Corrupted package(s) - but pacman cache is empty

Support
1

I installed the recent [Stable Update] 2025-12-15 and [Stable Update] 2025-12-08 updates (since I had missed the 2025-12-08 release).

Now sudo pacman -Syu gets a message that the local btrfsmaintenance is newer than the repo package:

sudo pacman -Syu
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 multilib is up to date
:: Starting full system upgrade...
warning: btrfsmaintenance: local (1:0.5.2-1) is newer than extra (0.5.2-2)
 there is nothing to do

I tried reinstalling it but keep getting this corruption error:

sudo pacman -Syu btrfsmaintenance
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 multilib is up to date
warning: downgrading package btrfsmaintenance (1:0.5.2-1 => 0.5.2-2)
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (1) btrfsmaintenance-0.5.2-2

Total Download Size:   0.02 MiB
Total Installed Size:  0.06 MiB
Net Upgrade Size:      0.02 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 btrfsmaintenance...    19.1 KiB   340 KiB/s 00:00 [----------------------] 100%
(1/1) checking keys in keyring                     [----------------------] 100%
(1/1) checking package integrity                   [----------------------] 100%
error: btrfsmaintenance: signature from "George Hu <integral@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/btrfsmaintenance-0.5.2-2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

I tried sudo pacman -Syyuu btrfsmaintenance but still getting the same result. I even tried n for the Do you want to delete it? [Y/n] but still the same result.

I also cleaned my local caches with sudo pacman -Scc and verified that /var/cache/pacman/pkg/ is empty, yet still have the same issue.

Not sure this could have something to do with it, but I had this error which appeared benign while upgrading to this release (2025-12-15):

[2025-12-15T14:41:38-0500] [ALPM] upgraded manjaro-keyring (20230719-3 -> 20251003-1)
[2025-12-15T14:41:39-0500] [ALPM-SCRIPTLET] ==> Appending keys from manjaro.gpg...
[2025-12-15T14:41:40-0500] [ALPM-SCRIPTLET] ==> Locally signing trusted keys in keyring...
[2025-12-15T14:41:42-0500] [ALPM-SCRIPTLET] ==> ERROR: F66AD0FF0E57C561615A0901CEE477135C5872B0 could not be locally signed.

Additionally, I am now getting this error:

sudo pacman -Syu
:: Synchronizing package databases...
 core is up to date
 extra                   8.7 MiB  10.8 MiB/s 00:01 [----------------------] 100%
 multilib is up to date
:: Starting full system upgrade...
warning: btrfsmaintenance: local (1:0.5.2-1) is newer than extra (0.5.2-2)
resolving dependencies...
looking for conflicting packages...

Packages (1) gnome-shell-extension-forge-89-1

Total Download Size:   0.09 MiB
Total Installed Size:  0.32 MiB
Net Upgrade Size:      0.00 MiB

:: Proceed with installation? [Y/n]  
:: Retrieving packages...
 gnome-shell-exte...    93.9 KiB  1342 KiB/s 00:00 [----------------------] 100%
(1/1) checking keys in keyring                     [----------------------] 100%
(1/1) checking package integrity                   [----------------------] 100%
error: gnome-shell-extension-forge: signature from "Mark Wagie <mark@manjaro.org>" is unknown trust
:: File /var/cache/pacman/pkg/gnome-shell-extension-forge-89-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Once again, trying n yields the same results.

Any ideas what is causing this?

2

I got that too. Just install the update with… :backhand_index_pointing_down:

sudo pacman -Syuu

That worked for me, and I got no complaints about it when I ran pacman again tonight to update both chromium and kdenlive.

Did you update your mirrors first?

Either way, given that it’s Mark’s signature that seems to be the problem, pingelinging @Yochanan. :stuck_out_tongue:

3

Same issue appears…

sudo pacman -Syuu
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 multilib is up to date
:: Starting full system upgrade...
warning: btrfsmaintenance: downgrading from version 1:0.5.2-1 to version 0.5.2-2
resolving dependencies...
looking for conflicting packages...

Packages (2) btrfsmaintenance-0.5.2-2  gnome-shell-extension-forge-89-1

Total Download Size:   0.11 MiB
Total Installed Size:  0.38 MiB
Net Upgrade Size:      0.02 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 btrfsmaintenance...    19.1 KiB   178 KiB/s 00:00 [----------------------] 100%
 gnome-shell-exte...    93.9 KiB   531 KiB/s 00:00 [----------------------] 100%
 Total (2/2)           113.0 KiB   565 KiB/s 00:00 [----------------------] 100%
(2/2) checking keys in keyring                     [----------------------] 100%
(2/2) checking package integrity                   [----------------------] 100%
error: btrfsmaintenance: signature from "George Hu <integral@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/btrfsmaintenance-0.5.2-2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: gnome-shell-extension-forge: signature from "Mark Wagie <mark@manjaro.org>" is unknown trust
:: File /var/cache/pacman/pkg/gnome-shell-extension-forge-89-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
4

Because of the gnome-shell-extension-forgepackage. Answering "n there interrupts the update process.

5

Just did followed with forced sync—still appears to be the same.

I did answer y but later tried with n to rule anything out. Didn’t help, of course.

My understanding is pacman thinks there are corrupted packages in /var/cache/pacman/pkg/. But as I wrote in the post, I cleaned it out and then ran the commands again…but nada.

6

No, it only looks at the packages on the mirrors.

1 Like
7

I see.

I tried installing a random package from the extra repository and got the exact same issue.

sudo pacman -S fastfetch
resolving dependencies...
looking for conflicting packages...

Packages (2) yyjson-0.12.0-1  fastfetch-2.56.0-1

Total Download Size:   0.65 MiB
Total Installed Size:  2.23 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
 yyjson-0.12.0-1-...   154.0 KiB  1048 KiB/s 00:00 [----------------------] 100%
 fastfetch-2.56.0...   515.7 KiB  2.85 MiB/s 00:00 [----------------------] 100%
 Total (2/2)           669.8 KiB  3.50 MiB/s 00:00 [----------------------] 100%
(2/2) checking keys in keyring                     [----------------------] 100%
(2/2) checking package integrity                   [----------------------] 100%
error: yyjson: signature from "Robin Candau <antiz@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/yyjson-0.12.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: fastfetch: signature from "Robin Candau <antiz@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/fastfetch-2.56.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

I then tried installing something from the core repo:

sudo pacman -S links
resolving dependencies...
looking for conflicting packages...

Packages (1) links-2.30-1

Total Download Size:   3.11 MiB
Total Installed Size:  6.23 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 links-2.30-1-x86_64     2.9 MiB  5.81 MiB/s 00:01 [----------------------] 100%
error: failed retrieving file 'links-2.30-1-x86_64.pkg.tar.zst' from mirror.xenyth.net : OpenSSL SSL_read: OpenSSL/3.6.0: error:0A000126:SSL routines::unexpected eof while reading, errno 0
(1/1) checking keys in keyring                     [----------------------] 100%
downloading required keys...
:: Import PGP key 6D42BDD116E0068F, "Christian Hesse <eworm@archlinux.org>"? [Y/n] y
(1/1) checking package integrity                   [----------------------] 100%
error: links: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/links-2.30-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Perhaps this mirror is faulty?

Edit: removed the mirror and forced sync but to no avail…

8

Maybe you are having GPG issues due to having missed the previous update. Shouldn’t be happening, but never say “never”. :thinking:

Try this… :backhand_index_pointing_down:

9

Thank you but that didn’t work either. I’ll give this a try: [HowTo] Solve Keyring Related Issues in Manjaro

Edit: This link worked! Here’s what I did (taken from the link) :backhand_index_pointing_down:

Resynchronise with the Manjaro repository servers to ensure that everything is up to date - by entering the command:

sudo pacman -Syy

Remove all keys

sudo rm -rf /etc/pacman.d/gnupg

Reinitialize files & folders for keys

sudo pacman-key --init

Repopulate keys

sudo pacman-key --populate archlinux manjaro

Reinstall latest keyrings

sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring

Refresh the signature keys

sudo pacman-key --refresh-keys

Clear out the software packages downloaded during aborted installations (optional):

sudo pacman -Sc

Then:

sudo pacman -Syyu

…and everything is in good order.

Lesson learned: keep updating regularly

3 Likes
10

Perhaps another lesson to learn: In normal circumstances, only sudo pacman -Syu is required to perfom an update, – note the single y.

Note:- this is really intended for passers-by who copy/paste everything they see, without question; in this particular case, the double yy was arguably acceptable.

Regards.

1 Like
11

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.