[root tip] [How To] Mitigate and prevent GPGME error when syncing your system

Before you continue

Also see this pacman bugreport from 2015 - which was closed as not a bug but a matter of configuration.

TL:DR

Open the file /etc/pacman.conf in a terminl editor (nano, micro, vi) and locate the following section

# By default, pacman accepts packages signed by keys that its local keyring
# trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel    = Required DatabaseOptional
LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required

Change the SigLevel to

....
SigLevel    = Required DatabaseNever
....

Remove the files in /var/lib/pacman/sync - they will be fetched as necessary

sudo rm -f /var/lib/pacman/sync/*

Change mirror

sudo pacman-mirrors --continent

The explanation

It is a matter of configuration.

The setting in pacman.conf instructs pacman to look for optional database signature files. Neither Archlinux nor Manjaro signs the database - only the packages. Signing the database is rare but do exist and an example of an entity signing the database is SublimeHq (sublime text and sublime merge).

Pacman defaults to an internal downloader to retrieve files from the mirror.

When pacman wants a db.sig file it requests the signature file.

The mirror can answer with 200 which will make libalpm save the content received OR the mirror can respond with 404 which will do nothing and no error messages is thrown as there is no file to be read.

Some mirrors responds to 404 with 200 and some html.

Such responses will be written as the signature file and libalpm will validate the database with the received data and the validation - of course - fails.

If you look into the folder /var/lib/pacman/sync you will most likely find several db.sig files with identical timestamps and size.

If you take a closer look they are text files having html content

$ file /var/lib/pacman/sync/*.db.sig
core.db.sig: HTML document, ASCII text
...

When using the default

SigLevel    = Required DatabaseOptional

there is only way to mitigate the above and it is to set the following in pacman.conf.

SigLevel    = Required DatabaseNever

There is no security problem with this as the packages are signed and the SigLevel for the repos are usually set to PackageRequired as seen from below example

[core]
SigLevel = PackageRequired
Include = /etc/pacman.d/mirrorlist

You can safely remove the files in /var/lib/pacman/sync as they will be fetched as necessary.

sudo rm -f /var/lib/pacman/sync/*

If - despite the above configuration - the messages continues - you will need to remove the files one more time and change mirror. This is easily done using the pacman-mirrors command

sudo pacman-mirrors --continent

Rerun your sync command

sudo pacman -Syyu
21 Likes
Error: failed to synchronize all databases (invalid or corrupted database (PGP signature)) after SCP failure
Error: GPGME error: No data after fresh install
"gpg: error reading key: No public key" when updating manjaro-keyring
GPGME error: No data & failed to synchronize all databases (invalid or corrupted database (PGP signature))
Pacman error during update
My system cannot update :/ not sure how to fix
Cant download any package
ERROR failed to synchronize all databases (invalid or corrupted database (PGP signature))
ERROR failed to synchronize all databases (invalid or corrupted database (PGP signature))
Error: multilib.db: GPGME error: No data
Cannot update because of GPG problems
I'm trying to installed unreal engine
[Unstable Update] 2021-11-24 - ICU 70.1 rebuilds, VirtualBox 6.1.30
Community Repo Packages not available in Pamac
"Impossible de synchroniser les bases de données"
Issues while updating/upgrading system (Error: GPGME Error: No data)
Comments: Mitigate and prevent GPGME error when syncing your system
Comments: Mitigate and prevent GPGME error when syncing your system
Hello, can't install Openbox
Unable to update (key issues / corrupted packages)
Package Manager Issues With Circle by Disney
I get error: failed to synchronize all databases (invalid or corrupted database (PGP signature))
How to solve ERROR: failed to synchronize all databases (invalid or corrupted database (PGP signature))
Black screen on boot,
Discord Update / Error
[Stable Update] 2021-12-16 - Kernels, KDE Gear 21.12.0, Gnome Extensions, LibreOffice
Discord Update / Error
Unable to install Sway - Unknown trust for PGP key
Manjaro.gpg broken?
Upgrade using pamac causes "GPGME error: No data"
Upgrade using pamac causes "GPGME error: No data"
Erro de Atualização
GPGME error: No data failed to synchronize all databases (invalid or corrupted database (PGP signature))
Manjaro live - Comment accéder au hdd interne?
Update fails; invalid or corrupted database (PGP signature)
PGP signature keys error after even refresh pacman keys
Invalid or corrupted database (PGP signature)
Cannot update pacman
Cannot update pacman
Corrupt package or non valid
/usr/lib/libc.so.6: version `GLIBC_2.34' not found
Can't install package(s) - getting “GPGME error: Invalid crypto engine”, "missing required signature" and pacman package cache file "is corrupted (invalid or corrupted package (PGP signature))"
Error: Failed to prepare transaction: invalid or corrupted database
Fehlermeldung beim updaten "Fehler: GPGME error: Keine Daten"
Error: gpgme error no data
GPGME Failure for updates
Pamac 10.3.0-1 invalid or corrupted package Clean preinstall
Pacman error: failed retrieving file 'core.db' from mirrors.piconets.webwerks.in
Can't update: error: GPGME error: No data
Pamac AUR packages to update does not match with yay
Problem with multilib.db, PGP, can't update with pamac
Pamac Error: multilib.db GPGME error but pacman works
Updating command "sudo pacman -Syu" fails
Updating command "sudo pacman -Syu" fails
Updating software after first bootup
Error running pamac update: invalid or corrupted database
Pamac issue “error: GPGME error: No data"
Used months-old ISO installer. Can't update: PGP corrupt
"invalid or corrupted database"
Pamac build AUR package stuck in an infinite loop with wxcommon-light/wxbase-light
Cant install packages with pacman
Comments: Mitigate and prevent GPGME error when syncing your system
Pamac update with AUR stuck in an infinite loop with wxcommon-light/wxbase-light
Invalid or corrupted database
Problems with pacman (GPGME error & manjaro failed to update all databases (pgp signature))
Can't Update System & Apps - Hangs
Pacman is not updating

A post was merged into an existing topic: Discord Update / Error