On Tue, 6 Nov 2012 14:02:23 -0500 Dave Reisner <d@falconindy.com> wrote:
On Tue, Nov 06, 2012 at 01:50:01PM -0500, David Rosenstrauch wrote:
Saw these errors from pacman today, which are preventing me from upgrading some packages:
error: directfb: signature from "Eric Belanger <eric@archlinux.org>" is invalid error: xmms2: signature from "Sergej Pupykin <arch@sergej.pp.ru>" is invalid error: failed to commit transaction (invalid or corrupted package (PGP signature))
Anyone have an idea what's up?
DR
Nuke the packages from your cache, and redownload them. The error message is misleading -- the signatures are invalid FOR the packages, meaning the package data is not what the signature "expected".
The situation is much improved come pacman 4.1 -- we'll just prompt you to delete the package, much like we did historically when a package failed checksums.
d
A bit OT, but anyway... Are there any plans for actually storing *.sig files in the cache alongside the packages? This costs a tiny amount of space, but IMHO will make verification (especially of old packages) much easier. -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D