FS#53703 - [archlinux-keyring] Christian Rebischke signature not in

Attached to Project: Community Packages
Opened by Pablo Lezaeta (Jristz) - Tuesday, 18 April 2017, 07:34 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 27 April 2017, 22:22 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To No-one
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
The signarture of Christian Rebischke used in Audit package is not in Archlinux-Keyring available in a clean install.

Additional info:
* archlinux-keyring 20170320-1
* audit 2.7.5-1

Steps to reproduce:
I install audit (using linux-tools-meta) package and see that instead of flawlessly intall it ask for import and sign the signature, showing that the signature is not in the systen even if the latest archlinux-keyring is installed.
I tryied this in a clean install.

PD-Off: Also noticed that the signature error message not show the affected package, should I subbimt a feature request for that?
This task depends upon

Closed by  Doug Newgard (Scimmia)
Thursday, 27 April 2017, 22:22 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#53642 
Comment by Pablo Lezaeta (Jristz) - Tuesday, 18 April 2017, 09:43 GMT
Aparently is just not in archlinux-keyring and therefor not master digned.

All the packages signed by Christ just fail
Comment by Bartłomiej Piotrowski (Barthalion) - Tuesday, 18 April 2017, 10:03 GMT
Looks like something is wrong on your end. I can install his packages just fine; his key is in the keyring.

https://git.archlinux.org/archlinux-keyring.git/commit/?id=0abfb04ebb9fdca80b882ee14ff5d68292e779da
Comment by Pablo Lezaeta (Jristz) - Wednesday, 19 April 2017, 03:03 GMT
clean chroot environment:

(2/2) checking keys in keyring [#########################################] 100%
downloading required keys...
:: Import PGP key 4096R/6DAF7B808F9DF25139620000D21461E3DFE2060D, "Christian Rebischke <chris@nullday.de>", created: 2015-07-16? [Y/n]

so, nope, they keyring try to import ONLY christian key but pass all the other flawlessly
Comment by Doug Newgard (Scimmia) - Wednesday, 19 April 2017, 14:19 GMT
I just did it in a clean chroot, no problems. I'll bet you're running into something related to  FS#53642 
Comment by Pablo Lezaeta (Jristz) - Wednesday, 19 April 2017, 18:10 GMT
Do you know if the default installation of pacman automagically run the keyring at first pacman install or not?

Cause in that clean chroot i never run the refresh key thing
Comment by Jelle van der Waa (jelly) - Wednesday, 19 April 2017, 18:53 GMT
Can't reproduce, is this from the install iso?
Comment by Pablo Lezaeta (Jristz) - Wednesday, 19 April 2017, 20:41 GMT
I tryied this with the install disk and with my system to a non-mountpoint and I can reproduce it.

should not a reinstall of archlinux-keyring fix the problem??
Comment by Jelle van der Waa (jelly) - Thursday, 20 April 2017, 07:16 GMT
Sounds like you don't have the key on your main system. If you are missing the key just pacman-key --refresh-keys
Comment by Doug Newgard (Scimmia) - Friday, 21 April 2017, 01:37 GMT
pacman-key --refresh-keys is broken right now. See  FS#53642 
Comment by Doug Newgard (Scimmia) - Thursday, 27 April 2017, 15:45 GMT
Jristz, can you check this again using gpg from testing?
Comment by Pablo Lezaeta (Jristz) - Thursday, 27 April 2017, 22:07 GMT
yes and not,

It fix it, but only if I reinstall archlinux-keyring after install the new gpg from testing.

so after the gpg get updated a rel bump to the archlinux-keyring could help (and a new release of the archlinux iso with the fixes too)

Loading...