Installing kernel headers fails on keys

Support
1

I was thinking of installing Cuda for Nvidia GPU and could not from ‘Add/Remove/software’.

I have:
uname -r  :heavy_check_mark:
6.5.9-1-MANJARO

And tried:
sudo pacman -S linux-headers
[sudo] password for dougal:
:: There are 9 providers available for linux-headers:
:: Repository core

  1. linux419-headers 2) linux510-headers 3) linux515-headers
  2. linux54-headers 5) linux61-headers 6) linux61-rt-headers
  3. linux65-headers 8) linux65-rt-headers 9) linux66-headers

Enter a number (default=1): 7
resolving dependencies…
looking for conflicting packages…

Packages (2) pahole-1:1.25-4 linux65-headers-6.5.9-1

Total Installed Size: 119.41 MiB

:: Proceed with installation? [Y/n]
(2/2) checking keys in keyring [######################] 100%
downloading required keys…
:: Import PGP key 3B94A80E50A477C7, “Jan Alexander Steffens (heftig) heftig@archlinux.org”? [Y/n]
error: key “3B94A80E50A477C7” could not be imported
:: Import PGP key 279E7CF5D8D56EC8, “Manjaro Build Server build@manjaro.org”? [Y/n]
error: key “279E7CF5D8D56EC8” could not be imported
error: required key missing from keyring
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.

Help needed.

2

Do you have your system completely up to date? Update arch-keyring and manjaro-keyring

If that does not solve the problem come back for more instructions.

3 
sudo pacman -Syu linux65-headers

?

4

In case @cscs’s suggestion did not solve the issue you could troubleshoot the keys issue as described here:

5

Thanks for the responses. But still have an issue:

sudo pacman -Syu
Produces (at the bottom):
:: Retrieving packages...
 archlinux-keyrin...  1169.5 KiB  12.3 MiB/s 00:00 [######################] 100%
(1/1) checking keys in keyring                     [######################] 100%
(1/1) checking package integrity                   [######################] 100%
error: archlinux-keyring: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20231107-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

:: Starting full system upgrade...
:: Replace kuserfeedback with extra/kuserfeedback5? [Y/n] 
resolving dependencies...
looking for conflicting packages...
error: unresolvable package conflicts detected
error: failed to prepare transaction (conflicting dependencies)
:: jdk-openjdk and jre-openjdk are in conflict

Then

pacman -Q | grep jdk
jdk-openjdk 21.u35-3
jre-openjdk 21.u35-3
jre-openjdk-headless 21.u35-3
jre17-openjdk 17.0.9.u8-1
jre17-openjdk-headless 17.0.9.u8-1

I dont want to remove jre17 as this is needed by Pycharm.

But how do I fix the errors seen?

Moderator edit: In the future, please use proper formatting: [HowTo] Post command output and file content as formatted text

6 
Error: Failed to prepare transaction:
conflicting dependencies:
- jdk-openjdk and jre-openjdk are in conflict

Resolved by installing jdk-openjdk before updating:

pamac install jdk-openjdk --no-upgrade; pamac update --no-aur
1 Like
7

Hi Wollie,
This doesn’t work for me:

pamac install jdk-openjdk --no-upgrade; pamac update --no-aur

I get …
To upgrade (1):
jdk-openjdk 21.u35-8 (21.u35-3) extra 479.7 MB
To remove (2):
jre-openjdk 21.u35-3 (Conflicts With: jdk-openjdk) extra
jre-openjdk-headless 21.u35-3 (Conflicts With: jdk-openjdk) extra

Synchronizing package databases…
Resolving dependencies…
Checking inter-conflicts…
Error: unresolvable package conflicts detected
Error: Failed to prepare transaction:
conflicting dependencies:

  • jdk-openjdk and jre-openjdk are in conflict

Is it possible to just remove the jre first?
Apparently not:

  • removing jre-openjdk breaks dependency ‘jre21-openjdk=21.u35-3’ required by jdk-openjdk

So is it possible to remove the jdk then jre?

8 
$ sudo pacman -Sy jdk-openjdk
:: Synchronising package databases...
 core is up to date
 extra is up to date
 multilib is up to date
resolving dependencies...
looking for conflicting packages...
:: jdk-openjdk and jre-openjdk are in conflict. Remove jre-openjdk? [y/N] y
:: jdk-openjdk and jre-openjdk-headless are in conflict. Remove jre-openjdk-headless? [y/N] y

Packages (3) jre-openjdk-21.u35-3 [removal]  jre-openjdk-headless-21.u35-3 [removal]
             jdk-openjdk-21.u35-8

Total Download Size:    457.46 MiB
Total Installed Size:  1136.47 MiB
Net Upgrade Size:       634.32 MiB

:: Proceed with installation? [Y/n] Y

Then do a full upgrade with sudo pacman -Syu.

1 Like
9

Hi MrLavender,
I tried that command and the response was:

:: Retrieving packages…
archlinux-keyring-20231107-1-any 1169.5 KiB 15.0 MiB/s 00:00 [#################################################] 100%
(1/1) checking keys in keyring [#################################################] 100%
(1/1) checking package integrity [#################################################] 100%
error: archlinux-keyring: signature from “Christian Hesse eworm@archlinux.org” is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20231107-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

(1/1) checking keys in keyring [#################################################] 100%
(1/1) checking package integrity [#################################################] 100%
error: jdk-openjdk: signature from “Frederik Schwan frederik.schwan@linux.com” is unknown trust
:: File /var/cache/pacman/pkg/jdk-openjdk-21.u35-8-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Then no point in upgrade.

10

You need to fix your keyring as described in the link @Wollie posted earlier. No upgrade method will work until you do that.

11

Right! But Wollie doesn’t have the solution and you can find it on reddit!
Well a refresh of the keys didn’t work!
It got rid of Schwan but produced an error for “Mark Wagie mark@manjaro.org

sudo pacman-key -l mark
pub rsa2048 2020-04-20 [SC]
688E8F82879D0E25CE541426150C200743ED46D8
uid [ unknown] Mark Wagie mark@manjaro.org
sub rsa2048 2020-04-20 [E]

pacman-key --refresh-keys
error retrieving ‘mark@manjaro.org’ via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 150C200743ED46D8: “Mark Wagie mark@manjaro.org” not changed
gpg: Total number processed: 1
gpg: unchanged: 1

I guess this means I need to wait until he/ubuntu server has the right key?!

12

My advice is to not do the refresh part, which pulls from the net and sometimes some server fails. Go with the installation from the packets, which have all the keys offline up to a particular date.

13

I think the easiest way is to temporary disable key checking to update the keyrings, and reactivate them after that. It is the solution in this thread.

15

Nope doesn’t work:
downloading required keys…
:: Import PGP key CAA6A59611C7F07E, “Philip Müller philm@manjaro.org”? [Y/n]
(2/2) checking package integrity [#################################################] 100%
error: archlinux-keyring: signature from “Christian Hesse eworm@archlinux.org” is unknown trust
:: File /home/dougal/.cache/pkg/archlinux-keyring-20231107-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: manjaro-keyring: signature from “Philip Müller (Called Little) philm@manjaro.org” is unknown trust
:: File /home/dougal/.cache/pkg/manjaro-keyring-20230719-2-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

If I try to install a single package using pacman I get:
error: element-desktop: signature from “Antonio Rojas arojas@archlinux.org” is unknown trust
:: File /var/cache/pacman/pkg/element-desktop-1.11.45-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

16

How about you follow the guide that was already posted, instead of trying install anything which will obviously fail when the keys are broken?

You literally have to do 3 things, clean the cache, download the rings, --init and install offline with -U

17

Sorry, I noticed now that I linked the wrong thread. The thing is to edit /etc/pacman.conf and modify the SigLevel lines to look like this:

SigLevel = Never

(Remember anyway the original value, as you need to put it back after installing the keyrings)

Install the keyrings:

sudo pacman -S archlinux-keyring manjaro-keyring

Revert the changes in /etc/pacman.conf

1 Like
18

Well its fixed but not directly with above. The solution was found in this post.
Where:
in /etc/pacman.conf
and edit this line:
SigLevel = Required DatabaseOptional - to this:
SigLevel = Optional TrustAll

Thanks for all suggestions. Surely this is a bug!
How did my OS get into this state?
Nixos looks better everyday.

19

https://wiki.archlinux.org/title/Pacman/Package_signing

Warning: The SigLevel TrustAll option exists for debugging purposes and makes it very easy to trust keys that have not been verified. You should use TrustedOnly for all official repositories.

So you might want to fix that once your system is fully updated and working again.

The most likely reason is that you’re running a rolling release distro that you don’t keep up-to-date, but there are other possible reasons which are described in section 4.2 of the above wiki page.

1 Like
20

This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.