Unable to update (key issues / corrupted packages)

Zesko · 29 November 2021 17:15

No, you do not need change the trust level. That is right default like my output. But I have no issue.

alven · 29 November 2021 17:33

The issue is a bit deeper, I still can’t figure out the exact source.

@saintjules , to conclude:
By the Pacman troubleshooting - Manjaro instruction you did the steps 1, 3-6 and then step 2 of

sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring

was with error messages and was not complete successfully, right?

May be you have firewall on PC or router, which prevents you some connections? If have, do not turn it off, wait for other community members suggestions.

I feel the need to call qualified help of @Manjaro-Team : the issue is more than a day old and regulars participated here perhaps somewhere close, but still can’t help to fix it, but every package installation for the PC is blocked.

Zesko · 29 November 2021 17:39

saintjules:

error: gnupg: signature from "Levente Polyak <anthraxx@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/gnupg-2.2.32-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: archlinux-keyring: signature from "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20211028-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).

Two packages were probably hacked in the mirror repository or during the transfer, so they are untrusted after verification.

Or

These packages are probably not correct in the some mirror repository.

saintjules · 29 November 2021 17:51

Yep, your summary is accurate.

No firewall in place.

I also want to thank you guys for all the support you’re trying to give me, that’s highly appreciated!

eugen-b · 29 November 2021 18:04

Try Pacui option
Z Fix Pacman Errors

If not installable you can download the script and run it

wget https://raw.githubusercontent.com/excalibur1234/pacui/master/pacui
bash pacui


                         Package manager UI                       
 +----------------------------------------------------------------+
 |     1  Update System            2  Maintain System             |
 |     3  Install Packages         4  Remove Packages and Deps    |
 |----------------------------------------------------------------|
 |     5  Dependency Tree          6  Reverse Dependency Tree     |
 |     7  List Package Files       8  Search Package Files        |
 +----------------------------------------------------------------+
       9  Roll Back System         Z  Fix Pacman Errors 
       Y  Edit Config Files        X  List Packages by Size 
 +----------------------------------------------------------------+
 |     W  Force Update AUR         V  List Installed from AUR     |
 +----------------------------------------------------------------+

  Press number or marked letter             H  Help        0  Quit

alven · 29 November 2021 19:39

If unsuccessful with Pacui, try suggestion of

You might have issues to install this update by missing Maintainers keys

in the [Stable Update] 2021-11-19 - Kernels, Gnome 41.1, Plasma 5.23.3, Frameworks 5.88, LxQt 1.0, Xorg-Server 21.1, Mesa - #2 by philm post.

But before to do those instructions, clear local cache of packages and signatures also by:

sudo pacman -Scc

(y for both it’s questions)
or the same initial clearing by the

pamac clean

codesardine · 29 November 2021 19:56

Delete the contents of /var/lib/pacman/sync/ and refresh database using Pamac.

alven · 29 November 2021 20:00

@codesardine
Vitor, thanks! Only saintjules have the issue: I fixed it for me in the same post I got it (Unable to update (key issues / corrupted packages) - #13 by alven)
Please suggest to them.

@saintjules , I will try to translate to lower level (of commands to execute):
to delete old databases of packages:

sudo rm -f /var/lib/pacman/sync/*

to force to get refresh versions of them:

pamac update --force-refresh

saintjules · 29 November 2021 23:05

Same errors when it gets to checking integrity (signature is unknown trust ).

saintjules · 29 November 2021 23:24

This seems to have worked!! Lowering the security check on the keys (sorry can’t find the right wording) did the trick. After upgrading the packages I got:

  It seems the update succeded because of the temporary lack of key checks. 
  Should PacUI prevent all future key / keyring errors? [y|N]

to which I answered Y

Am I good now??

saintjules · 29 November 2021 23:28

…not quite, I guess.
System is fully updated now, but I can’t install new packages because of the same errors.

alven · 30 November 2021 00:35

Very glad to read this! Did you update the OS via pacui?

saintjules, give a bit more debug info, please:
Overall current keys count (actually not a keys count, but only output lines count, which depends on keys count):

sudo pacman-key -l | wc -l

and current keys state of the pacman, gnupg, archlinux-keyring, manjaro-keyring packager keys:

sudo pacman-key -l 5F7078DF1E0FDF8745D5B984108E0767D5F34DE4 86CFFCA918CF3AF47147588051E8B148A9999C34 02FD1C7A934E614545849F19A6234074498E9CEE 39F0EC1AE50B37E5F3196F09DAD3B211663CA268

saintjules, the next spoiler is not for your actions, please wait suggestion of more qualified (than me) members.

Suggestion

If trust level of “4 core keys” are still unknown:

To try to fix keys count and trust levels by keys renewal (steps 4, 5 in the Pacman troubleshooting - Manjaro article)
Was the trust level changed after that?

my OS debug data: tracing of key addition from the scratch

~/Desktop ❯ rm -r ~/.gnupg                              
rm: cannot remove '/home/m/.gnupg': No such file or directory

~/Desktop ❯ sudo rm -r /etc/pacman.d/gnupg

~/Desktop ❯ sudo rm -r /etc/pacman.d/gnupg 
rm: cannot remove '/etc/pacman.d/gnupg': No such file or directory

~/Desktop ❯ sudo pacman-key -l
==> ERROR: You do not have sufficient permissions to read the pacman keyring.
==> Use 'pacman-key --init' to correct the keyring permissions.

~/Desktop ❯ sudo pacman-key --init                      
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: key 601F2078157D111B marked as ultimately trusted
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/98609D2BE03FC81198503F29601F2078157D111B.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u

~/Desktop ❯ sudo pacman-key -l | wc -l                  
6

~/Desktop ❯ sudo pacman-key -l        
/etc/pacman.d/gnupg/pubring.gpg
-------------------------------
pub   rsa4096 2021-11-29 [SC]
      98609D2BE03FC81198503F29601F2078157D111B
uid           [ultimate] Pacman Keyring Master Key <pacman@localhost>

~/Desktop ❯ sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
:: Synchronising package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
 chaotic-aur                                                                         1649.1 KiB  2.23 MiB/s 00:01 [####################################################################] 100%
warning: gnupg-2.2.32-2 is up to date -- reinstalling
warning: archlinux-keyring-20211028-1 is up to date -- reinstalling
warning: manjaro-keyring-20210910-2 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Package (3)             Old Version  New Version  Net Change  Download Size

core/archlinux-keyring  20211028-1   20211028-1     0.00 MiB       0.96 MiB
core/gnupg              2.2.32-2     2.2.32-2       0.00 MiB       2.38 MiB
core/manjaro-keyring    20210910-2   20210910-2     0.00 MiB       0.14 MiB

Total Download Size:    3.47 MiB
Total Installed Size:  11.49 MiB
Net Upgrade Size:       0.00 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
 manjaro-keyring-20210910-2-any                                                       141.6 KiB   253 KiB/s 00:01 [####################################################################] 100%
 gnupg-2.2.32-2-x86_64                                                                  2.4 MiB  2.43 MiB/s 00:01 [####################################################################] 100%
 archlinux-keyring-20211028-1-any                                                     979.1 KiB   489 KiB/s 00:02 [####################################################################] 100%
 Total (3/3)                                                                            3.5 MiB  1735 KiB/s 00:02 [####################################################################] 100%
(3/3) checking keys in keyring                                                                                    [####################################################################] 100%
downloading required keys...
:: Import PGP key 51E8B148A9999C34, "Evangelos Foutras <foutrelis@archlinux.org>"? [Y/n] 
:: Import PGP key 6D42BDD116E0068F, "Christian Hesse <arch@eworm.de>"? [Y/n] 
:: Import PGP key DAD3B211663CA268, "Bernhard Landauer <oberon@manjaro.org>"? [Y/n] 
(3/3) checking package integrity                                                                                  [####################################################################] 100%
error: gnupg: signature from "Evangelos Foutras <foutrelis@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/gnupg-2.2.32-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: archlinux-keyring: signature from "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20211028-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: manjaro-keyring: signature from "Bernhard Landauer <bernhard@manjaro.org>" is unknown trust
:: File /var/cache/pacman/pkg/manjaro-keyring-20210910-2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

~/Desktop ❯ sudo pacman-key -l | wc -l                             
25

~/Desktop ❯ sudo pacman-key -l                                     
/etc/pacman.d/gnupg/pubring.gpg
-------------------------------
pub   rsa4096 2021-11-29 [SC]
      98609D2BE03FC81198503F29601F2078157D111B
uid           [ultimate] Pacman Keyring Master Key <pacman@localhost>

pub   rsa2048 2010-11-12 [SC]
      86CFFCA918CF3AF47147588051E8B148A9999C34
uid           [ unknown] Evangelos Foutras <foutrelis@archlinux.org>
sub   rsa2048 2010-11-12 [E]

pub   rsa2048 2011-08-12 [SC]
      02FD1C7A934E614545849F19A6234074498E9CEE
uid           [ unknown] Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>
sub   rsa2048 2011-08-12 [E]
sub   ed25519 2019-08-29 [S]
sub   cv25519 2019-08-29 [E]

pub   rsa2048 2015-07-12 [SC]
      39F0EC1AE50B37E5F3196F09DAD3B211663CA268
uid           [ unknown] Bernhard Landauer <bernhard@manjaro.org>
uid           [ unknown] Bernhard Landauer <oberon@manjaro.org>
sub   dsa2048 2015-10-01 [S]
sub   rsa2048 2015-07-12 [E]

~/Desktop ❯ sudo pacman-key --populate archlinux manjaro
==> Appending keys from archlinux.gpg...
==> Appending keys from manjaro.gpg...
gpg: error reading key: No public key
gpg: error reading key: No public key
==> Locally signing trusted keys in keyring...
  -> Locally signed 28 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
  -> Disabled 47 keys.
==> Updating trust database...
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:  28  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:  28  signed:  84  trust: 0-, 0q, 0n, 28m, 0f, 0u
gpg: depth: 2  valid:  79  signed:  26  trust: 79-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-20

~/Desktop ❯ sudo pacman-key -l | wc -l                  
1042

~/Desktop ❯ sudo pacman-key -l 5F7078DF1E0FDF8745D5B984108E0767D5F34DE4 86CFFCA918CF3AF47147588051E8B148A9999C34 02FD1C7A934E614545849F19A6234074498E9CEE 39F0EC1AE50B37E5F3196F09DAD3B211663CA268
pub   rsa2048 2010-11-12 [SC]
      86CFFCA918CF3AF47147588051E8B148A9999C34
uid           [  full  ] Evangelos Foutras <evangelos@foutrelis.com>
uid           [  full  ] Evangelos Foutras <foutrelis@archlinux.org>
uid           [  full  ] Evangelos Foutras <foutrelis@gmail.com>
sub   rsa2048 2010-11-12 [E]

pub   rsa2048 2011-08-12 [SC]
      02FD1C7A934E614545849F19A6234074498E9CEE
uid           [marginal] Christian Hesse <eworm@archlinux.org>
uid           [  full  ] Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>
sub   rsa2048 2011-08-12 [E]
sub   ed25519 2019-08-29 [S]
sub   cv25519 2019-08-29 [E]

pub   rsa2048 2015-07-12 [SC]
      39F0EC1AE50B37E5F3196F09DAD3B211663CA268
uid           [  full  ] Bernhard Landauer <bernhard@manjaro.org>
uid           [  full  ] Bernhard Landauer <oberon@manjaro.org>
sub   dsa2048 2015-10-01 [S]
sub   rsa2048 2015-07-12 [E]

~/Desktop ❯ sudo pacman-key --refresh-keys                         
gpg: key 51E8B148A9999C34: "Evangelos Foutras <evangelos@foutrelis.com>" 3 new signatures
gpg: Total number processed: 1
gpg:         new signatures: 3
pub   rsa2048 2010-11-12 [SC]
      86CFFCA918CF3AF47147588051E8B148A9999C34
...
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: public key DB323392796CA067 is 3037 days newer than the signature
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:  27  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:  27  signed:  86  trust: 0-, 0q, 0n, 27m, 0f, 0u
gpg: depth: 2  valid:  79  signed:  26  trust: 79-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-20

~/Desktop ❯ sudo pacman-key -l | wc -l
1067

~/Desktop ❯ sudo pacman-key -l 5F7078DF1E0FDF8745D5B984108E0767D5F34DE4 86CFFCA918CF3AF47147588051E8B148A9999C34 02FD1C7A934E614545849F19A6234074498E9CEE 39F0EC1AE50B37E5F3196F09DAD3B211663CA268
pub   rsa2048 2010-11-12 [SC]
      86CFFCA918CF3AF47147588051E8B148A9999C34
uid           [  full  ] Evangelos Foutras <evangelos@foutrelis.com>
uid           [  full  ] Evangelos Foutras <foutrelis@archlinux.org>
uid           [  full  ] Evangelos Foutras <foutrelis@gmail.com>
sub   rsa2048 2010-11-12 [E]

pub   rsa2048 2011-08-12 [SC]
      02FD1C7A934E614545849F19A6234074498E9CEE
uid           [marginal] Christian Hesse <eworm@archlinux.org>
uid           [  full  ] Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>
sub   rsa2048 2011-08-12 [E]
sub   ed25519 2019-08-29 [S]
sub   cv25519 2019-08-29 [E]

pub   rsa2048 2015-07-12 [SC]
      39F0EC1AE50B37E5F3196F09DAD3B211663CA268
uid           [  full  ] Bernhard Landauer <bernhard@manjaro.org>
uid           [  full  ] Bernhard Landauer <oberon@manjaro.org>
sub   dsa2048 2015-10-01 [S]
sub   rsa2048 2015-07-12 [E]

~/Desktop ❯ sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
:: Synchronising package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
 chaotic-aur                                                                         1649.1 KiB   461 KiB/s 00:04 [####################################################################] 100%
warning: gnupg-2.2.32-2 is up to date -- reinstalling
warning: archlinux-keyring-20211028-1 is up to date -- reinstalling
warning: manjaro-keyring-20210910-2 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Package (3)             Old Version  New Version  Net Change  Download Size

core/archlinux-keyring  20211028-1   20211028-1     0.00 MiB       0.96 MiB
core/gnupg              2.2.32-2     2.2.32-2       0.00 MiB       2.38 MiB
core/manjaro-keyring    20210910-2   20210910-2     0.00 MiB       0.14 MiB

Total Download Size:    3.47 MiB
Total Installed Size:  11.49 MiB
Net Upgrade Size:       0.00 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
 manjaro-keyring-20210910-2-any                                                       141.6 KiB   335 KiB/s 00:00 [####################################################################] 100%
 archlinux-keyring-20211028-1-any                                                     979.1 KiB  1399 KiB/s 00:01 [####################################################################] 100%
 gnupg-2.2.32-2-x86_64                                                                  2.4 MiB  1851 KiB/s 00:01 [####################################################################] 100%
 Total (3/3)                                                                            3.5 MiB  2.53 MiB/s 00:01 [####################################################################] 100%
(3/3) checking keys in keyring                                                                                    [####################################################################] 100%
(3/3) checking package integrity                                                                                  [####################################################################] 100%
(3/3) loading package files                                                                                       [####################################################################] 100%
(3/3) checking for file conflicts                                                                                 [####################################################################] 100%
(3/3) checking available disk space                                                                               [####################################################################] 100%
:: Processing package changes...
(1/3) reinstalling gnupg                                                                                          [####################################################################] 100%
(2/3) reinstalling archlinux-keyring                                                                              [####################################################################] 100%
==> Appending keys from archlinux.gpg...
gpg: public key DB323392796CA067 is 3037 days newer than the signature
==> Updating trust database...
gpg: next trustdb check due at 2022-01-20
==> Updating trust database...
gpg: next trustdb check due at 2022-01-20
(3/3) reinstalling manjaro-keyring                                                                                [####################################################################] 100%
==> Appending keys from manjaro.gpg...
gpg: public key DB323392796CA067 is 3037 days newer than the signature
gpg: error reading key: No public key
gpg: error reading key: No public key
==> Disabling revoked keys in keyring...
  -> Disabled 2 keys.
==> Updating trust database...
gpg: next trustdb check due at 2022-01-20
:: Running post-transaction hooks...
(1/3) Arming ConditionNeedsUpdate...
(2/3) Refreshing PackageKit...
(3/3) Updating the info directory file...
~/Desktop ❯

If there are still problems, then:
-) manual installation of that “4 core keys” from mirror server’s file: unpack content of archlinux-keyring and manjaro-keyring packages and to install keys and their trust levels manually
OR
-) temporal manual trust with 5th trust level on those “core keys” (example in Possible issue of keyring renew algorithm - #3 by alven)

But the main question for the project is: what could lead to this issue? Hardware (storage, CPU, RAM) issues? What else?

saintjules · 30 November 2021 06:36

Keys count: 151

sudo pacman-key -l 5F7078DF1E0FDF8745D5B984108E0767D5F34DE4 86CFFCA918CF3AF47147588051E8B148A9999C34 02FD1C7A934E614545849F19A6234074498E9CEE 39F0EC1AE50B37E5F3196F09DAD3B211663CA268
pub   rsa2048 2015-07-12 [SC]
      39F0EC1AE50B37E5F3196F09DAD3B211663CA268
uid           [  full  ] Bernhard Landauer <oberon@manjaro.org>
sub   rsa2048 2015-07-12 [E]
sub   dsa2048 2015-10-01 [S]

pub   rsa2048 2011-08-12 [SC]
      02FD1C7A934E614545849F19A6234074498E9CEE
uid           [ unknown] Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>
sub   rsa2048 2011-08-12 [E]
sub   ed25519 2019-08-29 [S]
sub   cv25519 2019-08-29 [E]

Yes, but see my previous post.

Zesko · 30 November 2021 09:02

151 is not enough, but many keys are missing. There should be more than 1000 keys.

Can you show which mirrors you use:
cat /etc/pacman.d/mirrorlist

saintjules · 30 November 2021 11:34

##
## Manjaro Linux custom mirrorlist
## Generated on 2021-11-30 00:06
##
## Please use 'pacman-mirrors -id' To reset custom mirrorlist
## Please use 'pacman-mirrors -c all' To reset custom mirrorlist
## To remove custom config run  'pacman-mirrors -c all'
##

## Country : Switzerland
Server = https://manjaro.osmir.ch/stable/$repo/$arch

## Country : Switzerland
Server = https://mirror.init7.net/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://manjaro.moson.eu/stable/$repo/$arch

## Country : Germany
Server = https://mirror.moson.org/manjaro/stable/$repo/$arch

## Country : Belgium
Server = https://mirror.futureweb.be/manjaro/stable/$repo/$arch

## Country : Netherlands
Server = https://manjaro.mirrors.lavatech.top/stable/$repo/$arch

## Country : Bulgaria
Server = https://mirror.telepoint.bg/manjaro/stable/$repo/$arch

## Country : Finland
Server = https://manjaro.kyberorg.fi/stable/$repo/$arch

## Country : United_Kingdom
Server = http://manjaro.mirrors.uk2.net/stable/$repo/$arch

## Country : United_Kingdom
Server = https://mirrors.gethosted.online/manjaro/repos/stable/$repo/$arch

## Country : Ukraine
Server = https://fastmirror.pp.ua/manjaro/stable/$repo/$arch

## Country : Hungary
Server = https://quantum-mirror.hu/mirrors/pub/manjaro/stable/$repo/$arch

## Country : Spain
Server = https://ftp.caliu.cat/pub/distribucions/manjaro/stable/$repo/$arch

## Country : Poland
Server = https://repo.skni.umcs.pl/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://mirror.netcologne.de/manjaro/stable/$repo/$arch

## Country : United_Kingdom
Server = https://mirror.cyberhost.uk/sites/manjaro/stable/$repo/$arch

## Country : Bulgaria
Server = http://manjaro.telecoms.bg/stable/$repo/$arch

## Country : Netherlands
Server = https://mirror.koddos.net/manjaro/stable/$repo/$arch

## Country : Belarus
Server = http://mirror.datacenter.by/pub/mirrors/manjaro/stable/$repo/$arch

## Country : Italy
Server = https://manjaro.mirror.garr.it/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://mirror.alpix.eu/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://mirror.23m.com/manjaro/stable/$repo/$arch

## Country : United_Kingdom
Server = https://www.mirrorservice.org/sites/repo.manjaro.org/repos/stable/$repo/$arch

## Country : Czech
Server = https://mirror.dkm.cz/manjaro/stable/$repo/$arch

## Country : Denmark
Server = https://mirrors.dotsrc.org/manjaro/stable/$repo/$arch

## Country : Russia
Server = https://mirror.yandex.ru/mirrors/manjaro/stable/$repo/$arch

## Country : Bulgaria
Server = https://manjaro.ipacct.com/manjaro/stable/$repo/$arch

## Country : Russia
Server = https://mirror.truenetwork.ru/manjaro/stable/$repo/$arch

## Country : France
Server = http://ftp.free.org/mirrors/repo.manjaro.org/repos/stable/$repo/$arch

## Country : Germany
Server = http://ftp.tu-chemnitz.de/pub/linux/manjaro/stable/$repo/$arch

## Country : Austria
Server = http://mirror.easyname.at/manjaro/stable/$repo/$arch

## Country : Belgium
Server = http://ftp.belnet.be/mirrors/manjaro/repos/stable/$repo/$arch

## Country : Portugal
Server = http://ftp.dei.uc.pt/pub/linux/manjaro/stable/$repo/$arch

## Country : Italy
Server = https://ct.mirror.garr.it/mirrors/manjaro/stable/$repo/$arch

## Country : Sweden
Server = https://ftp.lysator.liu.se/pub/manjaro/stable/$repo/$arch

## Country : Bulgaria
Server = https://mirrors.netix.net/manjaro/stable/$repo/$arch

## Country : Netherlands
Server = http://ftp.snt.utwente.nl/pub/linux/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://ftp.gwdg.de/pub/linux/manjaro/stable/$repo/$arch

## Country : Germany
Server = https://ftp.halifax.rwth-aachen.de/manjaro/stable/$repo/$arch

## Country : Netherlands
Server = https://ftp.nluug.nl/pub/os/Linux/distr/manjaro/stable/$repo/$arch

## Country : Poland
Server = http://ftp.vectranet.pl/manjaro/stable/$repo/$arch

## Country : Greece
Server = https://ftp.cc.uoc.gr/mirrors/linux/manjaro/stable/$repo/$arch

## Country : Italy
Server = https://ba.mirror.garr.it/mirrors/manjaro/stable/$repo/$arch

Zesko · 30 November 2021 11:59

I checked these mirrors that are OK. I do not know why is the number of keys 151. Maybe you missed these commands of @alven.

alven · 30 November 2021 12:09

Let’s Manjaro Team to help, I “spammed” a lot, but together we were able to update OS, and expose the problem of low keys count and their not effective trust levels (Unable to update (key issues / corrupted packages) - #39 by saintjules) I should leave the thread in reading mode for me now, cause we already called Manjaro Team for help as we can’t solve this and OP can’t install many packages cause have

which I agree with.
Hm, may be meantime we also can invite the huge electricity discharge here which possibly can have ideas to tryout to fire the issue the OP have? @megavolt if them has time now.

saintjules · 30 November 2021 13:47

Thanks again for trying, guys. I’m starting to get a bit worried now, I have no idea how my system could get so messed up just because I haven’t updated for a while. This certainly shouldn’t happen.

megavolt · 30 November 2021 14:10

Hello @saintjules

Have look at this section of the Wiki: Errors about Keys (which was already mentioned by @alven in his suggestion)

What was not mentioned:

KEEP SURE THAT THE TIME/DATE IS SET CORRECTLY

If the system date or time is set wrong at the time of running these commands, then also the signatures are invalid. That could also happen on Dual-Boots with Windows.

Checklist:

Date/Time have to be correct.
Mirror have to be updated and not corrupted.
Stable internet connection.

Anything else has been said already.

More explanation:

Keep sure the date is set correctly

This removes all used signatures:

sudo rm -r /etc/pacman.d/gnupg

Now you need to generate a master key for pacman:

sudo pacman-key --init

Now you need to import the keys for packages:

sudo pacman-key --populate archlinux manjaro

But if the installed keyrings are too old, then they are invalid. Download them manually from a mirror and install them like that:

sudo pacman -U *.tar.zst

When installing the packages it should also populate the keys.

I checked it myself. The main part what went wrong here must be that the keys changed. You must download the current keyrings and import/populate them. Since the keyrings packages are also signed, it can only be done manually at this point or by lowering the security level at the pacman.conf.

Note: The section on the wiki needs to be improved…

alven · 30 November 2021 14:32

Just to add possible issue case

You can have visually accurate time, but it could be not correct.

For example, you live in Switzerland, which timezone is:

Time zone	UTC+1 (CET)
• Summer (DST)	UTC+2 (CEST)

But on local PC you might setup the another - say UTC+0 - time zone and than to manually shift the clock for +1 or +2 hours to correct another timezone time selected before.
That will produce a time issue.

Once upon a time I made an delivery order on a website in web browser by choosing the certain delivery time, say 12:00. By that time and a bit later I did not receive the order and made a phone call to company in 12:30. They said that I ordered by time 15:00, but not by 12:00. The issue was originated that I was not having correct time zone and shift real timezone time manually to be visually correct for me and was having -3 hours shift in my local PC timezone.

Perfectly if you will sync both time and timezone via Internet in OS settings and than manually re-check time zone and time afterwards.