Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#75359 - xbindkeys signature is bad

Attached to Project: Community Packages
Opened by Johannes Kamprad (killajoe) - Sunday, 17 July 2022, 20:23 GMT
Last edited by Jonas Witschel (diabonas) - Sunday, 17 July 2022, 21:42 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To No-one
Architecture x86_64
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


installing xbindkeys fails caused by signature can not get verified.

Additional info:
* package version(s) xbindkeys-1.8.7-2

* link to upstream bug report, if any

Steps to reproduce:
on installing it shows:

error: xbindkeys: signature from "Konstantin Gizdov <>" is marginal trust"

try to verify manually shows this output:

sudo pacman-key --verify xbindkeys-1.8.7-2-x86_64.pkg.tar.zst.sig
==> Checking xbindkeys-1.8.7-2-x86_64.pkg.tar.zst.sig... (detached)
gpg: Signature made Di 30 Jun 2020 13:55:51 CEST
gpg: using RSA key 5359CC6BE88118B51F5C90B5607DB55FF71B7052
gpg: Good signature from "Konstantin Gizdov <>" [marginal]
gpg: aka "Konstantin Gizdov <>" [marginal]
gpg: aka " <>" [marginal]
gpg: WARNING: This key is not certified with sufficiently trusted signatures!
gpg: It is not certain that the signature belongs to the owner.
Primary key fingerprint: 4BE6 1D68 4CB4 E317 4161 4E70 89AA 2723 1C53 0226
Subkey fingerprint: 5359 CC6B E881 18B5 1F5C 90B5 607D B55F F71B 7052
==> ERROR: The signature identified by xbindkeys-1.8.7-2-x86_64.pkg.tar.zst.sig could not be verified.
Trust is only marginal one should be full?
This task depends upon

Closed by  Jonas Witschel (diabonas)
Sunday, 17 July 2022, 21:42 GMT
Reason for closing:  Fixed
Additional comments about closing:  xbindkeys 1.8.7-3
Comment by Jonas Witschel (diabonas) - Sunday, 17 July 2022, 21:42 GMT
I rebuilt xbindkeys as well as all other packages in the repositories signed by an old, marginally trusted packager key: