[Dev] Issues with GPG signatures when updating packages

Luke Shumaker lukeshu at lukeshu.com
Thu Jan 25 23:47:45 GMT 2018


On Thu, 25 Jan 2018 17:47:05 -0500,
Stefano wrote:
> 
> Hello,
> 
> lately I have been having issues with GPG signatures when updating
> packages. In particular, the following warning pops up regularly:
> 
> > signature from "Eli Schwartz <eschwartz at archlinux.org>" is marginal
> > trust
> 
> and then
> 
> > File <PACKAGE> is corrupted (invalid or corrupted package (PGP
> > signature)).
> 
> The incriminated packages are mostly Python ones.
> 
> Running `pacman-key --refresh-keys` does not solve the problem.
> 
> I have been working around that by adding the packages to the IgnorePkg
> section of /etc/pacman.conf but that's not a long term solution.
> 
> Am I the only person seeing this?
> 
> Does anyone have suggestions about how to solve the problem?

does

    sudo pacman -S {archlinux{,32,arm},parabola}-keyring

take care of it?

-- 
Happy hacking,
~ Luke Shumaker



More information about the Dev mailing list