Problem
I was trying to configure an Arch Linux virtual machine with Vagrant + Virtual Box and ran the following commands:
mkdir archlinux
cd archlinux
vagrant init archlinux/archlinux
vagrant up
After the vagrant box was downloaded and the virtual machine was configured and up running, I logged in:
vagrant ssh
The first thing I did was to upgrade the system by running:
sudo pacman -Syyu
After all the packages were downloaded, it asked me to import some PGP keys:
:: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@archlinux.org>"? [Y/n]
:: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@archlinux.org>"? [Y/n]
and it gave me the following error with every single package:
error: archlinux-keyring: signature from "Christian Hesse <eworm@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20200603-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
The latest version of the Arch Linux box was released on June 3rd and this error also occurred with some previous versions released this year, even when I was trying to install any package.
Solution
There's an answer to a post in the Manjaro Linux Forum suggesting that the error can be fixed by running the following commands:
sudo rm -r /etc/pacman.d/gnupg
sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
sudo pacman-key --init
sudo pacman-key --populate archlinux manjaro
sudo pacman-key --refresh-keys
sudo pacman -Sc
But running sudo pacman -Sy gnupg archlinux-keyring manjaro-keyring
will give the same error and the manjaro-keyring
package is not necessary as well as manjaro
in sudo pacman-key --populate archlinux manjaro
, as we're running Arch Linux. So the steps to follow are:
sudo rm -r /etc/pacman.d/gnupg
sudo pacman-key --init
sudo pacman-key --populate archlinux
sudo pacman-key --refresh-keys
sudo pacman -Sy gnupg archlinux-keyring
sudo pacman -Sc
After that we can upgrade the system or install a package as usual.
Top comments (2)
This blog post saves me. Thank you!
a verification process of every single key starts that lasts hours and hours, at a certain point I closed everything and went to bed