FS#47921 - archlinux-keyring should be upgraded before other packages to prevent inadvertent PGP errors
Attached to Project:
Arch Linux
Opened by Max Pray (synthead) - Thursday, 28 January 2016, 04:03 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 28 January 2016, 04:24 GMT
Opened by Max Pray (synthead) - Thursday, 28 January 2016, 04:03 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 28 January 2016, 04:24 GMT
|
Details
Description: archlinux-keyring should be upgraded before
other packages (much like pacman). Attempting to install new
packages signed by new trusted users before upgrading
archlinux-keyring will throw a PGP error that claims that
the package is corrupt.
An example of this is "confuse", version 2.8-2, signed by Thorsten Töpper. Before installing "archlinux-keyring" version 20160123-1, this message is displayed: error: confuse: signature from "Thorsten Töpper <atsutane@freethoughts.de>" is unknown trust :: File /var/cache/pacman/pkg/confuse-2.8-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). Do you want to delete it? [Y/n] As a workaround, archlinux-keyring can be specifically upgraded and affected packages should upgrade without an issue. |
This task depends upon
Closed by Doug Newgard (Scimmia)
Thursday, 28 January 2016, 04:24 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#47892
Thursday, 28 January 2016, 04:24 GMT
Reason for closing: Duplicate
Additional comments about closing: