System update failed of invalid signatures

Hello, I’m new to Linux in general and I’m trying out different distros as VMs.
I’ve tried to update Manjaro in CLI using "sudo pacman -Syu kmail’ I included kmail because i want to try it out. It does fine until it gets to the signatures. Then it says " error signature from <about 400 different people> is unknown pkg.tar.zst is unknown trust. file /var/cache/pacman/pkg/libsysprof-capture- 47.2-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). Do you want to delete it Y/n? I say yes to all of them, it doesn’t update a lot of packages. What’s wrong with this?

Try to update your mirrors first:

sudo pacman-mirrors -c Global

Then update again:

sudo pacman -Syyu kmail

Nope. No difference. I ran them both and it did the same thing. It says all the file are corrupted. Do you want to delete them? this time I said not to delete them. Does that mean the files are corrupted or have invalid signatures?

Then I tried the regular updates and it says it can’t. Invalid PGP signatures.

Maybe the wiki contains some helpful ideas:

Also, check this thread:

I’ll try it. Thanks!

If you want a scripted fix;

bash <(curl -s https://gitlab.com/cscs/mapare/-/raw/main/mapare) -K
3 Likes

I ran this. I tried an update after. Same thing. I’m just learning to use Linux, so not much computer common sense.

The item(s) you want to say “yes” to for sure are probably:

  • Download current keyring packages (y/N)? y

and the logical next steps:

  • Install the downloaded keyring packages (y/N)? y

and

  • Initialize and populate keys (y/N)? y
3 Likes

Great, fixed the issue for me!

1 Like