Project

General

Profile

Bug #2146

[systemd]: error: signature from bill-auger is unknown trust

GNUtoo - over 3 years ago - . Updated over 3 years ago.

Status:
fixed
Priority:
bug
Assignee:
% Done:

0%


Description

Here's how to reproduce:

# mkdir mnt
# mount -o bind mnt mnt
# pacstrap -G mnt
[...]
(150/150) checking keys in keyring                                  [#####################################] 100%
(150/150) checking package integrity                                [#####################################] 100%
error: systemd-libsystemd: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
:: File mnt//var/cache/pacman/pkg/systemd-libsystemd-240.34-3.parabola2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
[...]


Related issues

Related to Packages - Bug #2931: [parabola-hackers]: keys are "unknown trust" after expiry/renewalfixed

Actions

History

#1

Updated by bill-auger over 3 years ago

  • Subject changed from [systemd] package fails integrity check on x86_64 due to key that "is unknown trust" to [systemd]: error: signature from bill-auger is unknown trust

all i can say is that the keyserver network is behaving poorly today - the keys are clearly not propagating across the net as they should - i updated it yesterday on the MIT keyring server - it took several hours but eventually the MIT keyring server verifies that the expiry was extended

https://pgp.mit.edu/pks/lookup?op=vindex&search=0x3954A7AB837D0EA9CFA9798925DB7D9B5A8D4B40

that web page above shows on the very bottom line that on 2019-01-19 the expiration was extended to 2019-03-20 - today, the ubuntu keyserver now agrees with the MIT server (it did not yesterday)

https://keyserver.ubuntu.com/pks/lookup?search=bill-auger&op=vindex

but the sks-keyservers.net keyserver still does not have the update and i think that one is the default server used by pacman

https://sks-keyservers.net/pks/lookup?op=vindex&search=0x3954A7AB837D0EA9CFA9798925DB7D9B5A8D4B40

to get this working today, you (probably everyone) may need to specify one of the sane keyservers like so

pacman-key --keyserver hkp://keyserver.ubuntu.com --refresh-keys bill-auger
pacman-key --updatedb

or maybe someone else could re-package them (both x86_64 and i686)

#2

Updated by bill-auger over 3 years ago

ok - it looks like that the sks-keyservers.net keyserver has the update finally

this is probably a bug no more

#3

Updated by bill-auger over 3 years ago

  • Assignee set to bill-auger
  • Status changed from open to fixed
#4

Updated by bill-auger almost 2 years ago

  • Related to Bug #2931: [parabola-hackers]: keys are "unknown trust" after expiry/renewal added

Also available in: Atom PDF