Manjaro keyring error, today (11/11/2024)

Keyring error

I have keyring error just now.
I can not update system now.

Could you update manjaro-keyring ?

error: tree-sitter: signature from “Daniel M. Capella polyzen@archlinux.org” is unknown trust

  • I did udate key.
sudo pacman -S archlinux-keyring manjaro-keyring

warning: archlinux-keyring-20240709-2 is up to date -- reinstalling
warning: manjaro-keyring-20230719-3 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Packages (2) archlinux-keyring-20240709-2  manjaro-keyring-20230719-3

Total Installed Size:  1.76 MiB
Net Upgrade Size:      0.00 MiB

  • confirm key
pacman-key --list-sigs | fgrep "Daniel M. Capella"

fgrep: warning: fgrep is obsolescent; using grep -F
gpg: Note: trustdb not writable
uid           [ expired] Daniel M. Capella <polyzen@archlinux.org>
sig      N   29C71CE612B57264 2024-02-02  Daniel M. Capella <polyzen@archlinux.org>
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   EA4F7B321A906AD9 2024-02-09  Daniel M. Capella <polyzen@archlinux.org>

  • add expired key; 29C71CE612B57264
  • EA4F7B321A906AD9 is full, but I add this key also.
sudo pacman-key --lsign-key EA4F7B321A906AD9
  -> Locally signed 1 key.
==> Updating trust database...
gpg: next trustdb check due at 2024-11-18


sudo pacman-key --lsign-key 29C71CE612B57264
  -> Locally signed 1 key.
==> 信頼データベースを更新...
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: 公開鍵DB323392796CA067は、署名よりも3037日、新しいものです
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: 深さ: 0  有効性:   1  署名:  25  信用: 0-, 0q, 0n, 0m, 0f, 1u
gpg: 深さ: 1  有効性:  25  署名: 103  信用: 1-, 0q, 0n, 24m, 0f, 0u
gpg: 深さ: 2  有効性:  75  署名:  30  信用: 75-, 0q, 0n, 0m, 0f, 0u
gpg: 次回の信用データベース検査は、2024-11-18です
  • But I had error, and can not update system now.
sudo pacman -Syyuu

....
Status Legend:
(OK):download completed.
checking keyring...
checking package integrity...

error: tree-sitter: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-c: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-c-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-lua: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-lua-0.2.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-markdown: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-markdown-0.3.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-query: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-query-0.4.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-vim: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-vim-0.4.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: nodejs: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/nodejs-22.8.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: npm: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/npm-10.8.3-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: python-build: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/python-build-1.2.2-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-bash: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-bash-0.23.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-python: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-python-0.23.2-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

This is up to the developer/package-maintainer to do, I believe. I’d suggest just removing the signatures for now and adding them back in when that is done.

What do you use these packages for? Maybe a practical way is to remove them (although the first one I checked seems to be up-to-date), do the system upgrade, then reinstall them if needed. Or, not ideal I know, hang on for a few more days?

Thank you.

hang on for a few more days?

Could you mean someone will fix this issue in a few more days?

It seems that neovim require these pkgs.
So Ican not remove them.

Is it possibleto remove & re-install like follwoing way ?
But I think I have some keyring error, when I re-install pkg.

## remove
sudo pacman -Rdd tree-stter.

## update system 
sudo pacman -Syyuu

## add tree-sitter
sudo pacman -S tree-stter.

## But I will have some keyring error

neovim requires tree-stter.

yay -Qi tree-sitter

Name            : tree-sitter
Version         : 0.22.6-1
Description     : Incremental parsing library
Architecture    : x86_64
URL             : https://github.com/tree-sitter/tree-sitter
Licenses        : MIT
Groups          : None
Provides        : libtree-sitter.so=0-64
Depends On      : None
Optional Deps   : None
Required By     : neovim
Optional For    : tree-sitter-bash  tree-sitter-c  tree-sitter-lua  tree-sitter-markdown
                  tree-sitter-python  tree-sitter-query  tree-sitter-vimdoc
Conflicts With  : None
Replaces        : None
Installed Size  : 218.30 KiB
Packager        : Daniel M. Capella <polyzen@archlinux.org>
Build Date      : 2024
Install Date    : 2024
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

Hopefully, yes, when someone nags this one person enough about it.

I only have these showing up on this system with his signatures:

pacman-key --list-sigs | grep -i capella
gpg: Note: trustdb not writable
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   29C71CE612B57264 2024-02-02  Daniel M. Capella <polyzen@archlinux.org>
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   EA4F7B321A906AD9 2024-02-09  Daniel M. Capella <polyzen@archlinux.org>

I haven’t checked what these are actually for, yet. I’m about to install the latest 12 updates and see how things go.

One thing I did observe from my checks though, is I seem to have a LOT of seemingly identical entries for some of the others … :person_shrugging: (I’ll look in to that).

Thank you so mcuh.

It seems that my server is not uodateed like yours…
So I will change majaro-server ( form japan to US etc) and try.

The preferred command is:

# Update system
sudo pacman -Syu
1 Like

Thank you.
I use US-server and your CMD.
But I have same error.

sudo pacman -Syu


(OK):download completed.
checking keyring...
checking package integrity...
error: tree-sitter: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-c: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-c-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-lua: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-lua-0.2.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-markdown: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-markdown-0.3.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-query: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-query-0.4.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-vim: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-vim-0.4.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: nodejs: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/nodejs-22.8.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: npm: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/npm-10.8.3-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: python-build: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/python-build-1.2.2-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-bash: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-bash-0.23.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-python: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-python-0.23.2-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

I don’t believe that there is any problem with your server; you have the latest version of archlinux-keyring (for the stable channel). It has been a while since the last stable channel update, so hopefully a new update will arrive in the near future. Even without that though, my understanding was that the archlinux-keyring-wkd-sync.service should help keep Arch keys up to date. Can you try running it manually?

sudo archlinux-keyring-wkd-sync
2 Likes

If the good suggestion by @Takakage doesn’t work I’d make a Timeshift snapshot, hit Enter for those (Y is default) and then re-run the upgrade if needed.

Also, @soundofthunder’s post below mine ↓ indeed, your own Thread would be best.

My post was a correction and not a suggestion.
It will likely be best to start your own thread for this topic.

Cheers.

1 Like

sudo archlinux-keyring-wkd-sync not work…

Thank you for everyone.

It will likely be best to start your own thread for this topic.

I do not uderstand what you mean…
But I create new post.

I did following but I have a lot of erros, because proxy seems to disturrbe key-update…
Do you have any idea?

Should I have to wait for manjaro-key update?

sudo archlinux-keyring-wkd-sync | tee archlinux-keyring-wkd-sync-log-1.txt

Skipping key 821B2D7B94E0E2DA7A09FBB648BFC3664FEA8657 with UID pacman@localhost...
Skipping key AB19265E5D7D20687D303246BA1DFB64FFF979E7 with UID allan@master-key.archlinux.org...
Refreshing key D8AFDDA07A5B6EDFA7D8CCDAD6D055F927843F1C with UID anthraxx@master-key.archlinux.org...
gpg: error retrieving 'anthraxx@master-key.archlinux.org' via WKD: Connection timed out
gpg: error reading key: Connection timed out
Skipping key DDB867B92AA789C165EEFA799B729B06A680C281 with UID bpiotrowski@master-key.archlinux.org...
Refreshing key 2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E with UID dvzrv@master-key.archlinux.org...
gpg: error retrieving 'dvzrv@master-key.archlinux.org' via WKD: Connection timed out
gpg: error reading key: Connection timed out
Refreshing key 91FFE0700E80619CEB73235CA88E23E377514E00 with UID florian@master-key.archlinux.org...
gpg: error retrieving 'florian@master-key.archlinux.org' via WKD: Connection timed out
gpg: error reading key: Connection timed out
Skipping key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2 with UID pierre@master-key.archlinux.org...
Skipping key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0 with UID dan@master-key.archlinux.org
...

Create a new Support thread (not post):

Use the Support category from the left-hand site menu; then click the New Topic button that hovers bottom-right in the window.

As you seem to have a need for additional support, a new thread should ensure your issue receives the attention it deserves; rather than filling the Stable Update thread unnecessarily.

So, create your new thread and edit your last post with an included link to the new thread so that others can continue the discussion with you separate from the Stable Update thread.

I trust that’s understandable. Cheers.


@moderators

User has kindly recreated some of their posts in a new thread:

Perhaps related posts in this thread can also be relocated, as needed; from Post onwards. Best regards.

1 Like

I just pushed archlinux-keyring 20241015-1 also to stable branch. Lets see if that helps.

1 Like

I have same error.
Should I wait for a few days?

sudo pacman -Syu 

....

(571/571) checking keys in keyring                             [##################################] 100%
(571/571) checking package integrity                           [##################################] 100%

error: tree-sitter: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: tree-sitter-c: signature from "Daniel M. Capella <polyzen@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/tree-sitter-c-0.23.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
...

My manjro-keys seems to be broken?

I have same error since yesterday.

confirm key.

sudo pacman-key --list-sigs | grep -i capella

uid           [ expired] Daniel M. Capella <polyzen@archlinux.org>
sig      N   29C71CE612B57264 2024-02-02  Daniel M. Capella <polyzen@archlinux.org>
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   EA4F7B321A906AD9 2024-02-09  Daniel M. Capella <polyzen@archlinux.org>

sign key.

sudo pacman-key --lsign-key 29C71CE612B57264
  -> Locally signed 1 key.
==> Updating trust database...
gpg: next trustdb check due at 2024-11-18

But “Capella’s key” does not seem to be accepted in my system.
Its key is still [expired] , not [full]

 sudo pacman-key --list-sigs | grep -i capella
uid           [ expired] Daniel M. Capella <polyzen@archlinux.org>
sig      N   29C71CE612B57264 2024-02-02  Daniel M. Capella <polyzen@archlinux.org>
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   EA4F7B321A906AD9 2024-02-09  Daniel M. Capella <polyzen@archlinux.org>

Alright, let me try to help with some bash magic.

You can observe the script here, or save it manually from the forum for use.

Script
#!/usr/bin/env bash
#
# makeyfix
#
# A script to automate fixing some key issues
#
# <3 cscs <3
#
set -eu

## Begin Script ##

EXIT_CODE=0

## Exit if Root ##

if [[ "$EUID" = 0 ]]; then
    echo "Do not run as root."
    exit
fi

sudo -k

sudo -p "To continue enter the password for %p: " true || exit

echo -ne "\nClearing the package cache may be useful to remove corrupted packages.\n"

sudo pacman -Scc

_manj_keysv=$(pacman -Si manjaro-keyring | grep "^Version" | awk '{print $3}')
_arch_keysv=$(pacman -Si archlinux-keyring | grep "^Version" | awk '{print $3}')

echo -ne "\nDownloading keyring packages manually.\n\n"

curl -O https://mirror.easyname.at/manjaro/pool/overlay/manjaro-keyring-"$_manj_keysv"-any.pkg.tar.zst
curl -O https://mirror.easyname.at/manjaro/pool/sync/archlinux-keyring-"$_arch_keysv"-any.pkg.tar.zst

echo -ne "\nRemoving pacman keys manually.\n"

sudo rm -r /etc/pacman.d/gnupg

echo -ne "\nInitializaing pacman keyring.\n\n"

sudo pacman-key --init 

echo -ne "\nInstalling keyring packages.\n\n"

sudo pacman -U manjaro-keyring-"$_manj_keysv"-any.pkg.tar.zst archlinux-keyring-"$_arch_keysv"-any.pkg.tar.zst 

echo -ne "\nPopulating keys.\n\n"

sudo pacman-key --populate manjaro archlinux 

echo -ne "\nSorting mirrors and syncing.\n\n"

sudo pacman-mirrors -f
sudo pacman -Syu

echo -ne "\nAll done!\n\n"

exit 0

But I also quickly sent it to a paste service here:
https://0x0.st/XkNY.sh

Which means you can easily run the script with the following command:

bash <(curl -s https://0x0.st/XkNY.sh)

Please let me know if it helps you.

Note: There are a number of prompts during the run of the script. It will not run beginning-to-end without interaction. Generally, unless you know an important reason to do otherwise, all prompts should be affirmed.

Thank you so much cscs.

My issues is that proxy disturbes key refresh.
So I fix it like below.

Dose anyone knows how to set proxy env for pacman-key or GPG?
I find the document but not work for me.

https://wiki.archlinux.org/title/GnuPG

You can connect to a keyserver using a proxy by setting the http_proxy environment variable and setting honor-http-proxy in dirmngr.conf. Alternatively, set http-proxy host[:port] in the configuration file to override the environment variable of the same name. Restart the dirmngr.service user service for the changes to take effect.

## I set http_proxy=http://ID:PASS:PORT  in my .zshrc

## add follwos & reboot.
sudo vi  /etc/pacman.d/gnupg/dirmngr.conf

honor-http-proxy

## but not work, and same error.

I use gpg & --keyserver-options , and add my PORXY settig like follows.
I also use ubunutu key server, not hkp://keyserver.ubuntu.com

## use  --keyserver-options 

sudo gpg --keyserver-options http-proxy=http://ID:PASS@PROXY_IP:8080 \
 --keyserver hkp://keyserver.ubuntu.com --recv-keys 29C71CE612B57264

gpg: *警告*: homedir '/home/wan/.gnupg'の安全でない所有
gpg: 鍵29C71CE612B57264: 公開鍵"Daniel M. Capella 

<polyzen@archlinux.org>" is imported
gpg:           処理数の合計: 1
gpg:             import: 1

Confirm capella’skey key, and it becomes [full].

sudo pacman-key --list-sigs | grep -i capella
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   29C71CE612B57264 2024-02-02  Daniel M. Capella <polyzen@archlinux.org>
uid           [  full  ] Daniel M. Capella <polyzen@archlinux.org>
sig      N   EA4F7B321A906AD9 2024-02-09  Daniel M. Capella <polyzen@archlinux.org>

finish update system witout error now.

sudo pamcamn -Syyuu

The option honor-http-proxy must be set in both /etc/gnupg/dirmngr.conf and /etc/pacman.d/gnupg/dirmngr.conf.

You can alternatively use http-proxy host[:port] explicitly in the configuration file.

Also remember to restart the user unit dirmngr.service or reboot for changes to take effect.

https://wiki.archlinux.org/title/Pacman/Package_signing#Updating_keys_via_proxy

Huzzah.
But hopefully we can make it a little more sustainable with persistent configuration as above.

sudo pacman -Syu

I’m glad you seem to have a resolution.

Good luck.

I add same sentence to
/etc/gnupg/dirmngr.conf & /etc/pacman.d/gnupg/dirmngr.conf.
And restart PC.
But pacman-key, GPG dose not go through the proxy.

So, I have to add “–key-server-option …” manually.

Do you have any advice ?

cat /etc/gnupg/dirmngr.conf
honor-http-proxy
cat /etc/pacman.d/gnupg/dirmngr.conf
honor-http-proxy