020-08-12 [SC] [expires: 2026-04-24] 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 uid [ full ] Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev> ``` Take a look on my `uuid` - it is `full`, while yours is `unknown`. You say you are a mirror yourself. So is your errors coming from configuration of this repo or from yor local mirror config? If your local config then you should fix it on your local.

markschultz commented 2025-04-02 06:53:44 +02:00

Copy Link

FYI getting this error again since ~30 minutes ago. potentially related to the recent change to the master key?
edit: nvm, see here

FYI getting this error again since ~30 minutes ago. potentially related to the recent change to the master key? edit: nvm, see [here](https://somegit.dev/ALHP/ALHP.GO/issues/274)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

20250509

20250401

20230504

20220522

20211125

Labels

Clear labels

bug

Something is not working

duplicate

This issue or pull request already exists

enhancement

New feature

help wanted

Need some help

invalid

Something is wrong

question

More information is needed

wontfix

This won't be fixed

No Label

bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

anonfunc

No Assignees

15 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: ALHP/alhp-keyring#1

No description provided.