FS#26563 : Pacman 4.0.0-2 Signature Failure (not a dupe of other bugs)

FS#26563 - Pacman 4.0.0-2 Signature Failure (not a dupe of other bugs)

Attached to Project: Arch Linux
Opened by Curtis (foxcm2000) - Saturday, 22 October 2011, 14:31 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 22 October 2011, 17:33 GMT

Task Type	Bug Report
Category	Arch Projects
Status	Closed
Assigned To	No-one
Architecture	x86_64
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Egon Geerardyn (egeerardyn) (2012-01-26)
Private	No

Details

Description:

After upgrading to version 4.0.0-2, pacman refuses to install any packages from the repositories. I have run pacman-key --init, and I have tried changing key servers as recommended in another bug report. Nothing solves the problem.

After removing the /etc/pacman.d/gnupg directory and starting over, the first time that I try to upgrade a package I get a series of questions like the following:
error: eclipse: key "E8F18BA1615137BC" is unknown
:: Import PGP key 615137BC, "Ionut Biru <ibiru@archlinux.org>", created 2011-04-19? [Y/n]
error: key "Ionut Biru <ibiru@archlinux.org>" could not be imported

I answer "Y" to all questions, and the installation subsequently fails.

I *have* tried using: keyserver hkp://pgp.mit.edu in gpg.conf, but the end result is the same.

Any additional attempt to upgrade the same packages gives an error similar to this:

error: eclipse: signature from "Ionut Biru <ibiru@archlinux.org>" is unknown trust

Other people were complaining about the process being too slow. In my case everything runs quickly, it's just that everything fails.

Suggestion: Until signed packages are actually working right, put in a command line switch in Pacman to ignore sigatures. I'm completely unable to upgrade my system right now because of this.

This task depends upon

Closed by Dave Reisner (falconindy)
Saturday, 22 October 2011, 17:33 GMT
Reason for closing: Not a bug
Additional comments about closing: Nothing new or broken here.

Comment by Karol Błażewicz (karol) - Saturday, 22 October 2011, 16:14 GMT

Do you have
SigLevel = Optional TrustAll

in your pacman.conf?

Comment by Steven (Stebalien) - Saturday, 22 October 2011, 16:19 GMT

Please upload the output of 'pacman --debug -Syu'. If you want to ignore signatures, set SigLevel to Never in your pacman.conf.

Comment by Ionut Biru (wonder) - Saturday, 22 October 2011, 16:19 GMT

so here is what you need to do:

pacman-key --init
edit /etc/pacman.conf and set up
SigLevel = Optional TrustAll

pacman -Syu
if importing is slow, change keyserver to hkp://pgp.mit.edu in /etc/pacman.d/gnupg/gpg.conf

Comment by Curtis (foxcm2000) - Saturday, 22 October 2011, 16:41 GMT

Thanks for putting up these posts!
I have been able to get things working by uncommenting the "SigLevel = Optional TrustAll" option in pacman.conf.
Is this a permanent fix for my problem or is it a work-around?

Comment by Ionut Biru (wonder) - Saturday, 22 October 2011, 16:51 GMT

for now is the best solution since the arch repos are not ready to use Required

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#26563 - Pacman 4.0.0-2 Signature Failure (not a dupe of other bugs)

Details

Loading...