Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#69222 - [confuse] invalid or corrupted package - marginal trust
Attached to Project:
Community Packages
Opened by Patryk Hes (hesonator) - Tuesday, 05 January 2021, 15:54 GMT
Last edited by Morten Linderud (Foxboron) - Tuesday, 05 January 2021, 19:49 GMT
Opened by Patryk Hes (hesonator) - Tuesday, 05 January 2021, 15:54 GMT
Last edited by Morten Linderud (Foxboron) - Tuesday, 05 January 2021, 19:49 GMT
|
DetailsDescription:
When trying to install `confuse` package (an indirect dependency of `mplayer`), the signature of one of the trusted users is "marginal trust": ``` $ pacman -S --asdeps confuse (...) Packages (1) confuse-3.3-2 (...) error: confuse: signature from "Baptiste Jonglez" <baptiste@bitsofnetworks.org> is marginal trust :: File /var/cache/pacman/pkg/confuse-3.3-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). Do you want to delete it? [Y/n] y error: failed to commit transaction (invalid or corrupted package (PGP signature)) Errors occurred, no packages were upgraded. ``` Before that, to ensure I have an up-to-date list of keys, I executed: ``` $ sudo pacman -Sy archlinux-keyring $ sudo pacman-key --populate archlinux $ sudo pacman-key --refresh-keys ``` Still, the keys are annotated as "marginal trust": ``` $ pacman-key -l | grep bitsofnetworks uid [marginal] Baptiste Jonglez <baptiste@bitsofnetworks.org> ``` |
This task depends upon
Closed by Morten Linderud (Foxboron)
Tuesday, 05 January 2021, 19:49 GMT
Reason for closing: Fixed
Additional comments about closing: Resigned all packages
Tuesday, 05 January 2021, 19:49 GMT
Reason for closing: Fixed
Additional comments about closing: Resigned all packages
You fetched a revoked signature and the packages hasn't been rebuilt.
babeld Baptiste Jonglez <archlinux@bitsofnetworks.org>
confuse Baptiste Jonglez <archlinux@bitsofnetworks.org>
fastd Baptiste Jonglez <archlinux@bitsofnetworks.org>
fig2dev Baptiste Jonglez <archlinux@bitsofnetworks.org>
lesspipe Baptiste Jonglez <archlinux@bitsofnetworks.org>
msgpack-c Baptiste Jonglez <archlinux@bitsofnetworks.org>
yodl Baptiste Jonglez <archlinux@bitsofnetworks.org>
Rebuilding these packages tonight.
(For future notice, the package details page has a link to create a new bug report with this stuff pre-filled.)