[arch-general] Resetting pacman-key Still Asks to Import.

Lone_Wolf lonewolf at xs4all.nl
Sun Oct 27 12:23:35 UTC 2019 

On 27-10-2019 12:14, Ralph Corderoy wrote:
> Hi,
>
> I have an Arch Linux laptop that hasn't been updated in a long time,
> mainly because it started to lock-up after a few minutes uptime,
> requiring a power cycle.  I'm now trying to update all its packages in
> the hope the lock-ups have gone, and if not to have a more modern base
> for diagnosis.
>
> A ‘pacman -Syuw’ took a few goes but signature checking had problems, as
> did trying to update signatures.  I resorted to
> https://wiki.archlinux.org/index.php/Pacman/Package_signing#Resetting_all_the_keys
> that appeared to succeed.
>
> The next attempt at ‘pacman -Syuw’ gets to
>
>      Total Download Size:  0.00 MiB
>
>      :: Proceed with download? [Y/n]
>      (250/250) checking keys in keyring     [#############################################################################] 100%
>      downloading required keys...
>      :: Import PGP key 2048R/02FD1C7A934E614545849F19A6234074498E9CEE, "Christian Hesse (Arch Linux Package Signing) <arch at eworm.de>", created: 2011-08-12? [Y/n]
>      (250/250) checking package integrity                                                                                           [#############################################################################] 100%
>      error: dav1d: signature from "Levente Polyak (anthraxx) <levente at leventepolyak.net>" is invalid
>      :: File /var/cache/pacman/pkg/dav1d-0.4.0-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
>      Do you want to delete it? [Y/n] y
>      error: libpulse: signature from "Jan Alexander Steffens (heftig) <jan.steffens at gmail.com>" is invalid
>      :: File /var/cache/pacman/pkg/libpulse-13.0-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
>      Do you want to delete it? [Y/n]
>
> This looks very similar to where I've been before.  The next attempt to
> download those, now deleted, packages does no better.  I'm going to
> https://wiki.archlinux.org/index.php/Pacman/Package_signing#Disabling_signature_checking
> but would still like to understand what I should attempt instead.
>
The keys that are invalid are probably keys that are not in your 
archlinux-keyring.

I suggest you use 
https://wiki.archlinux.org/index.php/Arch_Linux_Archive to update in 
several steps instead of a big one.

Lone

More information about the arch-general mailing list