After all my work, the latest updates upset much of my configurations, particularly with Mariadb. You have to edit mysqld_safe and I've converted much of the set up to be maria file names rather than mysql, and fixed /etc/passwd and /etc/groups and WHOOSH
The update changed my directory permisions to user mysql and wiped out my customized mariadb safe_mysqld shell script. WHat is my best means of preventing that from happening while continuing to get updates for the mysqld binary itself?
I wiped my passwd file with a pacnew
And no upgrades can be done because the signature on key core pkgs is invalid
The benefits of having a second side by side installation are enormous, especially when you have no root passwd and sudoers was replaced by sudoers.pacnew ............!!!!!!!!
I always protect my important system files with directives like
NoUpgrade = etc/passwd etc/group etc/shadow
NoUpgrade = etc/fstab
in
/etc/pacman.conf.
Clear your package cache (or just the offending package) and re-download.
Also, pacman never overwrites changed files, it creates .pacsaves, unless --force was specified.
Interesting... May I ask what buildbot should do now if it's also receiving the same error when building jenkins package?
[CUT OUT]
downloading harfbuzz-1.6.0-1-x86_64.pkg.tar.xz...
downloading harfbuzz-1.6.0-1-x86_64.pkg.tar.xz...
downloading harfbuzz-1.6.0-1-x86_64.pkg.tar.xz...
downloading harfbuzz-1.6.0-1-x86_64.pkg.tar.xz...
downloading harfbuzz-1.6.0-1-x86_64.pkg.tar.xz...
checking keyring...
checking package integrity...
error: harfbuzz: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/harfbuzz-1.6.0-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
==> ERROR: 'pacman' failed to install missing dependencies.
==> ERROR: Build failed, check /var/lib/artools/buildpkg/galaxy-testing-x86_64/jenkins/build
script returned exit code 255
Just replay the job.
If you can be a little more specific as nothing I tried worked. The pkg can not be removed as it breaks dependencies, it can't be reinstalled ... I did remove the pkg from cache, no difference.
What the hell is libsodium anyway?
Managed somehow to remove and reinstall, then the next file had a corrupt signature, imagemagic.
And the list goes on and on .... what happened with the signatures again?
Downloading imagemagick-6.9.9.20-1-x86_64.pkg.tar.xz...
Error: failed retrieving file 'imagemagick-6.9.9.20-1-x86_64.pkg.tar.xz' from mirror1.artixlinux.org : The requested URL returned error: 404 Not Found
Checking keyring...
Checking integrity...
Error: imagemagick: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
All packages from
[world-testing] has been pushed into
[world] now, please refresh your databases and re-update again (
sudo pacman -Syyu)If it still doesn't work, manually install the package from
[world] repo only :
sudo pacman -S world/imagemagick
More info : https://github.com/artix-linux/world/pull/29
Package (1) Old Version New Version Net Change Download Size
world/imagemagick 6.9.9.19-1 6.9.9.20-1 0.39 MiB 2.24 MiB
Total Download Size: 2.24 MiB
Total Installed Size: 9.96 MiB
Net Upgrade Size: 0.39 MiB
:: Proceed with installation? [Y/n] y
:: Retrieving packages...
imagemagick-6.9.9.20-1-x86_64 2.2 MiB 130K/s 00:18 [##########################################] 100%
(1/1) checking keys in keyring [##########################################] 100%
(1/1) checking package integrity [##########################################] 100%
(1/1) loading package files [##########################################] 100%
(1/1) checking for file conflicts [##########################################] 100%
(1/1) checking available disk space [##########################################] 100%
:: Processing package changes...
(1/1) upgrading imagemagick [##########################################] 100%
:: Running post-transaction hooks...
(1/1) Warn about old perl modules
WARNING: '/usr/lib/perl5/vendor_perl' contains data from at least 4 packages which will NOT be used by the installed perl interpreter.
-> Run the following command to get a list of affected packages: pacman -Qqo '/usr/lib/perl5/vendor_perl'
WARNING: '/usr/lib/perl5/vendor_perl' contains data from at least 4 packages which will NOT be used by the installed perl interpreter.
-> Run the following command to get a list of affected packages: pacman -Qqo '/usr/lib/perl5/vendor_perl'
Do what it's told you. Packages listed from the command[1] are in needed to be rebuild
[1] pacman -Qqo '/usr/lib/perl5/vendor_perl'
perl-getopt-std-strict
perl-rpc-xml
perl-sys-filesystem
perl-sys-filesystem-mountpoint
???
Ok I did what I was told, I looked at a list of perl pkgs. And?
This is not normal, for the past 12hrs updates/upgrades have become a big mess. I'm not even asking for "how to do them" I am asking why is this happening? And why are pkg signatures mixed up.
You didn't specify your question in your previous post, you were just copy paste from pacman log.
"The perl package now uses a versioned path for compiled modules. This means that modules built for a non-matching perl version will not be loaded any more and must be rebuilt."
[1]This is usually happens if you are using a perl-based packages from AUR. So everytime there's a new update for perl package, you must rebuild all affected packages against the new perl package before you can use them again.
[1] https://www.archlinux.org/news/perl-library-path-change/
More info :
https://lists.archlinux.org/pipermail/arch-dev-public/2016-May/028034.html
And that is a lesson in the dangers, or frustrations of using AUR packages and not reading the ARCH front page,
Everybody is effected because its a rolling release their is no other way.
Am getting the same issue with libsodium (removed imagemagick). clearing cache does not help... it seems to be clashing with community package.
bash-4.4.012-2-x86_64 1427.2 KiB 2.84M/s 00:00 [######################################################################################################] 100%
libsodium-1.0.15-1-x86_64 152.9 KiB 4.98M/s 00:00 [######################################################################################################] 100%
(3/3) checking keys in keyring [######################################################################################################] 100%
(3/3) checking package integrity [######################################################################################################] 100%
error: libsodium: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
You can try manually install the package as a workaround for this :
- Download the package manually (press 'N' if were asked to remove it )
sudo pacman -Sw libsodium
- Install the package using -U option from pacman :
sudo pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-$(uname -m).pkg.tar.xz
I am sorry to be doing this one error at a time but:
sudo pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-(uname -m).pkg.tar.xz
# sudo pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-(uname -m).pkg.tar.xz
sh: syntax error near unexpected token `('
Ah sorry .... Forgot to add the dollar sign at the end of it ...
sudo pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-$(uname -m).pkg.tar.xz
Are we having ANY fun yet?
libsodium-1.0.15-1-x86_64 152.9 KiB 382K/s 00:00 [##########################################] 100%
(1/1) checking keys in keyring [##########################################] 100%
(1/1) checking package integrity [##########################################] 100%
error: libsodium: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
# pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-$(uname -m).pkg.tar.xz
sh: expac: command not found
loading packages...
error: '/var/cache/pacman/pkg/libsodium--x86_64.pkg.tar.xz': could not find or read package
#
Please install
expac sudo pacman -S expac
Back in the same circle, half the tries the package does not exist and the other half it can't be removed because it is not even there (in the cache because I deleted it manually).
# pacman -U /var/cache/pacman/pkg/libsodium-$(expac -S '%v' galaxy/libsodium)-$(uname -m).pkg.tar.xz
loading packages...
error: '/var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz': could not find or read package
# pacman -S libsodium
resolving dependencies...
looking for conflicting packages...
Packages (1) libsodium-1.0.15-1
Total Download Size: 0.15 MiB
Total Installed Size: 0.50 MiB
Net Upgrade Size: -0.09 MiB
:: Proceed with installation? [Y/n] y
:: Retrieving packages...
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from mirror1.artixlinux.org : Resolving timed out after 10520 milliseconds
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from artix.wheaton.edu : Resolving timed out after 10518 milliseconds
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from mirror.strits.dk : Resolving timed out after 10519 milliseconds
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from mirrors.dotsrc.org : Resolving timed out after 10519 milliseconds
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from www.uex.dk : Resolving timed out after 10520 milliseconds
error: failed retrieving file 'libsodium-1.0.15-1-x86_64.pkg.tar.xz' from netcologne.dl.sourceforge.net : Resolving timed out after 10519 milliseconds
libsodium-1.0.15-1-x86_64 152.9 KiB 364K/s 00:00 [##########################################] 100%
(1/1) checking keys in keyring [##########################################] 100%
(1/1) checking package integrity [##########################################] 100%
error: libsodium: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
Please read & follow my steps carefully... You will see in it that I said to not remove the package when it were asked to remove (or press 'N' in this case)
I think you should reread who started talking about this problem a couple of hours before your suggestions.
Answering no now just fails the update. It makes no difference what I do. It was pacman telling me this "corrupt" unsigned pkg should be removed, and since pacman couldn't remove it I had removed it manually. Then tried reinstalling the fresh one and it didn't go.
Then your instructions came.
error: libsodium: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
I started from scratch, after 15hrs of a mess, and finally it worked, thank you.
What exactly does this command do and how and why was there such a problem. More than 15hrs to update the damn system is not really "normal" and I am not pointing any fingers on being someone's fault. I just don't understand the nature of the problem.
Copy paste of commands that have no reference in pacman-help don't necessarily make sense to everyone.
My first day on Artix there were three packages that couldn't match signatures. It took three days then to clear the problem out. But this one seems different.
if you re-read my post again, you will noticed my porposed solution is to manually install package using -U, therefore bypassing signature checking .
The link attached to my post will tell you more about the issue youre having
I appreciate all your help, still I don't understand how you come up with the specific command - beyond the pacman -U.
I also think it defeats the purpose of having signatures if they need to be bypassed. I am sure you have heard of MIM attacks. It is also virtually impossible to verify packages from repositories especially when they come from non-https connections. In this respect arch is archaic. There is a difference running and trying a beta-system and being intentionally careless about what it is you are building. How do I and the next user know we got the same libsodium on? We don't, we were handed a magic command that cured the problem.
I personally would rather wait a few days for an update than be dealing with this. It is sloppy! This is a relatively simple installation and yesterday's update found 106-108 pkgs, and two had a problem. What's next?
So are users recreated in the system after passwd.pacsave is restored? Because my two had vanished and some system-users had appeared in my sddm screen to log in.
If so, why isn't this by default in pacman.conf and why would for such files be a pacnew?
I hope you can excuse me being irritated today as I still trying to get back where I was in reference to work since yesterday and I still have a mess to clear up.
Also, since yesterday, more than half of the repositories are bypassed because their response time overpasses some threshold of 10520 milliseconds. How do I change this? I looked everywhere for this 10,5sec limit. Even a mirror that is 6km away from me was bypassed and a next one was tried. Maybe my dns is too slow, but I don't mind that.
error: boost-libs: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/boost-libs-1.65.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: source-highlight: signature from "Cromnix (Buildbot) <[email protected]>" is invalid
:: File /var/cache/pacman/pkg/source-highlight-3.1.8-13-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
Nothing vanishes, unless you
keep calm and use --force in pacman. From pacman.conf:
HANDLING CONFIG FILES
Pacman uses the same logic as rpm to determine action against files that are designated to be backed up. During an upgrade, three MD5 hashes are used for each backup file to determine the required
action: one for the original file installed, one for the new file that is about to be installed, and one for the actual file existing on the file system. After comparing these three hashes, the
follow scenarios can result:
original=X, current=X, new=X
All three files are the same, so overwrites are not an issue. Install the new file.
original=X, current=X, new=Y
The current file is the same as the original, but the new one differs. Since the user did not ever modify the file, and the new one may contain improvements or bug fixes, install the new file.
original=X, current=Y, new=X
Both package versions contain the exact same file, but the one on the file system has been modified. Leave the current file in place.
original=X, current=Y, new=Y
The new file is identical to the current file. Install the new file.
original=X, current=Y, new=Z
All three files are different, so install the new file with a .pacnew extension and warn the user. The user must then manually merge any necessary changes into the original file.
original=NULL, current=Y, new=Z
The package was not previously installed, and the file already exists on the file system. Install the new file with a .pacnew extension and warn the user. The user must then manually merge any
necessary changes into the original file.
Why don't you
rankmirrors your mirrorlist?
It doesn't make much sense doing it with this crappy connection of mine, as mirrors that are within walking distance are failing while on another continent they work.
I found out a line in resolvconf that limits dns tries and moves to the next dns server, but that threshold is much smaller, so that ain''t it.
I cleaned out my dns list and things seem a bit better.
Sddm was updated recently and with it the original artix background was replaced by a new artix graphic which is like a silly version of Manjaro themes. Where can I find a copy of that original DNA chain black-green bg?
With dns resolv.conf I've tried every trick on the book keeping it from changing to some idiotic default. I thought openresolv and resolvconf might do it and a head file in resolvconf.d but still every boot it returns to default. The only other way I can think of is create a script to copy a file from backup to the /etc/resolv.conf file. It wasn't happening for a while and something in a recent upgrade returned this nuisance.
Then todays a new version of pamac appeared in world-testing I think. New conf file and the AUR settings are not even there. I copied from the old pamac.conf but it seems as the whole package was configured to not include AUR. Whose idea was this? It is either Artix is an Arch fork or it isn't. At this stage I think some paternalistic figure behind the scenes should make their mind up.
Pama
Neither pamac is Manjaro. And in my opinion should not be used anyway users should learn to use pacman so you know what the fuck is going on when you update, Why do you think they have so many update problems. Sorry not having a go at you, its a fact.
Octopi gives one the option to run transactions via the terminal, and I think pamac offers a detailed view of transactions, (but I'm not very familiar with pamac). I do agree that it is best to do updates with pacman via terminal, and that is my personal policy.
Pamac and Octopi are very handy for searching and installing software however. :)
Best regards.
In most cases I do use pacman, it is quicker. But how do you suggest one goes about updating AUR packages?
Very true I think they disabled AUR as default as users were updating blind from AUR which is like jumping the lights in a car very dangerous, + they now use a in house AUR helper so its really only good for viewing but the lighter tkpacman is good for that as well
"yaourt -Syua" is what I use to update AUR packages, (also updates your system too). I think "-Syua" also works with pacaur, if that is your AUR helper of choice, but I'm not all that familiar with pacaur.
Best regards.
upgrading community AUR packages isn't want one might think it means.
yeah that is a disaster. I have dozens of community aur downloads from the manjaro setup, and it not only doesn't work, but iif it did, it would rip up much of the core artix