Freeze on "Import PGP key"

jarmano · 29 September 2022 17:22

Hey there,
Today i decided to update my OS but the process just freeze when trying to import a PGP key :

downloading required keys...
:: Import PGP key 150C200743ED46D8, "Mark Wagie <mark@manjaro.org>"? [Y/n]

It just stays here for ever (just left computer and got back after 2 hours still on this stage)
What should i do ? Also checked journald log and didn’t see any error related.

Tomek · 29 September 2022 17:37

That’s ask. You need to press enter if you want to import this key.

jarmano · 29 September 2022 17:52

Of course I have pressed Enter you can see the new line in the code i pasted too.

aafsmarak · 29 September 2022 18:09

Try typing y and then pressing enter.

jarmano · 29 September 2022 18:27

Have done that too.

brahma · 29 September 2022 18:33

try running these commands:

sudo rm -rf /etc/pacman.d/gnupg
sudo rm -R /root/.gnupg/
sudo pacman-key --init
sudo pacman-key --populate archlinux manjaro
sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
sudo pacman-key --refresh-keys
sudo pacman -Scc
sudo pacman -Syyu

run them one at a time and ignore any errors

jarmano · 29 September 2022 19:00

This command freezes :

sudo pacman-key --refresh-keys

I guess it has something to do with keyring server, how can I check if keyring server is accessible and is not giving any timeout ?

brahma · 29 September 2022 19:02

try refreshing your mirrors:
sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syyu

jarmano · 29 September 2022 20:14

It downloads updates but then says every single downloaded package is corrupted :

error: key "991F6E3F0765CF6295888586139B09DA5BF0D338" could not be looked up remotely
:: File /var/cache/pacman/pkg/zita-alsa-pcmi-0.5.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

Also when i try to follow manjaro wiki pacman key guide, when I run the line below :

mkdir -pv $HOME/.cache/pkg/ && sudo pacman -Syw archlinux-keyring manjaro-keyring --cachedir $HOME/.cache/pkg/

I get this result :

:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
resolving dependencies...

Packages (2) archlinux-keyring-20220831-1  manjaro-keyring-20220514-2

Total Download Size:  1.64 MiB

:: Proceed with download? [Y/n] 
:: Retrieving packages...
 archlinux-keyring-20220831-1-any                       1130.1 KiB   726 KiB/s 00:02 [################################################] 100%
 manjaro-keyring-20220514-2-any                          548.8 KiB   648 KiB/s 00:01 [################################################] 100%
 Total (2/2)                                            1678.9 KiB   605 KiB/s 00:03 [################################################] 100%
(2/2) checking keys in keyring                                                       [################################################] 100%
(2/2) checking package integrity                                                     [################################################] 100%
error: manjaro-keyring: signature from "Mark Wagie <mark@manjaro.org>" is unknown trust
:: File /home/user/.cache/pkg/manjaro-keyring-20220514-2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: archlinux-keyring: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /home/user/.cache/pkg/archlinux-keyring-20220831-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

brahma · 29 September 2022 20:17

ok, so now it didnt freeze … but you are one of the unfortunate ones where commands will not work …
Open /etc/pacman.conf and edit this line:
SigLevel = Required DatabaseOptional - its on the 45 line
to look like this:
SigLevel = Optional TrustAll
save the file and rerun update again:
sudo pacman -Syyu

jarmano · 29 September 2022 20:34

Before going TrustAll route, I want to know that whether I can say no to this question or not :

error: manjaro-keyring: signature from "Mark Wagie <mark@manjaro.org>" is unknown trust
:: File /home/user/.cache/pkg/manjaro-keyring-20220514-2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

Because I see a note in manjaro wiki saying I can ignore pgp errors in this step :

 GPG check errors can be ignored, since it only downloads the keyring packages.

brahma · 29 September 2022 20:35

yes you can

jarmano · 29 September 2022 21:20

@brahma keeping the keyrings and installing them using pacman worked and update completed. Thanks a lot for your help.

system · 2 October 2022 11:21

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.