signature from "Archlinux CIE Repos (Build 2020/2021) <cie@harting.dev>" is unknown trust #1
Labels
No Label
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
No Milestone
No project
No Assignees
11 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: ALHP/alhp-keyring#1
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hi,
The gpg key expire today:
This produce the following error with
pacman --sync
:Must have missed the date. I have updated the keyring, should be fixed with
20230504-1
There is an error in the
PKGBUILD
:This patch fix it:
I can install it after commenting alhp entry in
/etc/pacman.conf
but still got an error after:I already fixed that one. Was just me uploading the wrong version of file. Just have to figure out why the extended key is unknown trust now.
This is just the b2sum in the pkgbuild no ?
EDIT:
But still the same issue:
This is what I meant with
PGP can be confusing sometimes, since this key should have a chain of trust from the master.
EDIT: Seems it was the update-keys script not refreshing the keys correctly.
Can you try again with
20230504-4
? Btw: If you get validation errors, letyay
or whatever you are using clean-build, or if you build manually, issue angit clean -xdf
Deleting
/etc/pacman.d/gnupg/
then runningpacman-key --init
andpacman-key --populate
seems to fix it. So this looks like an upstream bug.Still the same issue.
This fix the issue, thanks.
Only refreshing the packager key with
also seems to do the trick if anyone runs into unknown trust after updating the keyring.
Another here mentioned method:
Had to remove alhp-keyring before cleaning everything
doing
sudo pacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298
gives:Idk if this is just my problem.
Removing / Moving
/etc/pacman.d/gnupg
and doingpacman-key --init && pacman-key --populate
works without problemsHi,
Deleting the *.gz and *.sign and making a clean build with
makepkg -Ci
to download again the needed files resolved this for me.Thanks
Hi, for me is not resolved issue, I sill has that error:
What exactly did you try?
To fix this, at least for me, i changed the
SigLevel = <whatever>
(in/etc/pacman.conf
) toSigLevel = Never
, installed the packages and then put theSigLevel
back to the default valuesManually build package
alhp-keyring
by commandmakepkg -Ci
and then install it.The same error is occured while updating packages.
Have you tried this?
Yes, I first did cleanup in
/etc/pacman.d/gnupg/
by your command sequence mentioned above, then I tried build a new one package and problem still exists.@Fijxu I don't prefer disable security checks :( by disabling
SigLevel
. I hope there exists some way how to resolve that problem by secure way.You can disable them temporally just to install that package, then reenable it again obviously.
Happening to me right now:
Might be related? Only has an issue with extra-x86_64-v2, though.
@DexterHaxxor This was actually the same as https://aur.archlinux.org/packages/alhp-keyring#comment-924652. I assumed it was only affecting v3. Fixed v2 just now.
Hi. This has once again happened. Same error as original issue on v3
Hi, sorry to get back to you so late. Is this still happening? What mirror are you using?
My mirrorlist is default:
This is definitely still happening.
Have you tried this? I'm not able to reproduce this here with a fresh install (or with a older one for that matter).
Oh, that worked. Is this listed on a FAQ somewhere? I couldn't find it
It's listed somewhere in this thread. I'll add this to the FAQ.
I am having the same issue and cant seem to fix it.
rm -rf /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate
didn't workpacman-key --refresh-keys 0D4D2FDAF45468F3DDF59BEDE3D0D2CD3952E298
didn't workerror mess:
:: keys need to be imported: 2E3B2B05A332A7DB9019797848998B4039BED1CA wanted by: alhp-keyring-20230504-4 :: import? [Y/n]: y gpg: keyserver receive failed: Server indicated a failure error: failed to run: gpg --recv-keys 2E3B2B05A332A7DB9019797848998B4039BED1CA:
@sv8Wl1 You have
alhp-keyring
installed I presume?no, i was trying to install it.
You need to install the keyring before you insert any of ALHP's repo into
pacman.conf
.Yes, I was following the official guide
Oh sorry my bad, you were getting the error while building the package itself. I was a step ahead. Maybe your resolving is not setup properly? Does your
/etc/resolv.conf
contain valid entries?Yup, that fixed it, it was systemd-resloved, i forgot to configure my reslov.conf.
Thank you.
The command I used if anyone needs it, but only if you are using Arch with systemd-resloved.
# ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf