Seems to be a problem with the signing signatures. Specifically with
[email protected].
I tried running `pacman -S plasma`, and everything downloads, but the following packages fail with the same error `signature from "Artix Buildbot <
[email protected]>" is invalid`
- xdg-desktop-portal-kde
- ksshaskpas
- libkscreen
- plasma-integraton
- kwayland-server
- layer-shell-qt
- ksystemstats
- libksysguard
- kde-gtk-config
- drkonqi
- discover
- breeze
- kdecoration
Here's what I did so far.
1. tried reinstalling both archlinux-keyring and artix-keyring, then repopulating it with `pacman-key --populate artix archlinux`
2. tried clearing the cache with `pacman -Scc`
3. tried resetting the keys entirely by deleting `/etc/pacman.d/keyring` then running `pacman-key --init && pacman-key --populate`
4. tried changing the order of the mirrors, suspecting that some mirrors have old packages
I know I could probably bypass all this by disabling signature checking, but I don't wish to do that.
Any suggestions? Or do I have to just wait for an update to `artix-keyring`?
any chance it lists a key code that you could use sudo pacman-key --recv-key [key number] && sudo pacman-key --lsign [key code].
I'm going to guess no. Patience while the devs work it out.
Nope, don't see anything like that. Guess we'll just wait.
I also have the same issue, with everything submitted to the repo's using the Artix Buildbot.
I've tried running the following, without success:
#!/usr/bin/env bash
rm -rf /var/cache /var/lib/pacman/sync/* /etc/pacman.d/gnupg;
pacman-key --init;
pacman-key --populate artix archlinux;
pacman-key --refresh-keys;
Only saying this because it means that it's definitely an issue with the Arch Buildbot's PGP key, and not with my or test4d's system(s).
Edit:
Output of the commands recommended by cat herders of linux for me is:
[adam-artix-laptop adam]# pacman-key --recv-key 0A3EB6BB142C56653300420C1247D995F165BBAC
gpg: key 1247D995F165BBAC: "Artix Buildbot <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
[adam-artix-laptop adam]# pacman-key --lsign 0A3EB6BB142C56653300420C1247D995F165BBAC
-> Locally signed 1 keys.
==> Updating trust database...
gpg: public key DB323392796CA067 is 3037 days newer than the signature
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 12 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 12 signed: 111 trust: 1-, 0q, 0n, 11m, 0f, 0u
gpg: depth: 2 valid: 105 signed: 36 trust: 105-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-07-10
This does not stop the error.
I'm getting this too, since yesterday.
Unfortunately none of the suggested approaches solves the error. :/
The devs i am sure are aware of it by now and working on the issue.
@nous ?
There was an accident last night and few plasma packages went broke sig.
Will be fixed today.
The packages have been fixed and it should be possible to install them normally once the mirrors have updated.
artist