Update: Error while configuring manjaro-keyring

i have this “error” : “Disabled 2 keys” but all is working so no further action for me. :slightly_smiling_face:

I got this as well, and running sudo pacman-key --refresh-keys afterwards produced a very long output with lots of errors in it, that went on for some time. I’m new to this so perhaps this is actually nothing special, I can’t really tell. Just hope it doesn’t mess things up iN sUbTlE wAyS and whatnot in the long run if you know what I’m saying.

Same here too, and after reading the rest of comments, will wait for a better solution before trying what’s said so far…

this did it for me:

sudo rm -r /etc/pacman.d/gnupg
sudo pacman-key --init
sudo pacman-key --populate manjaro
sudo pacman-key --populate archlinux
sudo pacman -Syvv manjaro-keyring # for testing, if everything is okay there will be no errors

4 Likes

I have that bug. Olli is the # included? I’m also getting a strange http server redirect during the process.

no, just use. you are aware to use the other commands in this given order first ?

sudo pacman -Syvv manjaro-keyring

I simply don’t get why people try to fix something which is not broken. The thing is:

  • A maintainer decided to leave the team and also decided to revoke his key on the keyservers
  • That same key is still part of our keyring without any ending of validation as we still have some packages from that person
  • So not updating the keys from keyservers makes your system still work

What we did so far from our end:

All the signatures from that Maintainer got replaced by a generic one from our build-server. This means the GPG key of that maintainer normally is not needed anymore to install those packages. It is only needed if you have his already downloaded signatures in your pacman-cache. We also updated all the package databases to reflect to the new signatures.

As you can see that we are still able to create daily ISOs the only issue is having those “broken” keys still in our keyring. As soon as all packages got rebuild by a different maintainer or buildserver we can safely also remove the not needed gpg key from our keyring.

18 Likes

Thanks Olli; I just applied it on 3 machines and it worked flawless. :grinning:

When people see error messages they tend to assume something is broken, especially when there isn’t anything to indicate otherwise. Your reply is the first to give some actual explanation of the situation.

8 Likes

This. Clarification of issues from the team and project transparency is (from my perspective) an important quality to many people in this sphere. Myself included.
Especially when it’s something as critical as keys and trust etc.

1 Like

Hello! I’m low-tech-knowledge user, and got this error (ui update) and read topic through. So did i understand correctly, there’s nothing i need to do after this error? Nothing is broken in system? Updates keeps coming and security is fine?

AFAIK Yes

1 Like

Thanks for the post @philm , like others have posted they see an error and think something is broken. Not everyone was aware of the change of keys and just wanted reassuring nothing was broken.

Might be an idea to add it to the second post of the announcement threads until the error is gone? Help stop people breaking their system trying to fix something not broken

2 Likes

Great to read that the issue is being solved as we speak. Appreciate the work, but I am still left with a question about the following quote:

(“It” referencing to the PGP key of the maintainer that left with the key)

How do I know if I have specific signatures in my pacman cache from the maintainer, who suddenly left?

I would really welcome any more specific advice which a newbie like me can understand…thanks

1 Like

i deleted the pacman cache
paccache -rvk0

Hi. I am a true newbie, just trying to learn how to properly run and enjoy my Manjaro install in the best way, so your tips are real gifts for me! My question might be really stupid for expert people, if that’s the case I am sorry for that…
Anyway I’d like to know how can I check which keys are “broken” (for example beacause the maintainer revoked them), and how can I remove not needed keys from a keyring in a safe way: should I uninstall something, or just remove the files, or anything else…?

Thanks for your attention, hope my question is not off-topic and you can help me!

nothing to do, maintainers work for us, all (the right) keys are in archlinux-keyring and manjaro-keyring packages ; so we have to update when they are available. this update adds, removes or modifies keys if needed

2 Likes

Thank you so much. Happy to read this, thank you!

Olli’s snippet worked great on my machine :+1: , had this for a couple days now.

error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

The stuff i went through that didn’t work:

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.