I've got a problem when I update fdm using yay

Support AUR
1

When I’m updating fdm yay shows this:

==> Making package: freedownloadmanager 6.23.0.5754-2 (Wed 26 Jun 2024 11:29:53 PM +0330)
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> WARNING: Skipping verification of source file PGP signatures.
==> Validating source files with sha256sums...
    freedownloadmanager.deb ... FAILED
==> ERROR: One or more files did not pass the validity check!
 -> error downloading sources: /home/parsa/.cache/yay/freedownloadmanager 
         context: exit status 1 
         

:: (1/1) Parsing SRCINFO: freedownloadmanager
==> Making package: freedownloadmanager 6.23.0.5754-2 (Wed 26 Jun 2024 11:29:54 PM +0330)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> Validating source files with sha256sums...
    freedownloadmanager.deb ... FAILED
==> ERROR: One or more files did not pass the validity check!
 -> error making: freedownloadmanager-exit status 1
 -> Failed to install the following packages. Manual intervention is required:
freedownloadmanager - exit status 1

Hope you can find a solution for me :slight_smile:

2

The ‘problem’ is printed.
The sha256 sums used in the PKGBUILD are wrong.
You can SKIP them, or use updpkgsums in the build directory before running makepkg -fsric.

3

AUR (en) - freedownloadmanager

RAMChYLD commented on 2024-05-20 09:57 (UTC)
Hi, just a notice that sha256sum is broken again today.

4

Could you explain more about how can I fix the problem because I couldn’t find how to use the things you said.

5

For first one it shows:

==> Making package: freedownloadmanager 6.23.0.5754-2 (Wed 26 Jun 2024 11:49:50 PM +0330)
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> WARNING: Skipping all source file integrity checks.
:: (1/1) Parsing SRCINFO: freedownloadmanager
==> Making package: freedownloadmanager 6.23.0.5754-2 (Wed 26 Jun 2024 11:49:51 PM +0330)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> WARNING: Skipping all source file integrity checks.
==> Removing existing $srcdir/ directory...
==> Extracting sources...
  -> Extracting freedownloadmanager.deb with bsdtar
==> Starting prepare()...
tar (child): data.tar.zst: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
==> ERROR: A failure occurred in prepare().
    Aborting...
 -> error making: freedownloadmanager-exit status 4
 -> Failed to install the following packages. Manual intervention is required:
freedownloadmanager - exit status 4

For second one shows this:

==> Making package: freedownloadmanager 6.23.0.5754-2 (Wed 26 Jun 2024 11:50:10 PM +0330)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> Validating source files with sha256sums...
    freedownloadmanager.deb ... Passed
==> Extracting sources...
  -> Extracting freedownloadmanager.deb with bsdtar
==> Starting prepare()...
tar (child): data.tar.zst: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
==> ERROR: A failure occurred in prepare().
    Aborting...
6

I dont know where your cache/build-dir is.

Maybe I will assume it is in ~/.cache/yay

cd ~/.cache/yay/freedownloadmanager
updpkgsums
makepkg -fsric

Alternatively you could skip the sum by editing the PKGBUILD

micro PKGBUILD

(use whatever editor you like)

Then you can replace the current sha256 sum with 'SKIP'.
As above you run makepkg to then build the package using the augmented PKGBUILD.

Yes but that is dated before the most recent update.

Last Updated: 2024-06-24 04:52 (UTC)

Which we may suppose is still incorrect given the outcome here.

7

Comment on AUR suggests why this is likely to be an ongoing issue

RAMChYLD commented on 2024-03-16 03:32 (UTC) (edited on 2024-03-16 03:33 (UTC) by RAMChYLD)

Also having issues with the sha256sum. I think the problem here is that the developers of FDM updates the package with a newer version but does not put the package version in the package filename but instead overrides it with a new version of the package (this is bad practice). This create problems when the package is updated and the sha256sum changes. There are ways to make makepkg ignore the checksum but unless you are building from git this is not recommended, especially given the software’s history mentioned below.

Tried to install AUR package and download .deb package from source, but download seems to be limited to 17 KiB/s. >30 mins to download 38.7MiB package

Also no release announcement for new version (6.23) at Free Download Manager

1 Like
8

I had a passing wonder if this was the same software targeted for malware in the past.

(to be fair lots of similar applications with similar names are red flags on their own)

I didnt actually do a search until it was mentioned again in this quote.

Seems it was. And distributing from the source website itself.

So I wont be trying to fiddle with it, and would suggest you probably leave it as well.

4 Likes
9

The problem here is that the download is unversioned, so the maintainer will update the pkgbuild while the users will still have an old file cached

10

I did everything you but I see a error:

==> Making package: freedownloadmanager 6.23.0.5754-2 (Thu 27 Jun 2024 02:50:33 AM +0330)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found freedownloadmanager.deb
==> Validating source files with sha256sums...
    freedownloadmanager.deb ... FAILED
==> ERROR: One or more files did not pass the validity check!

Then I decided to delete freedownloadmanager.deb then I ran yay and it worked.

11

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.