Unrecognized file format with .xz and .zst keyring files

So when I was updating system with yay -Syu I got many errors like that

error: archlinux-keyring: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20231222-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 

Whether I refuse or agree I get this error:

error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
 -> error installing repo packages

So I searched it in google and found point about that in pacman troubleshouting
I was doing everything like in instruction, but on this part:

Install the downloaded packages Assuming the files is the current folder and using wildcard so you don't have to deal with dates and versions - remove the packages after successful installation

user $ sudo pacman -U manjaro-keyring*.pkg.tar.xz archlinux-keyring*.pkg.tar.zst

I got following errors:

error: could not open file manjaro-keyring-20240103any.pkg.tar.xz: Unrecognized archive format
error: 'manjaro-keyring-20240103any.pkg.tar.xz': cannot open package file
error: could not open file archlinux-keyring-20240103any.pkg.tar.zst: Unrecognized archive format
error: 'archlinux-keyring-20240103any.pkg.tar.zst': cannot open package fil

If you need any more information ask, I’m quite newbie to Linux and I don’t know if I put sufficient info here.

Thats an old format and likely the files have a different extension.
(like .pkg.tar.zst)

You could use a command like ls to print the files.

Just match the extension used in your command to what is used by the cached packages.

File with .pkg.tar.zst also had this error

The point is that whatever you are using is wrong for whatever is there.

open file1.jpg

when only exists file1.png

Look at the contents… what is there?

ls

will list all files in a directory.

When I try to attach file I get alert that I can’t embed it in message, so I just copied output
Anyway:

[kubaryt@manjaro-gpc keys]$ ls

archlinux-keyring-20240103any.pkg.tar.zst  manjaro-keyring-20240103any.pkg.tar.xz

Ok they are there …

I guess I just couldnt imagine those formats not being recognized.
For example … the hundreds of packages installed here all end in .pkg.tar.zst, and of course pacman does not complain about them.

Can we see your pacman?

pacman -Q pacman && pacman -Qkk pacman
pacman 6.0.2-14
backup file: pacman: /etc/pacman.conf (Modification time mismatch)
backup file: pacman: /etc/pacman.conf (Size mismatch)
backup file: pacman: /etc/pacman.conf (MD5 checksum mismatch)
backup file: pacman: /etc/pacman.conf (SHA256 checksum mismatch)
pacman: 449 total files, 0 altered files

Weirdness.
What about the packages?

pacman -Qs 'xz|zst'
local/lib32-xz 5.4.5-1
    Library and command line tools for XZ and LZMA compressed files (32-bit)
local/lib32-zstd 1.5.5-1
    Zstandard - Fast real-time compression algorithm (32-bit)
local/python-zstandard 0.22.0-1
    Python bindings to the Zstandard (zstd) compression library
local/xz 5.4.5-1
    Library and command line tools for XZ and LZMA compressed files
local/zstd 1.5.5-1
    Zstandard - Fast real-time compression algorithm

The latest manjaro and archlinux keyrings are 20230719-2 and 20231222-1, respectively. It is not clear to me exactly what keyring files you managed to download.

I also realized these are missing a dash. Is this on pupose/actually there?

Should not be archlinux-keyring-20240103any.pkg.tar.zst

Should be archlinux-keyring-20240103-any.pkg.tar.zst

Okey, thanks. Looks like I didn’t understand Replace YYYYMMDD-R as available from the mirror. part of pacman troubleshouting. I thought that it refers to date of last modification of directory. Anyway now, when I downloaded right files, it worked.

Thanks everyone for help

Yes, you are right. It was mistake

Now I really want to know whether it was the re-download or the missing dash.

So I tested it. And got it to fail once … but then it worked.

$ sudo pacman -U ./manjaro-release-23.1.1-1any.pkg.tar.zst
loading packages...
warning: downgrading package manjaro-release (23.1.2-1 => 23.1.1-1)

:person_shrugging: Alls well, as they say.

Kubaryt tried to download a nonexistent file. The content of the resulting “keyring” file was likely just a “404 Not Found” error message. pacman cannot interpret that as a valid package regardless of whether the filename contains a proper dash or not.

1 Like

AAahhhhhh. Broken file because curl or similar just put the 404 or whatever in there.
Thanks for putting my mind at ease. :person_in_lotus_position:

This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.