Since a few days, I am no longer able to update manjaro via pacman. The problem:
$ sudo pacman -Syu
error: manjaro-sway: signature from "Jonas Strassel <info@jonas-strassel.de>" is invalid
:: Synchronizing package databases...
manjaro-sway 18,7 KiB 60,3 KiB/s 00:00 [##############################################] 100%
core is up to date
extra is up to date
community is up to date
multilib is up to date
error: manjaro-sway: signature from "Jonas Strassel <info@jonas-strassel.de>" is invalid
error: failed to synchronize all databases (unexpected error)
So, I tried to recreate the keys and deleted the keyrings as well as the gnupg dir:
But installing manjaro-keyring and archlinux-keyring does not work. (Same error as before signature from "Jonas Strassel <info@jonas-strassel.de>" is invalid)
I checked the gnupg file and the key is unkown:
$ gpg --homedir /etc/pacman.d/gnupg --list-keys | grep strass -A 3 -B 3
gpg: WARNING: unsafe ownership on homedir '/etc/pacman.d/gnupg'
gpg: Note: trustdb not writable
pub rsa3072 2021-07-07 [SC] [expires: 2027-06-07]
A44C644D792767CED7941AFEABB2075D5F310CF8
uid [ unknown] Jonas Strassel <info@jonas-strassel.de>
uid [ unknown] Jonas Strassel <jonas.strassel@manjaro.org>
uid [ unknown] Jonas Strassel <jonas.strassel@ioki.com>
uid [ unknown] Jonas Strassel <jo.strassel@gmail.com>
sub rsa3072 2021-07-07 [E]
This likely just a pretty misleading error message by pacman. In fact result from an attempt to avoid further problems with them, I removed the db signatures. Here is how to resolve it:
This sentiment is repeated here a bunch … but I dont consider the matter ‘resolved’ in such terms.
It really just seems like its considered ‘easier’ to not deal with the handful of issues that can come up, such as from an unreliable network.
(I’m also pretty sure its one person with this opinion that does all the repeating…)
If signed DB’s were really so odd and impractical and unnecessary … why does Arch do it ?