Pacman

Historical bug tracker for the Pacman package manager.

The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues

This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
Tasklist

FS#63271 - Missing dependencies

Attached to Project: Pacman
Opened by Gaetan Bisson (vesath) - Wednesday, 24 July 2019, 21:35 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 24 July 2019, 22:12 GMT
Task Type Bug Report
Category General
Status Closed
Assigned To No-one
Architecture x86_64
Severity High
Priority Normal
Reported Version 5.1.3
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

I'm getting a very disturbing behavior from pacman-5.1.3 running `makepkg --log --noconfirm --syncdeps` inside an x86_64 qemu virtual machine. The virtual machine is a run-of-the-mill Arch install so it should not matter.

What happens is that pacman identifies packages to be installed, never actually downloads them, and then fails when trying to verify their signature. See the attached log file.

If you have any idea what might be causing this behavior I'd be happy to try your suggestions.
   makepkg.log (4.5 KiB)
This task depends upon

Closed by  Gaetan Bisson (vesath)
Wednesday, 24 July 2019, 22:12 GMT
Reason for closing:  Not a bug
Additional comments about closing:  Diagnosed as a mirror problem.
Comment by Allan McRae (Allan) - Wednesday, 24 July 2019, 21:44 GMT
I'd guess change your mirror. Or check you network connection.
Comment by Eli Schwartz (eschwartz) - Wednesday, 24 July 2019, 21:48 GMT
How do you know they are not being downloaded? The logfile indicates that this makepkg run's invocation of pacman isn't trying to download the packages which are being rejected... which hints to me that your VM has files of some sort in the cache which do not validate. Were they downloaded beforehand?

If you're checking after the fact to see what the files look like, it's too late since they were deleted... can you try checking there before running makepkg, and take a look if those files validate with pacman-key?

EDIT: oops, pacman-key won't work unless you also download the signatures which aren't in the db. pacman -Swdd --debug might have some interesting information about why pacman thinks they're bad, though.
Comment by Gaetan Bisson (vesath) - Wednesday, 24 July 2019, 22:11 GMT
Thanks for your suggestions. It turns out my mirror indeed returns garbage for those files (no HTTP content, just the byte '\n'). What misled me was that curl saves the files as-is (just the byte '\n') and pacman does not report any error and does not output anything related to the download of those files, thus leading me to believe they were never downloaded. Cheers.

Loading...