Skip to main content
Topic: Signature From ... Is Unknown Trust (Read 423 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Signature From ... Is Unknown Trust

I have an error from Artix pacman "Signature from xxx is unknow trust".
":: File /var/cache/pacman/pkg/xxxx.tar.zst is corrupted (invalid or corrupted package (PGP signature))."
"error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded."

Upon checking the Artix package's sha512sum matches the package's sha512 pulled directly from Arch.

Re: Signature From ... Is Unknown Trust

Reply #1

RTFM:

https://wiki.artixlinux.org/Main/Repositories
man pacman
man pacman.conf
man checkupdates
https://wiki.archlinux.org/title/Mirrors#Sorting_mirrors

It is recommended to repeat this reading process regularly, until enough grey matter is created in the cavity between the left and right ear to sustainably understand the update process.
"Wer alles kann, macht nichts richtig"

Artix USE="runit openrc slim openbox lxde gtk2 qt4 qt5 qt6 conky
-gtk3 -gtk4 -adwaita{cursors,themes,icons} -gnome3 -kde -plasma -wayland "

Re: Signature From ... Is Unknown Trust

Reply #2
I have an error from Artix pacman "Signature from xxx is unknow trust".
":: File /var/cache/pacman/pkg/xxxx.tar.zst is corrupted (invalid or corrupted package (PGP signature))."
"error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded."

Upon checking the Artix package's sha512sum matches the package's sha512 pulled directly from Arch.
We don't have any package named 'xxxx' in our repos.