[Dev] Issues with GPG signatures when updating packages

Stefano nospam at curso.re
Thu Jan 25 22:47:05 GMT 2018


Hello,

lately I have been having issues with GPG signatures when updating
packages. In particular, the following warning pops up regularly:

> signature from "Eli Schwartz <eschwartz at archlinux.org>" is marginal
> trust

and then

> File <PACKAGE> is corrupted (invalid or corrupted package (PGP
> signature)).

The incriminated packages are mostly Python ones.

Running `pacman-key --refresh-keys` does not solve the problem.

I have been working around that by adding the packages to the IgnorePkg
section of /etc/pacman.conf but that's not a long term solution.

Am I the only person seeing this?

Does anyone have suggestions about how to solve the problem?

Thanks,

-- S.



More information about the Dev mailing list