1

Topic: Signature error on installation

Trying to install some packages fails with the following error:

error: gnome-themes-standard: signature from "scott <sradms0@openmailbox.org>" is unknown trust

It's always the same person (Scott). I've updated my system, refreshed and repopulated both archlinux and hyperbola keys, and the error persists. Is this something Scott has to fix?

I think I read somewhere that I could bypass this kind of problem by changing SigLevel to TrustAll in pacman.conf, but I don't want to do anything that might be less secure if there's a simple workaround.

2

Re: Signature error on installation

Mesh Malachi wrote:

Trying to install some packages fails with the following error:

error: gnome-themes-standard: signature from "scott <sradms0@openmailbox.org>" is unknown trust

It's always the same person (Scott). I've updated my system, refreshed and repopulated both archlinux and hyperbola keys, and the error persists. Is this something Scott has to fix?

I think I read somewhere that I could bypass this kind of problem by changing SigLevel to TrustAll in pacman.conf, but I don't want to do anything that might be less secure if there's a simple workaround.

Hello. Have you tried to try the wiki guide?

~ Jesús E.

3

Re: Signature error on installation

Mesh Malachi wrote:

Trying to install some packages fails with the following error:

error: gnome-themes-standard: signature from "scott <sradms0@openmailbox.org>" is unknown trust

It's always the same person (Scott). I've updated my system, refreshed and repopulated both archlinux and hyperbola keys, and the error persists. Is this something Scott has to fix?

I think I read somewhere that I could bypass this kind of problem by changing SigLevel to TrustAll in pacman.conf, but I don't want to do anything that might be less secure if there's a simple workaround.

Seems Scott's key has been expired, so i'm going to put our build server to rebuild his packages and remove his key in hyperbola-keyring to solve the issue. I'll let you know when it's ready.

4

Re: Signature error on installation

Emulatorman wrote:

Seems Scott's key has been expired, so i'm going to put our build server to rebuild his packages and remove his key in hyperbola-keyring to solve the issue. I'll let you know when it's ready.

All related packages rebuilt and pushed. Try again and let us know if it solved the issue.

5

Re: Signature error on installation

I have the same problem, this time with Andre Silva's key

error: pkgfile: signature from "André Silva <emulatorman@hyperbola.info>" is unknown trust

I checked my system date and followed the wiki advice for gpg errors:

# rm -r /etc/pacman.d/gnupg/*

# pacman-key --init

# pacman-key --populate hyperbola arch

# pacman-key --refresh-keys

On the last step, refresh-keys, I receive the error

gpg: refreshing 77 keys from hkp://pool.sks-keyservers.net
gpg: keyserver refresh failed: No name
==> ERROR: A specified local key could not be updated from a keyserver.

I tried changing keyservers and using the default keyserver.

6

Re: Signature error on installation

This issue can be resolved with modifying your pacman-configuration using:

SigLevel = Never

Otherwise there is no quick solution for any key within the version 0.3.1.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

7

Re: Signature error on installation

You're welcome to v0.4 Mesh Malachi. It's fantastic!

8

Re: Signature error on installation

sagaracharya wrote:

You're welcome to v0.4 Mesh Malachi. It's fantastic!

I didn't even realize there was a new version.

I just upgraded (pacman -Syuu is all I need to do, right?), cleared pacman cache, populated and refreshed hyperbola keys. I'm getting the exact same error.

9

Re: Signature error on installation

I have no idea how upgrading will function. Installing from scratch with v0.3.1 bootable usb will function right.

v0.4 beta will soon be out followed by stable. It has some major changes like removal of dbus, consolekit, elogind, pam, policykit which are frameworks within linux kernel.

You have to change /etc/pacman.d/mirrorlist to have just the following line uncommented. Comment everything else.

Server = https://repo.hyperbola.info:50011/gnu-plus-linux-libre/testing/$repo/os/$arch

There is a single DE lumina, there are many window managers which can be used. Any more packages which you think are necessary, you can request. If they're compatible with v0.4, we'll add them.

10

Re: Signature error on installation

Mesh Malachi wrote:

I didn't even realize there was a new version.

I just upgraded (pacman -Syuu is all I need to do, right?), cleared pacman cache, populated and refreshed hyperbola keys. I'm getting the exact same error.

You are getting this error because the PGP-keys cannot be validated any longer on that base. The best way to get out of this is for version 0.3.1 editing the file pacman.conf to be found within /etc.

There you have to set the SigLevel with:

SigLevel = Never

Please try that way until version 0.4 is available as we work for now more than a year for this new version. Thanks! For version 0.4 you will have to check what kind of environment you want to use. We don't have Gnome or KDE any longer in the repositories to come, but therefore many other window-managers and Lumina included.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

11

Re: Signature error on installation

sagaracharya wrote:

You have to change /etc/pacman.d/mirrorlist to have just the following line uncommented. Comment everything else.

Server = https://repo.hyperbola.info:50011/gnu-plus-linux-libre/testing/$repo/os/$arch

pacman asked me to downgrade a bunch of packages when I did that. But the transaction could not be completed because a bunch of dependencies would have been broken.

12

Re: Signature error on installation

Mesh Malachi wrote:

pacman asked me to downgrade a bunch of packages when I did that. But the transaction could not be completed because a bunch of dependencies would have been broken.

Definitely take backup of your system before upgrade. Force the downgrade of packages and check. Please remember the removal of the frameworks. So typically every package that depends on those frameworks in v0.3.1 will misfunction. If the basic parts are overwritten in the upgrade, you'll be able to use your system well. If not, you'll have to format and reinstall v0.4 from scratch.

13

Re: Signature error on installation

sagaracharya wrote:
Mesh Malachi wrote:

pacman asked me to downgrade a bunch of packages when I did that. But the transaction could not be completed because a bunch of dependencies would have been broken.

Definitely take backup of your system before upgrade. Force the downgrade of packages and check.

Why does upgrading the system require downgrading packages?!

14

Re: Signature error on installation

You have modified your system in a way corresponding packages of the same name have another version-state and therefore a concurrent downgrade is initialized from the package-manager.

Going to testing is not recommended from a fully installed version 0.3.1. To be a bit more clear: When you have a package with version 1.3.2-1.hyperbola.4 installed and the new version for version 0.4 (testing) is 1.3.2-1 the package-manager will for sure tell you about an incoming version-conflict and a downgrade. Technical it is an upgrade, but from the perspective of the versioning it is the opposite - and that's the only way for pacman to see it. wink

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

15

Re: Signature error on installation

throgh wrote:

The best way to get out of this is for version 0.3.1 editing the file pacman.conf to be found within /etc.

There you have to set the SigLevel with:

SigLevel = Never

I'm getting the same error I posted above:

error: python-django-jinja: signature from "André Silva <emulatorman@hyperbola.info>" is unknown trust
:: File /var/cache/pacman/pkg/python-django-jinja-1.3.3-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Also the same error after I init, populate, and refresh keys.

16

Re: Signature error on installation

Please post your complete configuration-file pacman.conf so it is possible to look at it and then also please clear your cached packages. You should therefore delete the file. As also to repeat: The signature has vanished and it is not possible to recreate it with any refresh (was already mentioned).

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

17

Re: Signature error on installation

throgh wrote:

Please post your complete configuration-file pacman.conf

#
# /etc/pacman.conf
#
# See the pacman.conf(5) manpage for option and repository directives

#
# GENERAL OPTIONS
#
[options]
# The following paths are commented out with their default values listed.
# If you wish to use different paths, uncomment and update the paths.
#RootDir     = /
#DBPath      = /var/lib/pacman/
#CacheDir    = /var/cache/pacman/pkg/
#LogFile     = /var/log/pacman.log
#GPGDir      = /etc/pacman.d/gnupg/
#HookDir     = /etc/pacman.d/hooks/
HoldPkg     = pacman glibc
#XferCommand = /usr/bin/curl -C - -f %u > %o
#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
#CleanMethod = KeepInstalled
#UseDelta    = 0.7
Architecture = auto

# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
#IgnorePkg   =
#IgnoreGroup =

#NoUpgrade   =
#NoExtract   =

# Misc options
#UseSyslog
Color
#TotalDownload
CheckSpace
#VerbosePkgLists

# By default, pacman accepts packages signed by keys that its local keyring
# trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel = Never
SigLevel    = Required DatabaseOptional
LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required

# NOTE: You must run `pacman-key --init` before first using pacman; the local
# keyring can then be populated with the keys of all Arch/Hyperbola packagers
# with `pacman-key --populate arch` and `pacman-key --populate hyperbola`.

#
# REPOSITORIES
#   - can be defined here or included from another file
#   - pacman will search repositories in the order defined here
#   - local/custom mirrors can be added here or in separate files
#   - repositories listed first will take precedence when packages
#     have identical names, regardless of version number
#   - URLs will have $repo replaced by the name of the current repo
#   - URLs will have $arch replaced by the name of the architecture
#
# Repository entries are of the format:
#       [repo-name]
#       Server = ServerName
#       Include = IncludePath
#
# The header [repo-name] is crucial - it must be present and
# uncommented to enable the repo.
#

[core]
Include = /etc/pacman.d/mirrorlist

[extra]
Include = /etc/pacman.d/mirrorlist

[community]
Include = /etc/pacman.d/mirrorlist

# If you want to run 32 bit applications on your x86_64 system,
# enable the multilib repository as required here.

#[multilib]
#Include = /etc/pacman.d/mirrorlist

# An example of a custom package repository.  See the pacman manpage for
# tips on creating your own repositories.
#[custom]
#SigLevel = Optional TrustAll
#Server = file:///home/custompkgs

so it is possible to look at it and then also please clear your cached packages.

I tried that. pacman -Sc

As also to repeat: The signature has vanished and it is not possible to recreate it with any refresh (was already mentioned).

Ok, I thought I had to refresh keys whenever I did anything that affected the keys. I am just following instructions I see online, I don't know the exact purpose of each step.

18

Re: Signature error on installation

Example for use that part in your configuration:

[core]
SigLevel = Never
Include = /etc/pacman.d/mirrorlist

[extra]
SigLevel = Never
Include = /etc/pacman.d/mirrorlist

[community]
SigLevel = Never
Include = /etc/pacman.d/mirrorlist

And remove the one line for SigLevel above. smile
Removing the package will restart the process itself: Download and install. You can also do it manually as the file is for real in this folder.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

19

Re: Signature error on installation

Yeah, your supposed to do this:

#SigLevel    = Required DatabaseOptional

and as for the other SigLevel:

it is fine the way it is:

SigLevel = Never

If you do this, you should be able to upgrade fine.

But I recommend you do a full upgrade.

if you don't think  it is a good idea, which I don't completely agree with, you can test in a vm of Hyperbola... smile

Usually it isn't hard to do so, just time consuming. But once you have it set up,  you can easily make a few backups, and if one breaks, delete it and use the last working one.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!