Hello Dave, You can get past this by typing pacman-key --recv-keys 76A5EF9054449A5C This will refresh Pierre Schmitz's key. You can check the key id at https://pierre-schmitz.com/about/gpg-keys/pierre-packager-key/ Merry Christmas! Frank On Sun, Dec 25, 2022 at 12:03 AM <arch-general-request@lists.archlinux.org> wrote:

Send Arch-general mailing list submissions to arch-general@lists.archlinux.org

To subscribe or unsubscribe via email, send a message with subject or body 'help' to arch-general-request@lists.archlinux.org

You can reach the person managing the list at arch-general-owner@lists.archlinux.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of Arch-general digest..."Today's Topics:

1. pacstrap complaining about corrupt package (David N Murray) 2. Re: pacstrap complaining about corrupt package (Mike Yuan)

---------- Forwarded message ---------- From: David N Murray <dmurray@jsbsystems.com> To: arch-general@lists.archlinux.org Cc: Bcc: Date: Sun, 25 Dec 2022 00:12:32 -0500 Subject: pacstrap complaining about corrupt package

Hi all,

Trying to install Arch on a new birthday/Christmas present. I'm manually copying this (abbreviated) because I can't figure out how to get the text off the new box:

# pacstrap /mnt linux linux-firmware base btrfs-progs intel-ucode nano iw [snipped the package list and stuff] :: Retrieving packages... openssl-3.0.7-4-x86_64 ... (126/126) checking keys in keyring (126/126) checking package integrity error: openssl: signature from "Pierre Schmitz <pierre@archlinux.org> <pierre@archlinux.org>" is marginal trust :: File /mnt/var/cache/pacman/pkg/openssl-3.0.7-4-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). [failure messages]

Things I've tried/checked: * clock on the new box has correct time * pacman -Syu from another machine. That pulled down a new archlinux-keyring and openssl-3.0.7-4 and it ran fine * new machine has same mirrorlist that worked with the pacman -Syu * commented out mirrorlist entries one-at-a-time to see if it was one mirror problem. 5 servers all give the same results.

The other 125 packages that were downloaded all passed the integrity check (I think).

Any suggestions?

TIA, Dave Murray

---------- Forwarded message ---------- From: Mike Yuan <me@yhndnzj.com> To: David N Murray <dmurray@jsbsystems.com> Cc: arch-general@lists.archlinux.org Bcc: Date: Sun, 25 Dec 2022 13:17:14 +0800 Subject: Re: pacstrap complaining about corrupt package The keyring shipped in the 2022.12.01 ISO is outdated. You’ll need to update it using `pacman -Sy archlinux-keyring` first before pacstrap-ping :)

Hi all,

...

Trying to install Arch on a new birthday/Christmas present. I'm manually copying this (abbreviated) because I can't figure out how to get the text off the new box:

# pacstrap /mnt linux linux-firmware base btrfs-progs intel-ucode nano iw [snipped the package list and stuff] :: Retrieving packages... openssl-3.0.7-4-x86_64 ... (126/126) checking keys in keyring (126/126) checking package integrity error: openssl: signature from "Pierre Schmitz <pierre@archlinux.org> <pierre@archlinux.org>" is marginal trust :: File /mnt/var/cache/pacman/pkg/openssl-3.0.7-4-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). [failure messages]

Things I've tried/checked: * clock on the new box has correct time * pacman -Syu from another machine. That pulled down a new archlinux-keyring and openssl-3.0.7-4 and it ran fine * new machine has same mirrorlist that worked with the pacman -Syu * commented out mirrorlist entries one-at-a-time to see if it was one mirror problem. 5 servers all give the same results.

The other 125 packages that were downloaded all passed the integrity check (I think).

Any suggestions?

TIA, Dave Murray

_______________________________________________

Arch-general mailing list -- arch-general@lists.archlinux.org To unsubscribe send an email to arch-general-leave@lists.archlinux.org