FS#26520 - Signing key isn't fetch during a -U operation

Attached to Project: Pacman
Opened by Evangelos Foutras (foutrelis) - Wednesday, 19 October 2011, 09:56 GMT
Last edited by Allan McRae (Allan) - Saturday, 09 February 2013, 02:48 GMT
Task Type Bug Report
Category General
Status Closed
Assigned To Allan McRae (Allan)
Architecture All
Severity Medium
Priority Normal
Reported Version 4.0.0
Due in Version 4.1.0
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Summary and Info:

When I try to install a package signed with an unknown key using pacman -U, Pacman will not attempt to contact the keyserver to get the key.

I would expect Pacman to offer to fetch the key like it does during -Syu.

Steps to Reproduce:

(I'm using Pacman 4.0.0-2.)

1) Delete Dave's key:

$ sudo pacman-key -d Dave
==> Updating trust database...
gpg: no need for a trustdb check

2) Attempt to install filesystem from [core]:

$ sudo pacman -U http://archlinux.mirrors.uk2.net/core/os/x86_64/filesystem-2011.10-1-any.pkg.tar.xz
filesystem-2011.10-1-any 4.0 KiB 50.9K/s 00:00 [###############################] 100%
filesystem-2011.10-1-any.sig 287.0 B 1773B/s 00:00 [###############################] 100%
loading packages...
error: '/var/cache/pacman/pkg/filesystem-2011.10-1-any.pkg.tar.xz': invalid or corrupted package (PGP signature)
This task depends upon

Closed by  Allan McRae (Allan)
Saturday, 09 February 2013, 02:48 GMT
Reason for closing:  Deferred
Additional comments about closing:  git commit 5f5469c7
Comment by Allan McRae (Allan) - Wednesday, 19 October 2011, 12:59 GMT
Same thing happens with -Syuw.
Comment by Dan McGee (toofishes) - Wednesday, 19 October 2011, 13:25 GMT
Interesting. The -U I am not surprised by as that is a very different code path to load the package files, but the -Syuw doesn't make much sense at first glance...
Comment by Allan McRae (Allan) - Saturday, 03 March 2012, 11:47 GMT
I retract my comment about -Sw... just did one now and all works.

Loading...