Skip to main content
Topic solved
This topic has been marked as solved and requires no further attention.
Topic: Invalid or corrupted package (PGP signature) (Read 2411 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Invalid or corrupted package (PGP signature)

I can't update my PC
I have tried using
Code: [Select]
sudo pacman-key --refresh-keys
but it didn't work

Code: [Select]
:: Synchronizing package databases...
 system is up to date
 world is up to date
 galaxy is up to date
 extra is up to date
 community                             6.7 MiB   718 KiB/s 00:10 [####################################] 100%
 multilib is up to date
 lib32 is up to date
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (89) archlinux-appstream-data-20220727-1  audacity-1:3.1.3-1  base-3-1  benchmark-1.7.0-1
              binutils-2.38-7  calibre-6.2.1-1  cinnamon-settings-daemon-5.4.3-1  cryptsetup-2.5.0-1
              elfutils-0.187-2  firefox-103.0.1-1  gcc-12.1.1-4  gcc-libs-12.1.1-4  glibc-2.36-1
              go-2:1.18.5-1.3  gsm-1.0.21-1  harfbuzz-5.1.0-1  harfbuzz-icu-5.1.0-1  hwloc-2.8.0-1
              imagemagick-7.1.0.45-1  iptables-1:1.8.8-2  iso-codes-4.11.0-1  ldb-2:2.5.2-1
              lib32-amdvlk-2022.Q3.1-1  lib32-gcc-libs-12.1.1-4  lib32-glibc-2.36-1  lib32-harfbuzz-5.1.0-1
              lib32-libcap-2.65-1  lib32-libtiff-4.4.0-3  lib32-libva-2.15.0-1  lib32-libxcrypt-4.4.28-2
              lib32-llvm-libs-14.0.6-2  lib32-mesa-22.1.4-1  lib32-wayland-1.21.0-1  libcap-2.65-1
              libelf-0.187-2  libmm-glib-1.18.10-2  libplacebo-4.208.0-1  libreoffice-fresh-7.3.5-1
              libsbsms-2.3.0-3  libspiro-1:20220722-1  libsysprof-capture-3.44.0-2  libtiff-4.4.0-3
              libtool-2.4.7-3  libtorrent-rasterbar-1:2.0.7-1  libuv-1.44.2-1  libvirt-1:8.6.0-1
              libvirt-python-1:8.6.0-1  libwpe-1.12.2-1  linux-5.18.15.artix1-2
              linux-api-headers-5.18.15-1  linux-headers-5.18.15.artix1-2  llvm-libs-14.0.6-2
              log4cplus-2.0.8-1  lv2-1.18.6-1  mesa-22.1.4-1  mobile-broadband-provider-info-20220725-1
              modemmanager-1.18.10-2  mpfr-4.1.0.p13-3  mpv-1:0.34.1-5  muffin-5.4.4-1  nodejs-18.7.0-1
              nvidia-515.57-11  obsidian-0.15.9-1  opencore-amr-0.1.6-1  osinfo-db-20220727-1
              pacman-6.0.1-7  portmidi-236-1  protobuf-21.4-1  python-beautifulsoup4-4.11.1-1
              python-feedparser-6.0.10-1  python-jeepney-0.8.0-1  python-numpy-1.23.1-1
              python-pip-22.2.1-1  python-platformdirs-2.5.2-1  python-soupsieve-2.3.2.post1-1
              qt5-base-5.15.5+kde+r174-1  qt5-wayland-5.15.5+kde+r38-3  sddm-0.19.0-8.1  serd-0.30.14-1
              signal-desktop-5.52.0-1  smbclient-4.16.4-1  sndio-1.9.0-1  sord-0.16.12-3  unbound-1.16.2-1
              wavpack-5.5.0-1  wayland-protocols-1.26-1  webkit2gtk-2.36.5-2  webkit2gtk-4.1-2.36.5-2
              wine-staging-7.14-1

Total Installed Size:  3887.05 MiB
Net Upgrade Size:        70.51 MiB

:: Proceed with installation? [Y/n] y
(89/89) checking keys in keyring                                 [####################################] 100%
(89/89) checking package integrity                               [####################################] 100%
error: lib32-libcap: signature from "David Runge <[email protected]>" is marginal trust
:: File /var/cache/pacman/pkg/lib32-libcap-2.65-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: lib32-libtiff: signature from "David Runge <[email protected]>" is marginal trust
:: File /var/cache/pacman/pkg/lib32-libtiff-4.4.0-3-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
I have also tried saying "no" to both or just one.

Re: Invalid or corrupted package (PGP signature)

Reply #1
Probably you could check you have the "universe" repo enabled and do
Code: [Select]
# pacman -Sy
# pacman -S archlinux-keyring
first, then update, hopefully it will work then, there has been more discussion on other threads:
https://forum.artixlinux.org/index.php/topic,4365.0.html
https://forum.artixlinux.org/index.php/topic,4360.0.html
https://forum.artixlinux.org/index.php/topic,4356.0.html
https://forum.artixlinux.org/index.php/topic,4235.0.html
https://forum.artixlinux.org/index.php/topic,4316.0.html

Re: Invalid or corrupted package (PGP signature)

Reply #2
Sadly didn't worked. I also looked at the link you send and They didn't help much but I might just reinstall artix or delete all the packages that I install if there is a easy way to do it.

 

Re: Invalid or corrupted package (PGP signature)

Reply #3
Hello,
Do you really need these two packages?

I saw that they were only available in AUR:
Code: [Select]
$ yay lib32-libcap
2 aur/lib32-libcapi 3.2.3-1 (+0 0.00)
    Modular libcapi20 (32 bit lib)
1 aur/lib32-libcap-git 2.46-1 (+1 0.00) (Orphelin) (Obsolète : 2021-11-10)
    POSIX 1003.1e capabilities (32-bit)


Have you seen what the wiki suggests:
https://wiki.artixlinux.org/Main/Troubleshooting#Invalid_or_corrupted_packages_.28PGP_signature.29

Re: Invalid or corrupted package (PGP signature)

Reply #4
Hello,
Do you really need these two packages?

I saw that they were only available in AUR:
Code: [Select]
$ yay lib32-libcap
2 aur/lib32-libcapi 3.2.3-1 (+0 0.00)
    Modular libcapi20 (32 bit lib)
1 aur/lib32-libcap-git 2.46-1 (+1 0.00) (Orphelin) (Obsolète : 2021-11-10)
    POSIX 1003.1e capabilities (32-bit)


Have you seen what the wiki suggests:
https://wiki.artixlinux.org/Main/Troubleshooting#Invalid_or_corrupted_packages_.28PGP_signature.29

I downgraded lib32-libcap and then retried  pacman -Sy archlinux-keyring artix-keyring and it worked.