注意:以下の記事を参考にされ、問題が生じた場合、責任は負いかねます。
manjaro keyring error / 241112
I have had keyring error, when I upgrade Manjaro system. Here is a small memo.
0. Conclusion about pacman-key & GPG using proxy
0-1. Manually add option
--keyserver-options http-proxy=http://ID:PASS@PROXY_IP:port
sudo gpg --keyserver-options http-proxy=http://ID:PASS@PROXY_IP:port --keyserver hkp://keyserver.ubuntu.com --recv-keys 29C71CE612B57264
0-2. Add http-proxy http://ID:PASS@proxy_IP:PORT to belows.
/etc/gnupg/dirmngr.conf
/etc/pacman.d/gnupg/dirmngr.conf
sudo vi /etc/gnupg/dirmngr.conf
http-proxy http://ID:PASS@proxy_IP:PORT
sudo vi /etc/pacman.d/gnupg/dirmngr.conf
http-proxy http://ID:PASS@proxy_IP:PORT
And run follows or restart PC.
systemctl --user daemon-reload
systemctl --user restart dirmngr.service
Following is the process for fixing the keyring error at that time.
1. keyring error, during upgrade system
sudo pacam -Syyuu
....
### https://zenn.dev/miwarin/articles/e0ca2e9d78a1614fe296
## エラー: ruby-rexml: "Ike Devolder <ike.devolder@archlinux.org>" の署名は信頼されていません
:: ファイル /var/cache/pacman/pkg/ruby-rexml-3.2.6-1-any.pkg.tar.zst は破損しています (無効または破損し たパッケージ (PGP 鍵))。
ファイルを削除しますか? [Y/n]
2. confirm key
pacman-key --list-sigs | fgrep "Daniel M. Capella"
fgrep: warning: fgrep is obsolescent; using grep -F
gpg: 注意: 信用データベースが、書き込み不能です
uid [期限切れ] Daniel M. Capella <polyzen@archlinux.org>
sig N 29C71CE612B57264 2024-02-02 Daniel M. Capella <polyzen@archlinux.org>
uid [ 充分 ] Daniel M. Capella <polyzen@archlinux.org>
sig N EA4F7B321A906AD9 2024-02-09 Daniel M. Capella <polyzen@archlinux.org>
3. sign key
sudo pacman-key --lsign-key EA4F7B321A906AD9
-> Locally signed 1 key.
==> 信頼データベースを更新...
gpg: 次回の信用データベース検査は、2024-11-18です
4. sign another key of same person
same person's another key but no user ID ...?
Something is wrong?
sudo pacman-key --lsign-key 29C71CE612B57264
-> Locally signed 1 key.
==> 信頼データベースを更新...
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: key 786C63F330D7CB92: no user ID for key signature packet of class 10
gpg: 公開鍵DB323392796CA067は、署名よりも3037日、新しいものです
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: key 1EB2638FF56C0C53: no user ID for key signature packet of class 10
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: 深さ: 0 有効性: 1 署名: 25 信用: 0-, 0q, 0n, 0m, 0f, 1u
gpg: 深さ: 1 有効性: 25 署名: 103 信用: 1-, 0q, 0n, 24m, 0f, 0u
gpg: 深さ: 2 有効性: 75 署名: 30 信用: 75-, 0q, 0n, 0m, 0f, 0u
gpg: 次回の信用データベース検査は、2024-11-18です
Same kind of error occurs during upgarde
sudo pacman -Syyuu
## エラー: ruby-rexml: "Ike Devolder <ike.devolder@archlinux.org>" の署名は信頼されていません
:: ファイル /var/cache/pacman/pkg/ruby-rexml-3.2.6-1-any.pkg.tar.zst は破損しています (無効または破損し たパッケージ (PGP 鍵))。
ファイルを削除しますか? [Y/n]
5. refresh key
- gpg or pacman-key should use proxy.
- so add --keyserver-options manually
- use Ubuntu key-server, because default server now work at that time.
sudo gpg --keyserver-options http-proxy=http://ID:PASS@PROXY_IP:port --keyserver hkp://keyserver.ubuntu.com --recv-keys 29C71CE612B57264
gpg: *警告*: homedir '/home/hoge/.gnupg'の安全でない所有
gpg: 鍵29C71CE612B57264: 公開鍵"Daniel M. Capella <polyzen@archlinux.org>"をインポートしました
gpg: 処理数の合計: 1
gpg: インポート: 1
all key becomes [full] and it seems to be fine !
LANG=C sudo pacman-key --list-sigs | grep -i capella
uid [ full ] Daniel M. Capella <polyzen@archlinux.org>
sig N 29C71CE612B57264 2024-02-02 Daniel M. Capella <polyzen@archlinux.org>
uid [ full ] Daniel M. Capella <polyzen@archlinux.org>
sig N EA4F7B321A906AD9 2024-02-09 Daniel M. Capella <polyzen@archlinux.org>
6. just in case, update keyring...
sudo pacman -S archlinux-keyring manjaro-keyring
警告: archlinux-keyring-20241015-1 は最新です -- 再インストール
警告: manjaro-keyring-20230719-3 は最新です -- 再インストール
パッケージ (2) archlinux-keyring-20241015-1 manjaro-keyring-20230719-3
合計インストール容量: 1.76 MiB
最終的なアップグレード容量: 0.00 MiB
==> manjaro.gpg からキーを追加...
==> キーリングの信頼されたキーに署名...
-> Locally signed 1 key.
==> 所有者信頼値をインポート...
==> 信頼データベースを更新...
gpg: 次回の信用データベース検査は、2024-11-18です
7. upgrade system without error
sudo pacman -Syyuu
reference