Hi I am Rupesh from India and I have a system with Intel i3 10th gen 10100 processor and Asus prime H510 me motherboard. I have installed black arch Linux which is based on arch Linux two months back. I am using this same distribution since 1.5 years and there is no major issues. Today package signing failed.
Actually I have installed os two months back and updating regularly using the following command
sudo pacman -Syu
The above command worked fine upto now by syncing package database and fetching packages and finally installing downloaded packages but today all the packages from arch Linux repository are fetched and installed but I got error as
blackarch: signature from ... is unknown trust
error: failed to synchronize all databases (invalid or corrupted database (PGP signature))
Upon getting the above error I have removed all the files and directories from
/etc/pacman.d/gnupg and
/var/lib/pacman/sync
After that I have issued the following commands
sudo pacman-key --init
sudo pacman-key --populate
sudo pacman -Syu
Actually upon doing the above generally all the issues related to packages can be fixed but instead I am getting the same errors as previous.
I am providing the output of the above commands below
[ Rupesh ~ ]$ sudo pacman-key --init
[sudo] password for build:
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/C38E014E4B1A789A12C12ECCD6900FF894022848.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
[ Rupesh ~ ]$ sudo pacman-key --populate
==> Appending keys from archlinux.gpg...
==> Appending keys from blackarch.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signed 10 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
-> Disabled 42 keys.
==> Updating trust database...
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: (use option "--allow-weak-key-signatures" to override)
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 10 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 10 signed: 97 trust: 0-, 0q, 0n, 10m, 0f, 0u
gpg: depth: 2 valid: 75 signed: 21 trust: 75-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2023-12-31
[ Rupesh ~ ]$ u
[ Rupesh ~ ]$ sudo pacman -Syyu
:: Synchronizing package databases...
core 129.4 KiB 49.6 KiB/s 00:03 [######################] 100%
extra 8.3 MiB 1770 KiB/s 00:05 [######################] 100%
community 45.0 B 23.0 B/s 00:02 [######################] 100%
multilib 139.6 KiB 51.7 KiB/s 00:03 [######################] 100%
blackarch 4.0 MiB 453 KiB/s 00:09 [######################] 100%
error: blackarch: signature from "Levon 'noptrix' Kayan (BlackArch Developer) <noptrix@nullsecurity.net>" is unknown trust
error: failed to synchronize all databases (invalid or corrupted database (PGP signature))
[ Rupesh ~ ]$
May I know what is the meaning of weak key signatures
After issuing sudo pacman-key --populate I even issued the following
sudo pacman-key --populate --allow-weak-key-signatures
But I got error as option --allow-weak-key-signatures not found.
Here another issue is whenever I try to install a new package I am getting same error as signature from ... is unknown trust. So I can't do anything.
Kindly try to suggest how to upgrade my system and install new packages properly without any errors.
Regards,
Rupesh.