We are moving away from Sourceforge hosting, main reason being the restriction of colon characters (':') in filenames, which breaks the package database with epoch-versioned packages. Our new primary mirror (http://mirror1.artixlinux.org/repos/) is active and serving. The rest of the mirrors will sync soon.
To use the new repo, you must enable [system-testing]
above [system]. After updating artix-mirrorlist from [system-testing], users will need to rename /etc/pacman.d/mirrorlist.pacnew to /etc/pacman.d/mirrorlist and re-sync.
pacman -Sy system-testing/artix-mirrorlist
After that, you can comment-out [system-testing] and wait until the updates make it to [system], or be
guinea pigs bold and brave testers and report any issues.
Havn't got the new artix-mirrorlist yet perhaps it is still propagating?
is this right?
# Artix mirrors
Server = http://mirror1.artixlinux.org/artix-linux/repos/$repo/os/$arch
should it not be
Server = https://mirror1.artixlinux.org/repos/$repo/os/$arch
?
currently on the first format i get:
error: failed retrieving file 'world.db' from mirror1.artixlinux.org : The requested URL returned error: 404
fixing it gives no 404 error. also both show the following:
dbus-openrc : Orphan
elogind : Orphan
eudev : Orphan
libelogind : Orphan
libeudev : Orphan
even though these packages all exist in [system]
http://mirror1.artixlinux.org/repos/system/os/x86_64/
Well the second format is correct, but the 404 error continued for me due to the "https://" instead of the "http://". This is because the server hasn't been set up with encryption yet. :/
The forum got https:// in week or two, so maybe that or less until the hosting server does?
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
Uhm, nous, should
[systemd] be [system]? Perhaps all that heat from the automated build server is getting to you. Maybe crack a window? :p
EDIT: Good to know,
@thefallenrat. Thank you
@artoo for the timely fix!
@toxygen , it is already been fixed :
https://github.com/artix-linux/system/commit/9c3b9fce141b8c135ffbb6dd9c8a567053b362e5
I shall ban myself for a week for writing 'systemd'.
[EDIT]
And that was an extra week to boot.
Still havn't got the new artix-mirrorlist I assume it is the 12/09/2017 one, I can only see the 18/08/2017 one have I done something wrong?
Well it sort of worked now after I added
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch to pacman.conf below system-testing though still a few errors where packages are newer than system-testing branch
We provide quality packages with nothing to hide! Joking aside, package mirrors don't really need https, the content is public.
So are we switching to the testing branch, updating to get the new mirror and then switching back to stable? Or will we have to stick to testing for the time being?
(Can already tell I am going to be the slow one on this ship :D)
I'd recommend commenting out testing. Also updated first post.
Instructions as I see them clear, because all of the above seemed very confusing.
1 edit /etc/pacman.conf and uncomment the [system-testing] and the line below it.
Not the world and galaxy testing, they are not ready yet.
2 edit /etc/pacman.d/mirrorlist and add
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
https is not working as of 20170912 - 12 UTC but it may work in the near future? For now use http
3 pacman -Syyu
Is the temporary repo change really necessary? I just upgraded the artix-mirrorlist with pacman -U and moved the new mirrorlist in the proper place...
# pacman -U http://mirror1.artixlinux.org/repos/system-testing/os/x86_64/artix-mirrorlist-20170912-1-any.pkg.tar.xz
# mv /etc/pacman.d/mirrorlist.pacnew /etc/pacman.d/mirrorlist
It took me a little while but I was able to get the new repo. It gave a 443 error at first but the updates went through
All fine here good work guys
The good thing about Artix for pan-Americans and beyond-west is that by the time they wake up, if a bug comes through an update it is all solved. Unless you are insomniacs like me, you will never have to face a bug. And if you don't see any further updates by early afternoon chances are you are not going to see them till the next morning.
That makes testing extra-stable for you ;)
On a couple of my machines, I strangely got GnuPG errors trying to pull packages from system-testing so I had to delete the /etc/pacman.d/gnupg directory and then repopulate all the keys. After that, it all worked fine. Just FYI in case anyone lurking encounters the same issue.
You did not read and follow the instructions correctly
Well sure, maybe I screwed up somewhere. One of my other computers migrated without any problems at all, so I at least fluked doing it correctly once. Like it I said earlier, it was just an FYI for anyone who might have the same issue. I wasn't intending to complain or anything.
We shouldn't expect everything from the huge team of artix engineers, I think we should organize and do some work ourselves. Like starting a FAQ thread to be adopted on the web-page.
On Arch-OpenRC people were generally assumed to have made that step from Arch. Same with Manjaro. Here we may have people coming to Artix not knowing a thing about Arch or Manjaro and shouldn't have to.
What system-world-galaxy-extra-community-AUR is, must be defined and explained for Artix and not forwarding individually everytime to some Arch page for explanation.
Nevertheless, the forum should be the place to address problems. Whether they are system induced or user induced that is what we are here to figure out.
So here it is; https://artixlinux.org/forum/index.php/topic,39
Ok, I tried to cheat and jump the gun, I noticed the world and galaxy testing repositories being constructed and gave them a try.
Unfortunately I didn't just look but updated some packages through them. Now it will not bring gui up. I have this one installation where I log in to console and start X up manually when I want. It boots to console fine, no errors, and Xorg has no errors or warnings. So the problem is on sddm. The screen, apparently a stuck xsession, is black with a blinking cursor on top left.
I am trying to locate what is new and reverse the damage. :)
Curiosity keeps the cat awake
an hour later - reedit: No error on sddm log or anywhere I can find. Sddm says it started with no errors, I just didn't see any of it.
From sddm I would log in to openbox manually, the only desktop I had. Starting sddm as root or as user didn't make any difference. So I don't know how to debug the problem.
Comment testing out and pacman -Suu. Hopefully you'll downgrade and recover.
Ok I will try this, meanwhile there were some updates, a third mirror for Artix, and cairo-something.
Before trying the reversal I tried to see if lightdm would work, it didn't. Just returned to prompt.
So I decided to try lxdm, and it did work. Everything running fine.
So now I will try -Suu and try sddm again. I'm still in debian thinking mode where once you move up to testing
you are on a different distribution and can't revert, not easily anyway.
UPDATE: Yes, thank you, it did work. Sddm runs again and the difference I believe was in the mesa-17.02-0-3/17.02-0-2 package.
Was hit by that too. Read the new announcement.
I thought I should mention this since no one else did, but bash in system-testing is older than the one in system. Does bash have the wrong version number in system-testing or is it just an older build?
system-testing/bash 4.4.012-2 (base) [installed: 4.4.012-3]
The GNU Bourne Again shell
system/bash 4.4.012-3 (base) [installed]
The GNU Bourne Again shell
Thanks @artoo @nous
Well, https helps mitigate man-in-the-middle attacks and some packet sniffing. It gives an extra blanket of security on top of the package signing to verify data sent/retrieved from the server. So if someone spoofs the server for some inane reason(for the lols I guess), they have to forge the server's certificate. Again if someone's signing key was stolen/cracked the black hat would need to forge the server's certificate before they impersonated the server with malicious package(s) and have these package(s) propagate throughout all the server mirrors.
If the isos return to the main server, https:// would help prevent altered isos from be downloaded from an unauthorized redirected site(s). Isos that many people do not checksum before using I might add. (Bad, bad users!)
So https:// complements our checksums, signed packages, and package databases. And furthermore https is a useful tool for servers even if it is not a cure-all against bad stuff happening altogether to our main server.
Here is a more in-depth explanation and, frankly, I think does it better than I did:
From an AJ Henderson on https://security.stackexchange.com/questions/19981/mitm-can-a-binary-file-be-changed-or-swapped-enroute (https://security.stackexchange.com/questions/19981/mitm-can-a-binary-file-be-changed-or-swapped-enroute)
Here is some more generic reading:
From: https://www.veracode.com/security/man-middle-attack (https://www.veracode.com/security/man-middle-attack)
Here is some more advice from a site that already has a working implementation of modifying binaries in transit.
http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries (http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries)
It is good read.
this is good but it is not correct. There is no testing lines in pacman.conf
it is very important that the section
[system-testing]
Include = /etc/pacman.d/mirrorlist
be added (and not just the line as in the instructions #Enable [system-testing] )
How come there are packages in [system] that are later versions of [system-testing]?
For example "bash" and "linux-api-headers" as examples, if not the only ones.
This was basically a rebuild earlier. We tried to be in sync with arch versions in testing, and this is gonna be fixed with the move from testing to stable repos.
I haven't got any new updates from [system], [galaxy], or [world] for about a week or so. did I do something wrong? or has there just not been any new updates?
Please enable
[system-testing] [world-testing] and
[galaxy-testing] in your
/etc/pacman.conf if you want to receive updates
Is this the advised procedure or is it only for the ones of us who are in a hurry for the latest and greatest?
Sorry, no flame intended :) just need the advice!
By the way, my system is working perfectly, as since I migrated to Manjaro openrc, from Debian. A big *thank you* to the bold devs! You have to stand for your believes!
The only thing is that I have about 40 packages younger than the repos, but that does not worry me, I'll catch up soon, I'm sure. As long as my mission critical machine stays tuned with no glitches (MacBook pro 8.2).
Testing is for testing. While many use it without issues, it's generally better to wait for stable to update.
I am stuck on the "Artix Buildbot <buildbot@artixlinux.org>" is marginal trust when installing the new system-testing/artix-mirrorlist-20170923, invalid or corrupted file (PGP sig). I have tried to locally sign this, I have commented out SigLevel... I am not sure what to do next
You can edit your /etc/pacman.d/mirrorlist and see if your artix mirrors have these
# Artix mirrors
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
Server = http://artix.wheaton.edu/repos/$repo/os/$arch/
Server = http://mirror.strits.dk/artix-linux/repos/$repo/os/$arch
Server = https://mirrors.dotsrc.org/artix-linux/repos/$repo/os/$arch
Server = https://www.uex.dk/repos/artix/repos/$repo/os/$arch
Somehow you are stuck with an ?outdated artix-keyring? and signatures don't match?
Check on /usr/share/pacman/keyrings
Mine are 20170805-1
I am surprised nobody has responded in 6days but it seems as a weird problem. Is this the only file that is giving you a signature problem?
If system-testing must be above system shouldn't world and galaxy-testing also be above their corresponding rep/s?
I tried this, reversing the order from the artix original pacman.conf and it gives a ton of upgrades available. Could this
be a source of some problems we have been having, like mysterious freezes etc.?
So if testing repositories are below the stable, does it matter whether they are there at all?
sudo pacman -Syyu
:: Synchronizing package databases...
system-testing 91.2 KiB 380K/s 00:00 [##########################################] 100%
system 153.4 KiB 426K/s 00:00 [##########################################] 100%
world 101.2 KiB 440K/s 00:00 [##########################################] 100%
world-testing 156.1 KiB 422K/s 00:00 [##########################################] 100%
galaxy 11.8 KiB 590K/s 00:00 [##########################################] 100%
galaxy-testing 42.9 KiB 429K/s 00:00 [##########################################] 100%
extra 1661.5 KiB 425K/s 00:04 [##########################################] 100%
community 4.1 MiB 424K/s 00:10 [##########################################] 100%
:: Starting full system upgrade...
there is nothing to do
[artix2@box ~]$ sudo leafpad /etc/pacman.conf
[artix2@box ~]$ sudo pacman -Syyu
:: Synchronizing package databases...
system-testing 91.2 KiB 365K/s 00:00 [##########################################] 100%
system 153.4 KiB 426K/s 00:00 [##########################################] 100%
world-testing 156.1 KiB 422K/s 00:00 [##########################################] 100%
world 101.2 KiB 422K/s 00:00 [##########################################] 100%
galaxy-testing 42.9 KiB 429K/s 00:00 [##########################################] 100%
galaxy 11.8 KiB 393K/s 00:00 [##########################################] 100%
extra 1661.5 KiB 426K/s 00:04 [##########################################] 100%
community 4.1 MiB 423K/s 00:10 [##########################################] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...
Packages (45) acpid-openrc-20170919-1 archlinux-appstream-data-20170929-1 artix-backgrounds-0.5.1-1
artix-grub-theme-0.3.3-1 artix-grub-theme-common-0.3.3-1 artools-base-0.6.1-1 bluez-libs-5.47-2
git-2.14.2-1 libatasmart-0.19-3 libcups-2.2.4-2 libgudev-232-1 libinput-1.8.3-1 libmbim-1.14.2-1
libnm-1.8.4-1 libnm-glib-1.8.4-1 libpulse-11.1-1 networkmanager-1.8.4-1 pamac-6.0.3-2
pamac-tray-appindicator-6.0.3-2 pulseaudio-11.1-1 qt5-base-5.9.2-1 qt5-declarative-5.9.2-1
qt5-location-5.9.2-1 qt5-multimedia-5.9.2-1 qt5-quickcontrols-5.9.2-1 qt5-script-5.9.2-1
qt5-sensors-5.9.2-1 qt5-speech-5.9.2-1 qt5-svg-5.9.2-1 qt5-webchannel-5.9.2-1 qt5-webengine-5.9.2-1
qt5-webkit-5.212.0alpha2-5 qt5-x11extras-5.9.2-1 qt5-xmlpatterns-5.9.2-1 sddm-0.16.0-1 udisks2-2.7.3-1
upower-0.99.6-1 xf86-input-libinput-0.26.0-1 xf86-video-amdgpu-1.4.0-1 xf86-video-ati-1:7.10.0-1
xf86-video-intel-1:2.99.917+781+gc8990575-1 xf86-video-nouveau-1.0.15-2 xf86-video-openchrome-0.6.0-2
xorg-server-1.19.4-1 xorg-server-common-1.19.4-1
Total Download Size: 100.90 MiB
Total Installed Size: 403.04 MiB
Net Upgrade Size: 21.34 MiB
:: Proceed with installation? [Y/n] n
I did try this, I'm going through what was updated (past 3-4 hours) my wifi-connection seems more stable now, pamac 6 looks interesting but looking through AUR is not as simple as it was before. Everything OK till now.
I did the same and all seems to be fine, till now; more: the libcurl-compat incompatibility has been resolved.
Somethings that may seem obvious to experienced arch-users are not so obvious to us arch-newbies, nor should people interpolate arch instructions as valid artix instructions. I had opened a thread for a potential FAQ (https://artixlinux.org/forum/index.php?topic=39.) but nobody seemed interested in contributing.
The latest mirrorlist from "system-testing" had the mirrors sorted with the "testing" repos above the other corresponding repo mirrors. Worked that way for me at least. ;)
Best regards.
I admit to my ignorance of the pacnew pacsave action. Now I know, but I remember when artix first came out with the 1st change in mirrorlist there was talk of replacing mirrorlist with pacnew and mine was already changed. Little that I knew there were about 8 unattended .conf.pacnew files in my /etc
In Debian once in a while a developer would send an upgrade that overwrote your long developed .conf/.cfg file and that was that. I'm still adjusting to the respect-user-policy in Arch.
I finally updated to the new mirror and this what I get when I try to do an update
I have just updated my mirror list and I get the same issue when try ing update. I am currently updating mykeyrings to see if that will help
If you are receiving the
marginal trust issue, you can manually trust it by doing the following :
* Assuming Artix Buildbot key is the culprit
- Edit the key (0A3EB6BB142C56653300420C1247D995F165BBAC)
sudo pacman-key --edit-key 0A3EB6BB142C56653300420C1247D995F165BBAC
- On gpg console, run trust , and choose ultimate
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
- Exit from gpg console by running quit and try to re-update again (sudo pacman -Syyu)
I did as you said and it will update but libsodium still gives invalid pgg package. As a workaround I installed the git version from AUR and the rest of the update went through
Of course it doesn't. My method above only works with marginal trust issue. For invalid package you need to remove the faulty package, use the correct mirror
[1] in
/etc/pacman.d/mirrorlist , force refresh
[2] and re-update again
[2][1] Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
[2] sudo pacman -Syyu
ok np thanks!
error: boost-libs: signature from "Cromnix (Buildbot) <cromnix@cromnix.org>" is invalid
:: File /var/cache/pacman/pkg/boost-libs-1.65.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: source-highlight: signature from "Cromnix (Buildbot) <cromnix@cromnix.org>" is invalid
:: File /var/cache/pacman/pkg/source-highlight-3.1.8-13-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
My primary mirror is as listed, and I am using the -Syyu options, but I get the invalid signature from both imagemagick and libsodium.
I had this error. I don't remember which one fixed it. but I refreshed my pacman keys, reinstalled the artix-keyring package, and ran pacman -Syyu. At the end of this, the invalid signature error switched from cromnix to artix.
I have the same problem as above. I graduated from cromnix to artix but still have this invalid/corrupt checksum message. Repo's are correct &etc. everything seems good. Was a fresh LXQt Artix install, it tempted me away from my (already de-D'd) rolling Arch of five years.
Apologies my first post is an issue. I'm actually very grateful for Artix.
Edit: decided to upgrade from community and extra via AUR for the same package versions and everything went through. Very curious about this hiccup though.
Edit: (as per gentermnl correctly states below, I didn't pull from the AUR specifically, just I have an aur command I run to give me a nice visual.)
It seems I had more than one problem, but after I fixed the marginal trust issue for Artix Buildbot per the instructions above, I still had the invalid package error for libsodium and imagemagick. Similar to the previous post, I did pacman -Ss for each, and selected to install from the alternate repository. Is it possible there really are some invalid packages out there?
I just reinstalled imagemagick and libsodium on my system. I did find that the original downloaded packages needed to be deleted and downloaded again due to the original downloads having an invalid signature error.
error: imagemagick: signature from "Cromnix (Buildbot) <cromnix@cromnix.org>" is invalid
error: libsodium: signature from "Cromnix (Buildbot) <cromnix@cromnix.org>" is invalid
Once the stored packages where deleted, these packages installed successfully. Although if the packages do have a new signature, a new package version would guarantee that the package would be updated without any problem since it will be seen as a update and ignore the previous version with the invalid signature. Also it would allow one to see if the mirror being selected was truly up to-date.
To fix the issue as stated before one will have to overwrite the original database with a pacman -Syyu once the testing repositories are listed above the standard ones and the /etc/pacman.d/mirrorlist file is up to-date. One may have to manually correct the mirrorlist file to ensure that the list is current and valid as listed in a previous post by fungalnet with the new repositories at the top of the repository list. It could be that one of the mirrors has not be refreshed recently that is being used by the system due to the package version being the same. In that case, I would either edit the mirrorlist and comment out all but the first repository to force it to be used even if it has a slow connection. Or backup the file and create a new one with only with this mirror listed.
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
My system was a fresh install with the first release of the LXQT Artix Linux ISO. The new mirrorlist file was manual downloaded and installed when it was first announced. I edited the /etc/pacman.conf file and made the testing versions of the repositories listed prior to the stable ones since testing is more inline with the Archlinux releases then the database was overwritten with the pacman -Syyu command.
I try the steps here but I failed to update
https://wiki.manjaro.org/index.php/Pacman_troubleshooting#Errors_about_Keys
I also tried the proposed solution of marginal trust and I still get errors:
```bash
(98/98) checking keys in keyring [######################################################################] 100%
(98/98) checking package integrity [######################################################################] 100%
error: imagemagick: signature from "Artix Buildbot <buildbot@artixlinux.org>" is invalid
:: File /var/cache/pacman/pkg/imagemagick-6.9.9.20-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: libsodium: signature from "Artix Buildbot <buildbot@artixlinux.org>" is invalid
:: File /var/cache/pacman/pkg/libsodium-1.0.15-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
```
Did you add artix to 2 and 4?
Step 2:
from
sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
to
sudo pacman -Sy gnupg archlinux-keyring artix-keyring
Step 4:
from
sudo pacman-key --populate archlinux manjaro
to
sudo pacman-key --populate archlinux artix
Also either skip step 5 or do the aforementioned (roughly, this is because the gpg trust of keys is dependent on other trusted keys to vouch for our key and our key just hasn't gotten enough vouches in the trust system):
So for completeness sake, a simplified how-to reset your pacman's keys:
1a. Reinstall keyrings including the latest keys:
sudo pacman -Sy gnupg archlinux-keyring artix-keyring --force
1b.
If step 1a doesn't work, do only step 2 and go back to step 1a. Otherwise proceed to step 2.
2. Remove old (and possibly broken) keys by entering this command:
sudo rm -r /etc/pacman.d/gnupg
3. Initialize the pacman keyring:
sudo pacman-key --init
4. Load the signature keys:
sudo pacman-key --populate archlinux artix
5. Clear out the software packages downloaded during the aborted installation (optional):
sudo pacman -Sc
6. Carry on.
sudo pacman -Syyuu
Everything seems to be working now.
Hello, same theme but with today's kernel.
So, I did the procedure of the above post with normal results. Then:
# pacman -Syyu
:: Synchronising package databases...
...
:: Starting full system upgrade...
warning: bash: local (4.4.012-3) is newer than system (4.4.012-2)
warning: cogl: local (1.22.2+11+g811f285a-1) is newer than extra (1.22.2+10+g3baa2d7a-1)
warning: colord: local (1.4.1-1) is newer than world (1.3.5-1)
warning: gtk-engine-murrine: local (0.98.2-2.2) is newer than community (0.98.2-2)
warning: lib32-openssl: local (1:1.1.0.f-1.1) is newer than multilib (1:1.1.0.f-1)
warning: mate-desktop: local (1.18.0-1.1) is newer than community (1.18.0-1)
warning: mkinitcpio-nfs-utils: local (0.3-5.3) is newer than system (0.3-5)
warning: terminus-font: local (4.46-1.1) is newer than community (4.46-1)
resolving dependencies...
looking for conflicting packages...
Packages (3) linux-lts-4.9.58-1 linux-lts-headers-4.9.58-1 util-linux-2.31-1
Total Download Size: 68.81 MiB
Total Installed Size: 144.05 MiB
Net Upgrade Size: -0.15 MiB
:: Proceed with installation? [Y/n]
:: Retrieving packages...
util-linux-2.31-1-x... 1941.0 KiB 2.46M/s 00:01 [######################] 100%
linux-lts-4.9.58-1-... 59.7 MiB 3.35M/s 00:18 [######################] 100%
linux-lts-headers-4... 7.3 MiB 3.42M/s 00:02 [######################] 100%
(3/3) checking keys in keyring [######################] 100%
(3/3) checking package integrity [######################] 100%
error: linux-lts: signature from "Cromnix (Buildbot) <cromnix@cromnix.org>" is invalid
:: File /var/cache/pacman/pkg/linux-lts-4.9.58-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
I could upgrade all the other packages. util-linux also doesn't upgrade due to conflict (rfkill already exists on filesystem). Have to investigate this one.
Yeah, linux-lts-4.9.58-1 and linux-lts-headers-4.9.58-1 didn't work for me either. But, linux-lts-4.9.58-2 and linux-lts-headers-4.9.58-2 are out for system-testing and working.
Thanks devs!
Could you create a wiki entry with this? Maybe a Troubleshooting page (https://wiki.artixlinux.org/Main/Troubleshooting?action=edit)?
sudo pacman -Syyuu
No, no, no, this is downgrade, we must not have such misuse/wrong command on wiki for upgrade.
This still plagues manjaro and it hard to correct.
sudo pacman -Syyu
This is upgrade with db additional sync
I disagree.
Package injection via MITM is not that difficult.
With https, it is.
Our packages are signed, a MITM would also need to forge the signature.
This is failing and I don't know why
[flatbush ~]# pacman -Sy gnupg archlinux-keyring artix-keyring --force
:: Synchronizing package databases...
system is up to date
world is up to date
galaxy is up to date
extra is up to date
community is up to date
multilib is up to date
warning: gnupg-2.2.6-1 is up to date -- reinstalling
warning: archlinux-keyring-20180404-1 is up to date -- reinstalling
warning: artix-keyring-20171114-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (3) archlinux-keyring-20180404-1 artix-keyring-20171114-1 gnupg-2.2.6-1
Total Download Size: 2.74 MiB
Total Installed Size: 10.37 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
:: Retrieving packages...
gnupg-2.2.6-1-x86_64 2.1 MiB 103M/s 00:00 [################################] 100%
archlinux-keyring-20180404-1-any 668.2 KiB 0.00B/s 00:00 [################################] 100%
artix-keyring-20171114-1-any 38.8 KiB 0.00B/s 00:00 [################################] 100%
(3/3) checking keys in keyring [################################] 100%
warning: Public keyring not found; have you run 'pacman-key --init'?
downloading required keys...
error: key "1247D995F165BBAC" could not be looked up remotely
error: required key missing from keyring
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.
You should run these three commands
sudo pacman -S artix-keyring
sudo pacman-key --populate artix
sudo pacman-key --lsign-key 78C9C713EAD7BEC69087447332E21894258C6105
Due to our primary mirror gone offline for a while, there are problems with the seconday mirrors. Please use our primary mirror (http://mirror1.artixlinux.org (http://mirror1.artixlinux.org)) until the secondary ones start syncing again.
Yes - I tried that before I posted
[flatbush ~]# pacman -S artix-keyring
warning: artix-keyring-20171114-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (1) artix-keyring-20171114-1
Total Download Size: 0.04 MiB
Total Installed Size: 0.08 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] Y
:: Retrieving packages...
artix-keyring-20171114-1-any 38.8 KiB 0.00B/s 00:00 [################################] 100%
(1/1) checking keys in keyring [################################] 100%
(1/1) checking package integrity [################################] 100%
error: artix-keyring: signature from "Artix Buildbot <buildbot@artixlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/artix-keyring-20171114-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
error: alsa-tools: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/alsa-tools-1.1.6-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
I am lost as to the problem here.
It is my mirror though, I think I synced it by hand
it is not working anyway
[flatbush ~]# pacman -S artix-keyring
warning: artix-keyring-20171114-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (1) artix-keyring-20171114-1
Total Installed Size: 0.08 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] Y
(1/1) checking keys in keyring [################################] 100%
warning: Public keyring not found; have you run 'pacman-key --init'?
downloading required keys...
error: key "1247D995F165BBAC" could not be looked up remotely
error: required key missing from keyring
error: failed to commit transaction (could not find or read file)
Errors occurred, no packages were upgraded.
Hi, I've just updated the
mirrorlist from
20180417-1 to
20180421-1. Unfortunately, the content of the
/etc/pacman.d/mirrorlist.pacnew file starts with the following header again:
##
## Artix Linux repository mirrorlist
## Generated on 2017-10-21
##
Is there a reason not to update the
Generated on date? Should not the developers care about the date, why bother presenting it at all? It's only misleading. Thanks in advance for feedback.
Just edit it and put your own date on it, but that is the list of the latest 7 mirrors. If you remember the past couple of weeks the primary mirror was lost, so there was an update with 1 mirror less, then a new server was found and it was added again, and during the process 2 more mirrors were found, that's all.
Here you can replace it with this one:
##
## Artix Linux repository mirrorlist
## Generated on 2018-04-23
##
# Artix mirrors
Server = https://mirror.clarkson.edu/artix-linux/repos/$repo/os/$arch
Server = https://ftp.sh.cvut.cz/artix-linux/$repo/os/$arch
Server = http://artix.wheaton.edu/repos/$repo/os/$arch
Server = http://mirror.strits.dk/artix-linux/repos/$repo/os/$arch
Server = https://mirrors.dotsrc.org/artix-linux/repos/$repo/os/$arch
Server = https://www.uex.dk/public/artix/$repo/os/$arch
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
Here I am at another system that hasn't seen an update since last week.
Note the difference of mirror1 against that on top:
Server = http://mirror1.artixlinux.org/artix-linux/repos/$repo/os/$arch
This no longer works with /artix-linux and the rest of the repositories have not synched since before this because I get pkgs that are newer than the current mirrors left from last week. Nothing to do it says. Not even a new mirrorlist.
I bet now that I will copy my own post of mirrorlist it will get plenty of updating. So the rest of the mirrors are more than 4 days old?
Thanks for your thought. Yet, it does not answer my question at all.
Never mind, the developers changed the date within the file accordingly and there is no need for the users to tinker with it anymore (other than changing the order of the servers, of course.)
rsync: getaddrinfo: mirror1.artixlinux.org 873: No address associated with hostname
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
mirroring is broken?
extra is up to date
community is up to date
error: database not found: system-testing
on the pacman mirror update?
Server = http://mirror1.artixlinux.org/repos/$repo/os/$arch
gremlins 16.0 KiB 141K/s 00:00 [####################################] 100%
system 206.8 KiB 414K/s 00:01 [####################################] 100%
world 731.3 KiB 459K/s 00:02 [####################################] 100%
galaxy-gremlins 2.1 KiB 0.00B/s 00:00 [####################################] 100%
galaxy 540.2 KiB 455K/s 00:01 [####################################] 100%
system-testing? Did you do an installation with a 2017-09 image?
I that was the rsyn mirror from about when artix started until today