Re: [arch-general] Unknown Trust and Corrupted Package
It is in testing; updating the keyring pkg from testing fixed the issue on my box. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: [arch-general] Unknown Trust and Corrupted Package
Le 25 janvier 2016 03:23:25 GMT+01:00, Levente Polyaka écrit : >On 01/25/2016 03:17 AM, Jayesh Badwaik wrote: >> Hi, >> >> I'm receiving message about unknown trust while trying to install the >confuse >> package. >> > > >Looks like people tend to forget about updating pacman keyring. > >pacman-key --refresh-keys > > >cheers, >anthraxx Definitely, just ran into the same issue and had more than thousand new sigs… Is there somewhere on the wiki, especially beginner guide or install one where it’s advised to do this on a regular basis? (I’m on mobile right now, not easy to check) Bruno
Re: [arch-general] Unknown Trust and Corrupted Package
On Monday, 25 January 2016 09:00:43 IST Bruno Pagani wrote: > Is there somewhere on the wiki, especially beginner guide or install one > where it’s advised to do this on a regular basis? (I’m on mobile right now, > not easy to check) I found this [1], which suggests that the changes should be updated in the archlinux-keyring package, but that may not be enough if the keyring package is not recent enough. -- Cheers Jayesh Badwaik [1] https://wiki.archlinux.org/index.php/Pacman/ Package_signing#Adding_developer_keys
Re: [arch-general] Unknown Trust and Corrupted Package
>> I'm receiving message about unknown trust while trying to install the confuse >> package. >> > > Looks like people tend to forget about updating pacman keyring. > > pacman-key --refresh-keys is'n this done automatically? should it? -- damjan
Re: [arch-general] Unknown Trust and Corrupted Package
On 01/25/2016 10:27 AM, Damjan Georgievski wrote: > huh, now what? > [...] > gpg: keyserver refresh failed: Permission denied As the error message indicates, you need to do that as root. It's also possible to grab the new archlinux-keyring package from [testing]. cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [arch-general] Unknown Trust and Corrupted Package
> > > Looks like people tend to forget about updating pacman keyring. > > > > pacman-key --refresh-keys > > is'n this done automatically? should it? > I personally can't see how it (an upgrade hook in a package) could. The pacman-keyring package can (and does) do some maintenance operations on upgrades, but things like OP's issue (I noticed the same thing as well) is more likely to occur due to a completely unrelated package coming with signatures from a new key without the pacman-key package being touched. What could be done would be to make pacman automatically download any and all needed keys without user intervention. This shouldn't be a security issue since the web of trust should still be enforced (i.e. this wouldn't mean you'd just blindly trust random keys, just that pacman would do the equivalent of `pacman-key --refresh` when necessary). I don't know if this has already been considered and rejected by the pacman devs. >
Re: [arch-general] Unknown Trust and Corrupted Package
> Looks like people tend to forget about updating pacman keyring. > > pacman-key --refresh-keys huh, now what? # pacman-key --refresh-keys gpg: refreshing 85 keys from hkp://keys.gnupg.net gpg: keyserver refresh failed: Permission denied ==> ERROR: A specified local key could not be updated from a keyserver. -- damjan
Re: [arch-general] Unknown Trust and Corrupted Package
On Monday, 25 January 2016 03:23:25 IST Levente Polyak wrote: > Looks like people tend to forget about updating pacman keyring. > > pacman-key --refresh-keys Oops, feel very silly now. -- Cheers Jayesh Badwaik
Re: [arch-general] Unknown Trust and Corrupted Package
On 01/25/2016 03:17 AM, Jayesh Badwaik wrote: > Hi, > > I'm receiving message about unknown trust while trying to install the confuse > package. > Looks like people tend to forget about updating pacman keyring. pacman-key --refresh-keys cheers, anthraxx signature.asc Description: OpenPGP digital signature
Re: [arch-general] Unknown Trust and Corrupted Package
On Sun, Jan 24, 2016 at 9:03 PM, Jayesh Badwaikwrote: > >On Monday, 25 January 2016 03:23:25 IST Levente Polyak wrote: > >> Looks like people tend to forget about updating pacman keyring. > >> > >> pacman-key --refresh-keys > > > >Oops, feel very silly now. > > Interesting, I just had a similar issue when installing i3-wm on a fresh install for my laptop. Good to know it was just about refreshing the keys. Thank you all, Jonathan