EDIT: As I composed this message, alium posted:
This solves the issue for me: I have installed fzf and remmina.
I'll leave my post here. Mods may delete it if they don't want it, or instruct me to do so.
____________________________
I have a similar problem. Perhaps the same. I too have seen "Morten Linderud".
I've set up a new Artix machine using artix-base-runit-20210426-x86_64.iso. I've done pacman -Syu and I installed the packages I use. With two exceptions: fzf and remmina. Here's me trying to install fzf:
[ax alp]# pacman -S fzf
resolving dependencies...
looking for conflicting packages...
Packages (1) fzf-0.27.0-1
Total Installed Size: 3.10 MiB
:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring [#########] 100%
(1/1) checking package integrity [#########] 100%
error: fzf: signature from "Morten Linderud <[email protected]>" is marginal trust
:: File /var/cache/pacman/pkg/fzf-0.27.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
I have another computer which I had set up a while ago using artix-base-runit-20210101-x86_64.iso. I am able to install fzf and remmina on that machine. So I thought, maybe the packages really are corrupt. But ls /var/cache/pacman/pkg/{fzf*27*,remmina*} | xargs sha512sum produces the same signatures.
I've tried the steps on https://forum.artixlinux.org/index.php/topic,1969.0.html and https://forum.artixlinux.org/index.php/topic,220.0.html
Namely:
pacman -S artix-keyring
pacman-key --init --keyserver hkps://keys.openpgp.org
pacman -Syu
pacman -Syyu
pacman-key --populate
pacman-key --refresh-keys
I have tried some of these multiple times. Then once again in this order. But I am shooting in the dark. Shotgun debugging. Yes, I only partially possess the aforementioned "basic knowledge of pacman". But then again, if I read the whole manual for every single program I use, I would not get anything done. I suspect I know enough: I always read relevant portions of man pacman whenever I am about to issue a command I found on the internet.
It is indeed possible that OP and I have both configured something wrong. However, since OP and I are both having problems with a fresh install, and I had managed to install Artix without this problem once before, it is also possible that something really is amiss. Maybe some instruction was not quite clear.
Could you make sure that OP and I indeed deserve a RTFM? If not, could you help us? I don't want to force-accept signatures blindly.
I'm not sure what diagnostics I should post. I don't want to clutter the post with irrelevant details.
Here's a diff of the outputs of pacman-key -l on my two machines: http://txt.do/tsuhi (Expires in two weeks)
Perhaps the first few lines are the most relevant:
3,4c3,4
< pub rsa4096 2021-03-18 [SC]
< C85119BD280EC9F0F8C603D366DAADB4CAF690BB
---
> pub rsa4096 2021-05-10 [SC]
> 6A39C608EB5BC3E65EB7882437AF5810323309D7
The machine on which pacman -S fzf remmina works appears to have an older version (2021-03-18).
Maybe Morten Linderud's and Sergej Pupykin's portions are relevant as well (same on both machines):
pub rsa4096 2014-09-05 [SC]
C100346676634E80C940FB9E9C02FF419FECBE16
uid [ full ] Morten Linderud <[email protected]>
uid [ full ] Morten Linderud <[email protected]>
uid [marginal] Morten Linderud <[email protected]>
uid [marginal] Morten Linderud <[email protected]>
uid [marginal] Morten Linderud <[email protected]>
sub rsa4096 2014-09-05 [E]
sub rsa4096 2018-11-13 [S]
sub rsa4096 2018-11-26 [A]
pub rsa4096 2011-07-15 [SC]
3E518BF2526FD1979E8AAE4965C110C1EA433FC7
uid [marginal] Sergej Pupykin <[email protected]>
uid [marginal] Sergej Pupykin <[email protected]>
uid [ full ] Sergej Pupykin <[email protected]>
uid [marginal] Sergej Pupykin <[email protected]>
sub rsa4096 2011-07-15 [E]
I've also compared the /usr/share/pacman/keyrings directories. ls -1 | xargs sha512sum produces the same output.
remmina's problematic signature might also be worth mentioning:
[ax keyrings]# pacman -S remmina
resolving dependencies...
looking for conflicting packages...
Packages (8) libappindicator-gtk3-12.10.0.r296-1 libdbusmenu-glib-16.04.0-4 libdbusmenu-gtk3-16.04.0-4
libindicator-gtk3-12.10.1-9 libsodium-1.0.18-2 vte-common-0.64.1-1 vte3-0.64.1-1
remmina-1:1.4.14-1
Total Installed Size: 7.44 MiB
:: Proceed with installation? [Y/n] y
(8/8) checking keys in keyring [######################################] 100%
(8/8) checking package integrity [######################################] 100%
error: remmina: signature from "Sergej Pupykin <[email protected]>" is marginal trust
:: File /var/cache/pacman/pkg/remmina-1:1.4.14-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.