Having trouble upgrading google-chrome due to signature issue

How · 16 June 2021 12:47

When I was upgrading google-chrome using pacman -S google-chrome, it complained as follows:

# pacman -S google-chrome
resolving dependencies...
looking for conflicting packages...

Packages (1) google-chrome-91.0.4472.106-1

Total Download Size:    85.58 MiB
Total Installed Size:  254.02 MiB
Net Upgrade Size:        0.00 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 google-chrome-91.0.4472.106-1-x86_64       85.6 MiB  40.2 MiB/s 00:02 [########################################] 100%
(1/1) checking keys in keyring                                         [########################################] 100%
(1/1) checking package integrity                                       [########################################] 100%
error: google-chrome: signature from "lilac (build machine) <lilac@build.archlinuxcn.org>" is unknown trust
:: File /var/cache/pacman/pkg/google-chrome-91.0.4472.106-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Any idea why this is happening? and how to solve it?

I tried clean the pkg cache using paccache -r but no luck.
Besides, I also tried:

pacman-key --init
pacman-key --populate archlinux manjaro
pacman-key --refresh-keys

update: also tried pamac as @Aragorn suggested:

$ pamac update google-chrome                                                                                        
Preparing...
Synchronizing package databases...
Warning: hplip: ignoring package upgrade (1:3.21.2-1 => 1:3.21.4-1)
Resolving dependencies...
Checking inter-conflicts...

To upgrade (5):
  systemd-libs        248.3-3          (248.3-2)          core         
  systemd             248.3-3          (248.3-2)          core         
  firefox             89.0.1-1         (89.0-1)           extra        
  google-chrome       91.0.4472.106-1  (91.0.4472.101-1)  archlinuxcn  
  systemd-sysvcompat  248.3-3          (248.3-2)          core         

Total installed size: 559.9 kB

Apply transaction ? [y/N] y
Checking keyring...                                                                                              [5/5]
Checking integrity...                                                                                            [5/5]
Error: google-chrome: signature from "lilac (build machine) <lilac@build.archlinuxcn.org>" is unknown trust
Removing invalid files and retrying...
Download of google-chrome (91.0.4472.106-1) started                                                                   
Download of google-chrome (91.0.4472.106-1) finished                                                                  
Checking keyring...                                                                                              [5/5]
Checking integrity...                                                                                            [5/5]
Error: google-chrome: signature from "lilac (build machine) <lilac@build.archlinuxcn.org>" is unknown trust
Error: Failed to commit transaction: invalid or corrupted package:

Aragorn · 16 June 2021 12:56

google-chrome is a package from the AUR, not from the Manjaro repos. pacman does not offer support for the AUR, but pamac does. In addition to that, you cannot install any packages with pacman as a regular user without using sudo ─ pamac in turn does not require the use of sudo.

pamac update --aur

How · 16 June 2021 13:04

Thanks for your reply. I did run the commands under root privilege. I tried pamac but no luck. Could you take another look at the updated question?

How · 16 June 2021 13:14

I think I know what was wrong now.

installing/upgrading archlinuxcn-keyring fixed this issue.

I added a repo called archlinuxcn to /etc/pacman.conf after I installed manjaro months ago. The other day I ran some upgrade commands and found this signature issue. I guess the repo has changed the key or something.

Reference: Arch Linux CN 源使用帮助 — USTC Mirror Help 文档

NGr · 16 June 2021 13:15

It doesn’t look like you installed it from the AUR. You could try looking at GitHub - archlinuxcn/lilac: Lilac is the build bot for archlinuxcn for information about the specific package you have installed.

demoxka · 17 June 2021 09:58

Thanks for your reply.
After reinstalling archlinuxcn-keyring it is OK.

system · 2 July 2021 09:59

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.