signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust #1

New Issue

Open

opened 2023-05-04 12:48:11 +02:00 by BarbUk · 34 comments

BarbUk commented 2023-05-04 12:48:11 +02:00

Copy Link

Hi,

The gpg key expire today:

pub   rsa4096 2021-05-04 [SC] [expired: 2023-05-04]
      2E3B2B05A332A7DB9019797848998B4039BED1CA
uid           [ expired] Giovanni Harting <g.harting@mailstash.org>

This produce the following error with pacman --sync:

error: core-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v2' is not valid (invalid or corrupted database (PGP signature))

Hi, The gpg key expire today: ```bash pub rsa4096 2021-05-04 [SC] [expired: 2023-05-04] 2E3B2B05A332A7DB9019797848998B4039BED1CA uid [ expired] Giovanni Harting <g.harting@mailstash.org> ``` This produce the following error with `pacman --sync`: ```bash error: core-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) error: database 'community-x86-64-v2' is not valid (invalid or corrupted database (PGP signature)) ```

anonfunc commented 2023-05-04 14:10:06 +02:00

Owner

Copy Link

Must have missed the date. I have updated the keyring, should be fixed with 20230504-1

Must have missed the date. I have updated the keyring, should be fixed with `20230504-1`

anonfunc added the

bug

label 2023-05-04 14:10:57 +02:00

BarbUk commented 2023-05-04 14:36:23 +02:00

Author

Copy Link

There is an error in the PKGBUILD:

PKGBUILD: line 17: cd: alhp-keyring: No such file or directory
==> ERROR: A failure occurred in package().
    Aborting...
 -> error making: alhp-keyring-exit status 4
 -> Failed to install the following packages. Manual intervention is required:
alhp-keyring - exit status 4

This patch fix it:

diff --git a/PKGBUILD b/PKGBUILD
index e6e5dc7..9d9a473 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -14,6 +14,6 @@ b2sums=('14ea5ad83c3a98b7369e619b05a331a16e173108df763698bdbc1bd3e845c3955e7ec76
 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA')  # Giovanni Harting <g.harting@mailstash.org>
 
 package() {
-  cd $pkgname
+  cd $pkgname-$pkgver
   make PREFIX=/usr DESTDIR="$pkgdir" install
 }

I can install it after commenting alhp entry in /etc/pacman.conf but still got an error after:

==> Retrieving sources...
 -> Found alhp-keyring-20230504.tar.gz
 -> Found alhp-keyring-20230504.tar.gz.sig
==> Validating source files with b2sums...
   alhp-keyring-20230504.tar.gz ... FAILED
   alhp-keyring-20230504.tar.gz.sig ... Skipped
==> ERROR: One or more files did not pass the validity check!
-> error making: alhp-keyring-exit status 1

There is an error in the `PKGBUILD`: ```bash PKGBUILD: line 17: cd: alhp-keyring: No such file or directory ==> ERROR: A failure occurred in package(). Aborting... -> error making: alhp-keyring-exit status 4 -> Failed to install the following packages. Manual intervention is required: alhp-keyring - exit status 4 ``` This patch fix it: ```patch diff --git a/PKGBUILD b/PKGBUILD index e6e5dc7..9d9a473 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -14,6 +14,6 @@ b2sums=('14ea5ad83c3a98b7369e619b05a331a16e173108df763698bdbc1bd3e845c3955e7ec76 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA') # Giovanni Harting <g.harting@mailstash.org> package() { - cd $pkgname + cd $pkgname-$pkgver make PREFIX=/usr DESTDIR="$pkgdir" install } ``` I can install it after commenting alhp entry in `/etc/pacman.conf` but still got an error after: ```bash ==> Retrieving sources... -> Found alhp-keyring-20230504.tar.gz -> Found alhp-keyring-20230504.tar.gz.sig ==> Validating source files with b2sums... alhp-keyring-20230504.tar.gz ... FAILED alhp-keyring-20230504.tar.gz.sig ... Skipped ==> ERROR: One or more files did not pass the validity check! -> error making: alhp-keyring-exit status 1 ```

anonfunc commented 2023-05-04 15:32:05 +02:00

Owner

Copy Link

I already fixed that one. Was just me uploading the wrong version of file. Just have to figure out why the extended key is unknown trust now.

I already fixed that one. Was just me uploading the wrong version of file. Just have to figure out why the extended key is unknown trust now.

BarbUk commented 2023-05-04 15:38:07 +02:00

Author

Copy Link

This is just the b2sum in the pkgbuild no ?

❯ makepkg -g
==> Retrieving sources...
  -> Found alhp-keyring-20230504.tar.gz
  -> Found alhp-keyring-20230504.tar.gz.sig
==> Generating checksums for source files...
b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51'
        'SKIP')

diff --git a/PKGBUILD b/PKGBUILD
index c37a5bb..7e7bbb2 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -9,8 +9,9 @@ url='https://somegit.dev/ALHP/alhp-keyring'
 license=(GPL)
 install=$pkgname.install
 source=(https://f.alhp.dev/$pkgname/${pkgname}-${pkgver}.tar.gz{,.sig})
-b2sums=('5420e30f8d1749ef6f247b0a0c1dc2b3b6b8ced5b3d9c26a8285c22fb1d76936503ed38cfc4c187b295e6cd3b1f88bcf8bbbd1c3f4843337f1ea69033957ce05'
+b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51'
         'SKIP')
+
 validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA')  # Giovanni Harting <g.harting@mailstash.org>
 
 package() {

EDIT:

But still the same issue:

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust

This is just the b2sum in the pkgbuild no ? ```bash ❯ makepkg -g ==> Retrieving sources... -> Found alhp-keyring-20230504.tar.gz -> Found alhp-keyring-20230504.tar.gz.sig ==> Generating checksums for source files... b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51' 'SKIP') ``` ```patch diff --git a/PKGBUILD b/PKGBUILD index c37a5bb..7e7bbb2 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -9,8 +9,9 @@ url='https://somegit.dev/ALHP/alhp-keyring' license=(GPL) install=$pkgname.install source=(https://f.alhp.dev/$pkgname/${pkgname}-${pkgver}.tar.gz{,.sig}) -b2sums=('5420e30f8d1749ef6f247b0a0c1dc2b3b6b8ced5b3d9c26a8285c22fb1d76936503ed38cfc4c187b295e6cd3b1f88bcf8bbbd1c3f4843337f1ea69033957ce05' +b2sums=('a5d9abaac54551e4cedf8c42fbf9b336906efd962d930706d1ee0930a97c0a64bc2744e93ad594114f04e95614575444dec095d94a370cca5fcf775d3b0d7b51' 'SKIP') + validpgpkeys=('2E3B2B05A332A7DB9019797848998B4039BED1CA') # Giovanni Harting <g.harting@mailstash.org> package() { ``` *EDIT*: But still the same issue: ```bash error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust ```

anonfunc commented 2023-05-04 15:47:27 +02:00

Owner

Copy Link

EDIT:

But still the same issue:

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust

This is what I meant with

Just have to figure out why the extended key is unknown trust now.

PGP can be confusing sometimes, since this key should have a chain of trust from the master.

EDIT: Seems it was the update-keys script not refreshing the keys correctly.

> *EDIT*: > > But still the same issue: > > ```bash > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > ``` This is what I meant with > Just have to figure out why the extended key is unknown trust now. PGP can be confusing sometimes, since this key should have a chain of trust from the master. *EDIT*: Seems it was the update-keys script not refreshing the keys correctly.

anonfunc commented 2023-05-04 16:00:34 +02:00

Owner

Copy Link

Can you try again with 20230504-4? Btw: If you get validation errors, let yay or whatever you are using clean-build, or if you build manually, issue an git clean -xdf

Can you try again with `20230504-4`? Btw: If you get validation errors, let `yay` or whatever you are using clean-build, or if you build manually, issue an `git clean -xdf`

Stebalien commented 2023-05-04 17:49:02 +02:00

Copy Link

Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug.

Deleting `/etc/pacman.d/gnupg/` then running `pacman-key --init` and `pacman-key --populate` seems to fix it. So this looks like an upstream bug.

👍 3

anonfunc referenced this issue from ALHP/ALHP.GO 2023-05-04 18:38:00 +02:00

GPG verification somehow broke #179

BarbUk commented 2023-05-04 18:43:15 +02:00

Author

Copy Link

Can you try again with 20230504-4?

Still the same issue.

Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug.

This fix the issue, thanks.

> Can you try again with 20230504-4? Still the same issue. > Deleting /etc/pacman.d/gnupg/ then running pacman-key --init and pacman-key --populate seems to fix it. So this looks like an upstream bug. This fix the issue, thanks.

anonfunc commented 2023-05-04 21:15:38 +02:00

Owner

Copy Link

Only refreshing the packager key with

pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298

also seems to do the trick if anyone runs into unknown trust after updating the keyring.

Another here mentioned method:

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Only refreshing the packager key with ``` pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 ``` also seems to do the trick if anyone runs into unknown trust after updating the keyring. Another here mentioned method: ``` rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

gladykov commented 2023-05-04 22:10:57 +02:00

Copy Link

Had to remove alhp-keyring before cleaning everything

Had to remove alhp-keyring before cleaning everything

Fijxu commented 2023-05-04 23:15:13 +02:00

Copy Link

doing sudo pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 gives:

gpg: error retrieving 'cie@harting.dev' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Idk if this is just my problem.

Removing / Moving /etc/pacman.d/gnupg and doing pacman-key --init && pacman-key --populate works without problems

doing `sudo pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298` gives: ``` gpg: error retrieving 'cie@harting.dev' via WKD: No data gpg: error reading key: No data gpg: refreshing 1 key from hkps://keyserver.ubuntu.com gpg: key E3D0D2CD3952E298: "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 ``` Idk if this is just my problem. Removing / Moving `/etc/pacman.d/gnupg` and doing `pacman-key --init && pacman-key --populate` works without problems

pega2k commented 2023-05-05 20:55:24 +02:00

Copy Link

Hi,

Can you try again with 20230504-4? Btw: If you get validation errors, let yay or whatever you are using clean-build, or if you build manually, issue an git clean -xdf

Deleting the *.gz and *.sign and making a clean build with makepkg -Ci to download again the needed files resolved this for me.

Thanks

Hi, > Can you try again with `20230504-4`? Btw: If you get validation errors, let `yay` or whatever you are using clean-build, or if you build manually, issue an `git clean -xdf` > Deleting the *.gz and *.sign and making a clean build with `makepkg -Ci` to download again the needed files resolved this for me. Thanks

t0kieu commented 2023-05-07 22:50:44 +02:00

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

Hi, for me is not resolved issue, I sill has that error: ```bash ==> Installing package alhp-keyring with pacman -U... error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) loading packages... error: failed to prepare transaction (invalid or corrupted database) ==> WARNING: Failed to install built package(s). ```

anonfunc commented 2023-05-07 22:53:43 +02:00

Owner

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

What exactly did you try?

> Hi, for me is not resolved issue, I sill has that error: > > ```bash > ==> Installing package alhp-keyring with pacman -U... > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > loading packages... > error: failed to prepare transaction (invalid or corrupted database) > ==> WARNING: Failed to install built package(s). > ``` What exactly did you try?

Fijxu commented 2023-05-07 22:56:46 +02:00

Copy Link

Hi, for me is not resolved issue, I sill has that error:

==> Installing package alhp-keyring with pacman -U...
error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
loading packages...
error: failed to prepare transaction (invalid or corrupted database)
==> WARNING: Failed to install built package(s).

To fix this, at least for me, i changed the SigLevel = <whatever> (in /etc/pacman.conf) to SigLevel = Never, installed the packages and then put the SigLevel back to the default values

> Hi, for me is not resolved issue, I sill has that error: > > ```bash > ==> Installing package alhp-keyring with pacman -U... > error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: community-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust > error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > error: database 'community-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) > loading packages... > error: failed to prepare transaction (invalid or corrupted database) > ==> WARNING: Failed to install built package(s). > ``` To fix this, at least for me, i changed the `SigLevel = <whatever>` (in `/etc/pacman.conf`) to `SigLevel = Never`, installed the packages and then put the `SigLevel` back to the default values

t0kieu commented 2023-05-07 22:58:20 +02:00

Copy Link

Manually build package alhp-keyring by command makepkg -Ci and then install it.
The same error is occured while updating packages.

Manually build package `alhp-keyring` by command `makepkg -Ci` and then install it. The same error is occured while updating packages.

anonfunc commented 2023-05-07 23:07:12 +02:00

Owner

Copy Link

Have you tried this?

Another here mentioned method:

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Have you tried this? > Another here mentioned method: > > ``` > rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

t0kieu commented 2023-05-07 23:16:52 +02:00

Copy Link

Yes, I first did cleanup in /etc/pacman.d/gnupg/ by your command sequence mentioned above, then I tried build a new one package and problem still exists.

@Fijxu I don't prefer disable security checks :( by disabling SigLevel. I hope there exists some way how to resolve that problem by secure way.

Yes, I first did cleanup in `/etc/pacman.d/gnupg/` by your command sequence mentioned above, then I tried build a new one package and problem still exists. @Fijxu I don't prefer disable security checks :( by disabling `SigLevel`. I hope there exists some way how to resolve that problem by secure way.

Fijxu commented 2023-05-07 23:25:49 +02:00

Copy Link

Yes, I first did cleanup in /etc/pacman.d/gnupg/ by your command sequence mentioned above, then I tried build a new one package and problem still exists.

@Fijxu I don't prefer disable security checks :( by disabling SigLevel. I hope there exists some way how to resolve that problem by secure way.

You can disable them temporally just to install that package, then reenable it again obviously.

> Yes, I first did cleanup in `/etc/pacman.d/gnupg/` by your command sequence mentioned above, then I tried build a new one package and problem still exists. > > @Fijxu I don't prefer disable security checks :( by disabling `SigLevel`. I hope there exists some way how to resolve that problem by secure way. You can disable them temporally just to install that package, then reenable it again obviously.

👍 1

DexterHaxxor commented 2023-07-16 17:41:21 +02:00

Copy Link

Happening to me right now:

# sudo pacman -Syyu
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
:: Synchronising package databases...
 core-x86-64-v2                                                 157.6 KiB  1313 KiB/s 00:00 [######################################################] 100%
 extra-x86-64-v2                                                  4.7 MiB  5.90 MiB/s 00:01 [######################################################] 100%
 core                                                           131.0 KiB  1617 KiB/s 00:00 [######################################################] 100%
 extra                                                            8.3 MiB  6.15 MiB/s 00:01 [######################################################] 100%
 multilib-x86-64-v2                                             186.4 KiB  1381 KiB/s 00:00 [######################################################] 100%
 multilib                                                       140.7 KiB   531 KiB/s 00:00 [######################################################] 100%
error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid
error: failed to synchronize all databases (unexpected error)

Might be related? Only has an issue with extra-x86_64-v2, though.

Happening to me right now: ``` # sudo pacman -Syyu error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid :: Synchronising package databases... core-x86-64-v2 157.6 KiB 1313 KiB/s 00:00 [######################################################] 100% extra-x86-64-v2 4.7 MiB 5.90 MiB/s 00:01 [######################################################] 100% core 131.0 KiB 1617 KiB/s 00:00 [######################################################] 100% extra 8.3 MiB 6.15 MiB/s 00:01 [######################################################] 100% multilib-x86-64-v2 186.4 KiB 1381 KiB/s 00:00 [######################################################] 100% multilib 140.7 KiB 531 KiB/s 00:00 [######################################################] 100% error: extra-x86-64-v2: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is invalid error: failed to synchronize all databases (unexpected error) ``` Might be related? Only has an issue with extra-x86_64-v2, though.

anonfunc commented 2023-07-16 19:17:14 +02:00

Owner

Copy Link

@DexterHaxxor This was actually the same as https://aur.archlinux.org/packages/alhp-keyring#comment-924652. I assumed it was only affecting v3. Fixed v2 just now.

@DexterHaxxor This was actually the same as https://aur.archlinux.org/packages/alhp-keyring#comment-924652. I assumed it was only affecting v3. Fixed v2 just now.

Samisafool commented 2023-11-22 14:39:53 +01:00

Copy Link

Hi. This has once again happened. Same error as original issue on v3

Hi. This has once again happened. Same error as original issue on v3

anonfunc commented 2023-11-24 12:18:40 +01:00

Owner

Copy Link

Hi, sorry to get back to you so late. Is this still happening? What mirror are you using?

Hi, sorry to get back to you so late. Is this still happening? What mirror are you using?

Samisafool commented 2023-11-24 17:10:47 +01:00

Copy Link

My mirrorlist is default:

───────┬────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
       │ File: /etc/pacman.d/alhp-mirrorlist
───────┼────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
   1   │ ##
   2   │ ## ALHP repository mirrorlist
   3   │ ## Updated on 2023-08-31
   4   │ ## https://somegit.dev/ALHP/alhp-mirrorlist
   5   │ ##
   6   │ ## There is an IPFS mirror available.
   7   │ ## Setup instructions in /etc/pacman.d/alhp-mirrorlist.ipfs.
   8   │ ##
   9   │ 
  10   │ ## Worldwide (Cloudfare)
  11   │ Server = https://alhp.krautflare.de/$repo/os/$arch/
  12   │ 
  13   │ ## Europe
  14   │ Server = https://mirror.sunred.org/alhp/$repo/os/$arch/
  15   │ Server = https://alhp.nox.panibrez.com/$repo/os/$arch/
  16   │ Server = https://alhp.dev/$repo/os/$arch/
  17   │ 
  18   │ ## Asia
  19   │ Server = https://mirrors.shanghaitech.edu.cn/alhp/$repo/os/$arch/
───────┴────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

This is definitely still happening.

error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: multilib-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust
error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))
error: database 'multilib-x86-64-v3' is not valid (invalid or corrupted database (PGP signature))

My mirrorlist is default: ``` ───────┬──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── │ File: /etc/pacman.d/alhp-mirrorlist ───────┼──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ ## 2 │ ## ALHP repository mirrorlist 3 │ ## Updated on 2023-08-31 4 │ ## https://somegit.dev/ALHP/alhp-mirrorlist 5 │ ## 6 │ ## There is an IPFS mirror available. 7 │ ## Setup instructions in /etc/pacman.d/alhp-mirrorlist.ipfs. 8 │ ## 9 │ 10 │ ## Worldwide (Cloudfare) 11 │ Server = https://alhp.krautflare.de/$repo/os/$arch/ 12 │ 13 │ ## Europe 14 │ Server = https://mirror.sunred.org/alhp/$repo/os/$arch/ 15 │ Server = https://alhp.nox.panibrez.com/$repo/os/$arch/ 16 │ Server = https://alhp.dev/$repo/os/$arch/ 17 │ 18 │ ## Asia 19 │ Server = https://mirrors.shanghaitech.edu.cn/alhp/$repo/os/$arch/ ───────┴──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── ``` This is definitely still happening. ``` error: core-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: extra-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: multilib-x86-64-v3: signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust error: database 'core-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'extra-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) error: database 'multilib-x86-64-v3' is not valid (invalid or corrupted database (PGP signature)) ```

anonfunc commented 2023-11-24 17:27:08 +01:00

Owner

Copy Link

rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate

Have you tried this? I'm not able to reproduce this here with a fresh install (or with a older one for that matter).

> ``` > rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate Have you tried this? I'm not able to reproduce this here with a fresh install (or with a older one for that matter).

Samisafool commented 2023-11-25 11:48:53 +01:00

Copy Link

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

anonfunc commented 2023-11-27 16:43:24 +01:00

Owner

Copy Link

Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it

It's listed somewhere in this thread. I'll add this to the FAQ.

> Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it It's listed somewhere in this thread. I'll add this to the FAQ.

sv8Wl1 commented 2023-12-17 10:27:35 +01:00

Copy Link

I am having the same issue and cant seem to fix it.

1. rm -rf /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate didn't work
2. pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298 didn't work

error mess:
:: keys need to be imported: 2E3B2B05A332A7DB9019797848998B4039BED1CA wanted by: alhp-keyring-20230504-4 :: import? [Y/n]: y gpg: keyserver receive failed: Server indicated a failure error: failed to run: gpg --recv-keys 2E3B2B05A332A7DB9019797848998B4039BED1CA:

I am having the same issue and cant seem to fix it. 1. `rm -rf /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate` didn't work 2. `pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298` didn't work **error mess:** `:: keys need to be imported: 2E3B2B05A332A7DB9019797848998B4039BED1CA wanted by: alhp-keyring-20230504-4 :: import? [Y/n]: y gpg: keyserver receive failed: Server indicated a failure error: failed to run: gpg --recv-keys 2E3B2B05A332A7DB9019797848998B4039BED1CA:`

anonfunc commented 2023-12-17 15:22:52 +01:00

Owner

Copy Link

@sv8Wl1 You have alhp-keyring installed I presume?

@sv8Wl1 You have `alhp-keyring` installed I presume?

sv8Wl1v2 commented 2023-12-17 22:40:47 +01:00

Copy Link

@sv8Wl1 You have alhp-keyring installed I presume?

no, i was trying to install it.

> @sv8Wl1 You have `alhp-keyring` installed I presume? no, i was trying to install it.

anonfunc commented 2023-12-17 22:44:55 +01:00

Owner

Copy Link

You need to install the keyring before you insert any of ALHP's repo into pacman.conf.

You need to install the keyring **before** you insert any of ALHP's repo into `pacman.conf`.

sv8Wl1v2 commented 2023-12-17 22:54:21 +01:00

Copy Link

You need to install the keyring before you insert any of ALHP's repo into pacman.conf.

Yes, I was following the official guide

> You need to install the keyring **before** you insert any of ALHP's repo into `pacman.conf`. Yes, I was following the [official guide ](https://somegit.dev/ALHP/ALHP.GO#2-install-keyring--mirrorlist)

alhp.png

85 KiB

anonfunc commented 2023-12-17 22:59:37 +01:00

Owner

Copy Link

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your /etc/resolv.conf contain valid entries?

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your `/etc/resolv.conf` contain valid entries?

sv8Wl1v2 commented 2023-12-17 23:06:32 +01:00

Copy Link

Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your /etc/resolv.conf contain valid entries?

Yup, that fixed it, it was systemd-resloved, i forgot to configure my reslov.conf.

Thank you.

The command I used if anyone needs it, but only if you are using Arch with systemd-resloved.
# ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

> Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your `/etc/resolv.conf` contain valid entries? Yup, that [fixed](https://wiki.archlinux.org/title/Systemd-resolved#DNS) it, it was systemd-resloved, i forgot to configure my reslov.conf. Thank you. The command I used if anyone needs it, but only if you are using Arch with **systemd-resloved**. `# ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

20230504

20220522

20211125

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No Label

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

11 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ALHP/alhp-keyring#1

No description provided.