FS#53642 - [gnupg] Problems refreshing pacman keyring

Attached to Project: Arch Linux
Opened by Michael Ifland (msifland) - Tuesday, 11 April 2017, 17:45 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 27 April 2017, 09:04 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Gaetan Bisson (vesath)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 4
Private No

Details

Description:
pacman-key --refresh-keys no longer completes the process. Errors out.


Additional info:
* package version(s)
* config and/or log files etc.


Steps to reproduce:
pacman-key --refresh-keys
gpg: refreshing 91 keys from hkp://pool.sks-keyservers.net
gpg: key B61DBCE10901C163: "Balló György <ballogyor@gmail.com>" 1 new signature
gpg: key 4AC5588F941C2A25: "Antonio Rojas <arojas@archlinux.org>" 1 new signature
gpg: key FCF3C8CB5CF9C8D4: "Alexander Rødseth <rodseth@gmail.com>" 1 new signature
gpg: key 9D893EC4DAAF9129: "Bruno Pagani <bruno.pagani@ens-lyon.org>" 110 new signatures
gpg: key 2E89012331361F01: "Evgeniy Alekseev <arcanis@archlinux.org>" 5 new signatures
gpg: key FC1B547C8D8172C8: "Levente Polyak (anthraxx) <levente@leventepolyak.net>" 95 new signatures
gpg: key 42A1DB15EC133BAD: "Angel Velásquez <angvp@archlinux.org>" 1 new signature
gpg: key 94657AB20F2A092B: "Andreas Radke <andyrtr@archlinux.org>" 2 new signatures
gpg: key F3E1D5C5D30DB0AD: "Andrea Scarpino <me@andreascarpino.it>" 359 new signatures
gpg: key B02854ED753E0F1F: "Anatol Pomozov <anatol.pomozov@gmail.com>" 4 new signatures
gpg: key 9BDCF497A4BBCC7F: "Ambrevar <ambrevar@gmail.com>" 2 new signatures
gpg: key AFF5D95098BC6FF5: "Maxime Gauduin <alucryd@alucryd.xyz>" 1 new signature
gpg: key F99FFE0FEAE999BD: "Allan McRae <me@allanmcrae.com>" 6 new signatures
gpg: key 40F557B731496106: "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" 1 new signature
gpg: key A04F9397CDFD6BB0: "Dan McGee (Arch Linux Master Key) <dan@master-key.archlinux.org>" 7 new signatures
gpg: key 5184252D824B18E8: "Thomas Bächler (Arch Linux Master Key) <thomas@master-key.archlinux.org>" 6 new signatures
gpg: key 3348882F6AC6A4C2: "Pierre Schmitz (Arch Linux Master Key) <pierre@master-key.archlinux.org>" 7 new signatures
gpg: key 7EFD567D4C7EA887: "Ionut Biru (Arch Linux Master Key) <ionut@master-key.archlinux.org>" 5 new signatures
gpg: key A88E23E377514E00: "Florian Pritz (Arch Linux Master Key) <florian@master-key.archlinux.org>" 3 new signatures
gpg: key BA1DFB64FFF979E7: "Allan McRae (Arch Linux Master Key) <allan@master-key.archlinux.org>" 12 new signatures
gpg: key DB323392796CA067: "Ike Devolder <ike.devolder@gmail.com>" 2 new signatures
gpg: key E8F18BA1615137BC: "Ionut Biru <ibiru@archlinux.org>" 6 new signatures
gpg: key A5E9288C4FA415FA: "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" 161 new signatures
gpg: key DA6426DD215B37AD: "Guillaume ALAUX <guillaume@archlinux.org>" 197 new signatures
gpg: key F22FB1D78A77AEAB: "Giancarlo Razzolini (grazzolini) <grazzolini@archlinux.org>" 1 new signature
gpg: key B7310AE5F04569AE: "Giovanni Scafora <giovanni@archlinux.org>" 13 new signatures
gpg: key 786C63F330D7CB92: "Felix Yan <felixonmars@gmail.com>" 270 new signatures
gpg: key 51E8B148A9999C34: "Evangelos Foutras <evangelos@foutrelis.com>" 11 new signatures
gpg: key 90CB3D62C13D4796: "Jiachen Yang <farseerfc@gmail.com>" 4 new signatures
gpg: key 59B3122E2FA915EC: "Alexandre Filgueira <alexfilgueira@cinnarch.com>" 1 new signature
gpg: key A6234074498E9CEE: "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" 64 new signatures
gpg: key FCF2CB179205AC90: "Eric Belanger <eric@archlinux.org>" 1 new signature
gpg: key 5FA5E5544F010D48: "Daniel Wallace <danielwallace@gtmanfred.com>" 7 new signatures
gpg: key 1EB2638FF56C0C53: "Dave Reisner <d@falconindy.com>" 10 new signatures
gpg: key 5ED514A45BD5C938: "Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>" 7 new signatures
gpg: key E613C09CB4440678: "Daniel Isenmann <daniel@archlinux.org>" 1 new signature
gpg: key 5C2E46A0F53A76ED: "Dan McGee <dpmcgee@gmail.com>" 17 new signatures
gpg: key D53A0445B47A0DAB: "Connor Behan <connor.behan@gmail.com>" 1 new signature
gpg: key BBE43771487328A9: "Bartlomiej Piotrowski <b@bpiotrowski.pl>" 12 new signatures
gpg: key 6D1655C14CE1C13E: "Florian Pritz <bluewind@xinu.at>" 52 new signatures
gpg: key E62F853100F0D0F0: "Gaetan Bisson <gaetan@fenua.org>" 116 new signatures
gpg: key CF7037A4F27FB7DA: "speps <speps@aur.archlinux.org>" 5 new signatures
gpg: key D21461E3DFE2060D: "Christian Rebischke (Arch Linux Security Team-Member) <Chris.Rebischke@archlinux.org>" 21 new signatures
gpg: key 8DBD63B82072D77A: "Sébastien Luttringer <seblu@seblu.net>" 17 new signatures
gpg: key 456C7A9B91B842AE: "Jakob Gruber <jakob.gruber@gmail.com>" 1 new signature
gpg: key 81AF739EC0711BF1: "Rashif Rahman (Ray) <schiv@archlinux.org>" 1 new signature
gpg: key 426991CD8406FFF3: "Ronald van Haren <ronald@archlinux.org>" 1 new signature
gpg: key 206CBC892D1493D2: "Rémy Oudompheng <remy@archlinux.org>" 12 new signatures
gpg: key 7F2D434B9741E8AC: "Pierre Schmitz <pierre@archlinux.de>" 18 new signatures
gpg: key 51DAE9B7C1AE9161: "NicoHood <pgp@nicohood.de>" 1 new user ID
gpg: key 51DAE9B7C1AE9161: "NicoHood <pgp@nicohood.de>" 3 new signatures
gpg: key B4360204B250F0D3: "Fabio Castelli <muflone@vbsimple.net>" 100 new signatures
gpg: key 94DD2393DA2EE423: "Massimiliano Torromeo (Personal non-work identity) <massimiliano.torromeo@gmail.com>" 2 new signatures
gpg: key A91764759326B440: "Lukas Fleischer <lfleischer@lfos.de>" 26 new signatures
gpg: key 06096A6AD1CEDDAC: "Laurent Carlier <lordheavym@gmail.com>" 1 new signature
gpg: key 50FB9B273A9D0BB5: "Johannes Löthberg <johannes@kyriasis.com>" 21 new signatures
gpg: key 396E3E25BAB142C1: "Kyle Keen <keenerd@gmail.com>" 1 new signature
gpg: key A3D9562A589874AB: "Jürgen Hötzel <juergen@hoetzel.info>" 2 new signatures
gpg: key 332C9C40F40D2072: "Jonathan Steel <mail@jsteel.org>" 5 new signatures
gpg: key 24E4CDB0013C2580: "Jaroslav Lichtblau <svetlemodry@archlinux.org>" 4 new signatures
gpg: key 37E0AF1FDA48F373: "Jerome Leclanche <jerome@leclan.ch>" 6 new signatures
gpg: key 976AC6FA3B94FA10: "Jan de Groot <info@jandegrootict.nl>" 2 new signatures
gpg: key C06086337C50773E: "Jelle van der Waa <jelle@vdwaa.nl>" 3 new signatures
gpg: key 654B877A0864983E: "Martin Wimpress (http://www.flexion.org) <martin@flexion.org>" 19 new signatures
gpg: key F2DBB4931985A992: "Dieter Plaetinck <dieter@plaetinck.be>" 6 new signatures
gpg: key 761FAD69BA06C6A9: "Dicebot <public@dicebot.lv>" 5 new signatures
gpg: key A001876699AD6E84: "Gavin Marciniak-Bisesi <Daenyth@gmail.com>" 13 new signatures
gpg: key E6B456CAF15447D5: "Federico Cinelli <cinelli@aur.archlinux.org>" 11 new signatures
gpg: key E2539214C6C11350: "Federico Cinelli <cinelli.federico@gmail.com>" 5 new signatures
gpg: key 7F2A16726521E06D: "Christopher Brannon <chris@the-brannons.com>" 12 new signatures
gpg: key 1F0CD4921ECAA030: "Baptiste Jonglez <baptiste@bitsofnetworks.org>" 94 new signatures
gpg: key 1D1F0DC78F173680: "Xyne. (key #3) <xyne@archlinux.ca>" 4 new signatures
gpg: key 097D629E437520BD: "Vesa Kaihlavirta <vegai@iki.fi>" 1 new signature
gpg: key 39E4F17F295AFBF4: "Thorsten Töpper <atsutane@freethoughts.de>" 132 new signatures
gpg: key E711306E3C4F88BC: "Timothy Redaelli <timothy.redaelli@gmail.com>" 6 new signatures
gpg: key 771DF6627EDF681F: "Tobias Powalowski <tobias.powalowski@googlemail.com>" 7 new signatures
gpg: key C8880A6406361833: "Tom Gundersen <teg@jklm.no>" 5 new signatures
gpg: key 284FC34C8E4B1A25: "Thomas Bächler <thomas.baechler@gmx.de>" 6 new signatures
gpg: key F9E712E59AF5F22A: "Daniel Micay <danielmicay@gmail.com>" 6 new signatures
gpg: key C847B6AEB0544167: "Nicola Squartini <tensor5@gmail.com>" not changed
gpg: key 7FB1A3800C84C0A5: "Thomas Dziedzic <gostrc@gmail.com>" 1 new signature
gpg: key 39E4B877E62EB915: "Sven-Hendrik Haase <svenstaro@gmail.com>" 1 new signature
gpg: key 73B8ED52F1D357C1: "Lukas Jirkovsky <l.jirkovsky@gmail.com>" 1 new signature
gpg: key 65C110C1EA433FC7: "Sergej Pupykin <arch@sergej.pp.ru>" 4 new signatures
gpg: key 5CED81B7C2E5C0D2: "Xyne. <xyne@archlinux.ca>" 6 new signatures
gpg: key EA6836E1AB441196: "Stéphane Gaudreault <stephane@archlinux.org>" 6 new signatures
gpg: key 3A726C6170E80477: "Роман Кирилич (Roman Kyrylych) <roman@archlinux.org>" 5 new signatures
gpg: key 6D1A9E70E19DAA50: "Peter Richard Lewis <pete@muddygoat.org>" 153 new signatures
gpg: key B9113D1ED21E1A55: "Kaiting Chen <kaitocracy@gmail.com>" 5 new signatures
gpg: key 5F946DED983D4366: "Justin Davis (juster) <jrcd83@gmail.com>" 8 new signatures
gpg: key AF7EF7873CFD4BB6: "Jonathan Conder <jonno.conder@gmail.com>" 5 new signatures
gpg: Total number processed: 90
gpg: unchanged: 1
gpg: new user IDs: 1
gpg: new signatures: 2362
gpg: [don't know]: invalid packet (ctb=1e)
gpg: keyring_get_keyblock: read error: Invalid packet
gpg: keydb_get_keyblock failed: Invalid keyring
gpg: keydb_search failed: Invalid keyring
gpg: [don't know]: invalid packet (ctb=0a)
gpg: keyring_get_keyblock: read error: Invalid packet
gpg: keydb_get_keyblock failed: Invalid keyring
gpg: keydb_search failed: Invalid keyring
gpg: packet(13) too large
gpg: keyring_get_keyblock: read error: Invalid packet
gpg: keyring_get_keyblock failed: Invalid keyring
gpg: failed to rebuild keyring cache: Invalid keyring
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: packet(13) too large
gpg: keyring_get_keyblock: read error: Invalid packet
gpg: keydb_get_keyblock failed: Invalid keyring
gpg: validate_key_list failed
==> ERROR: A specified local key could not be updated from a keyserver.

This task depends upon

Closed by  Gaetan Bisson (vesath)
Thursday, 27 April 2017, 09:04 GMT
Reason for closing:  Fixed
Additional comments about closing:  gnupg-2.1.20-2 in [testing]
Comment by Doug Newgard (Scimmia) - Thursday, 13 April 2017, 07:22 GMT
I've been playing with this. I can refresh my keyring, but not pacman's. I tried refreshing the keys one at a time to see if one of them was causing the problem, but they all seemed to update fine, but nothing actually gets updated. It's specific to the pacman keyring, but I don't know why.
Comment by Gaetan Bisson (vesath) - Thursday, 13 April 2017, 08:06 GMT
Very strange bug. I've tried recreating my pacman keyring (rm -fr /etc/pacman.d/gnupg; pacman-key --init; pacman-key --populate archlinux) and it seems to make things worse because now a simple `pacman-key --recv-key 00f0d0f0` exhibits the error. All is fine (even as root) on other keyrings (perhaps because they're smaller in size?).

Anyhow, I have no idea how to go about investigating this, could you please report this upstream?
Comment by Daniel Clemmer (Mraof) - Tuesday, 18 April 2017, 13:34 GMT
After downgrading gnupg from 2.1.20 to 2.1.19 it started working again for me, so I think it's a problem with gnupg 2.1.20
Comment by Gaetan Bisson (vesath) - Tuesday, 18 April 2017, 18:43 GMT
Daniel: And that's why you should report this upstream if you want to do something helpful.
Comment by Michael Ifland (msifland) - Tuesday, 18 April 2017, 20:08 GMT
I will "report this upstream" if someone tells me how to do that...
Comment by Gaetan Bisson (vesath) - Tuesday, 18 April 2017, 20:37 GMT
Upstream's URL can be found in the package metadata: http://www.gnupg.org/
On that site, under Documentation/"Bug Tracker", you will learn that bug reports should be submitted to: https://dev.gnupg.org/
Comment by Alexander Schnaidt (Namarrgon) - Wednesday, 26 April 2017, 10:14 GMT Comment by Michael Ifland (msifland) - Wednesday, 26 April 2017, 23:12 GMT
Yes, he said he fixed it now. So I guess it needs to be refreshed or fixed or whatever you do in the Arch repos. Thanks.
Comment by Victor Engmark (l0b0) - Thursday, 27 April 2017, 07:41 GMT
I tried downgrading to 2.1.19, but I'm still getting the same error. How do I work around this when the new version is available? Do I need to (re)move /etc/pacman.d/gnupg/pubring.gpg, downgrade further, or something else?

Loading...