FS#72497 : signature from "Daurnimator <quae@daurnimator.com>" is unknown

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#72497 - signature from "Daurnimator <quae@daurnimator.com>" is unknown

Attached to Project: Community Packages
Opened by Raphael (RJGarch) - Thursday, 21 October 2021, 07:32 GMT
Last edited by Antonio Rojas (arojas) - Friday, 22 October 2021, 15:36 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:

signature from "Daurnimator <quae@daurnimator.com>" is unknown

Steps to reproduce:

sudo pacman -S promtail
Abhängigkeiten werden aufgelöst …
Nach in Konflikt stehenden Paketen wird gesucht …

Pakete (1) promtail-2.3.0-2

Gesamtgröße des Downloads: 16.11 MiB
Gesamtgröße der installierten Pakete: 84.62 MiB

:: Installation fortsetzen? [J/n] j
:: Pakete werden empfangen …
promtail-2.3.0-2... 16.1 MiB 13.0 MiB/s 00:01 [######################] 100%
(1/1) Schlüssel im Schlüsselbund werden geprüft [######################] 100%
(1/1) Paket-Integrität wird überprüft [######################] 100%
Fehler: promtail: signature from "Daurnimator <quae@daurnimator.com>" is unknown trust
:: Datei /var/cache/pacman/pkg/promtail-2.3.0-2-x86_64.pkg.tar.zst ist beschädigt (Ungültiges oder beschädigtes Paket (PGP-Signatur)).
Soll die Datei entfernt werden? [J/n]

This task depends upon

Closed by Antonio Rojas (arojas)
Friday, 22 October 2021, 15:36 GMT
Reason for closing: Not a bug

Comments (4)
Related Tasks (0/0)

Comment by loqs (loqs) - Thursday, 21 October 2021, 20:40 GMT

What is the output of
pacman -Q archlinux-keyring
pacman-key --list-keys quae@daurnimator.com

Comment by Raphael (RJGarch) - Thursday, 21 October 2021, 20:52 GMT

sudo pacman -Q archlinux-keyring
-->
archlinux-keyring 20210902-1

sudo pacman-key --list-keys quae@daurnimator.com
-->
pub rsa4096 2015-01-25 [SC] [verfallen: 2021-08-12]
954A3772D62EF90E4B31FBC6C91A9911192C187A
uid [ verfallen ] Daurnimator <quae@daurnimator.com>
uid [ verfallen ] Daurnimator <daurnimator@archlinux.org>

Comment by loqs (loqs) - Thursday, 21 October 2021, 21:09 GMT

You have archlinux-keyring 20210902-1 which contains [1] extending 954A3772D62EF90E4B31FBC6C91A9911192C187A until 2023-08-02 but the keyring itself has not been updated, that should have been performed by a hook when the keyring package is updated.
As the key has expired rather than missing pacman will not prompt to obtain it remotely. You can try refresh-keys see [2].

[1] https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/commit/9ad88b84d9d7c81c430ce65d5248a47b8754271c
[2] https://wiki.archlinux.org/title/Pacman/Package_signing#Adding_developer_keys

Comment by Raphael (RJGarch) - Friday, 22 October 2021, 15:24 GMT

sudo pacman -Sy archlinux-keyring && sudo pacman -Su

Solved the problem!

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

Community Packages

FS#72497 - signature from "Daurnimator <quae@daurnimator.com>" is unknown

Details

Loading...