systray-x
systray-x copied to clipboard
Ximi1970
Arch signature is invalid
error: systray-x: signature from "home:Ximi1970 OBS Project home:[email protected]" is invalid
I saw simular issues have been closed. I Use EndeavourOS (Arch base)
gpg --show-keys home_Ximi1970_Mozilla_Add-ons_Arch_Arch.key
gpg: directory '/home/user/.gnupg' created
pub rsa2048 2017-01-19 [SC] [expires: 2025-10-02]
01A5D4EFE73D0F34F8253112BEEF5C3607D86FE9
uid home:Ximi1970 OBS Project <home:[email protected]>
I see no problem with the key. Everything installs just fine...
gpg --show-keys home_Ximi1970_Mozilla_Add-ons_Arch_Arch.key
gpg: directory '/home/linux/.gnupg' created
pub rsa2048 2017-01-19 [SC] [expires: 2025-10-02]
01A5D4EFE73D0F34F8253112BEEF5C3607D86FE9
uid home:Ximi1970 OBS Project <home:[email protected]>
[linux@vmarchendeavour ~]$ wget -q https://download.opensuse.org/repositories/home:/Ximi1970:/Mozilla:/Add-ons:/Arch/Arch/x86_64/home_Ximi1970_Mozilla_Add-ons_Arch_Arch.key
[linux@vmarchendeavour ~]$ ls
Desktop Downloads Music Public Videos
Documents home_Ximi1970_Mozilla_Add-ons_Arch_Arch.key Pictures Templates
[linux@vmarchendeavour ~]$ sudo pacman-key --add home_Ximi1970_Mozilla_Add-ons_Arch_Arch.key
[sudo] password for linux:
==> Updating trust database...
gpg: next trustdb check due at 2024-04-10
[linux@vmarchendeavour ~]$ sudo pacman-key --lsign-key BEEF5C3607D86FE9
-> Locally signed 1 keys.
==> Updating trust database...
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: (use option "--allow-weak-key-signatures" to override)
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 13 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 13 signed: 98 trust: 1-, 0q, 0n, 12m, 0f, 0u
gpg: depth: 2 valid: 74 signed: 22 trust: 74-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2024-04-10
[linux@vmarchendeavour ~]$ sudo echo -e "\n[home_Ximi1970_Mozilla_Add-ons_Arch_Arch]\nSigLevel = PackageOptional\nServer = https://download.opensuse.org/repositories/home:/Ximi1970:/Mozilla:/Add-ons:/Arch/Arch/x86_64" | sudo tee -a /etc/pacman.conf
[home_Ximi1970_Mozilla_Add-ons_Arch_Arch]
SigLevel = PackageOptional
Server = https://download.opensuse.org/repositories/home:/Ximi1970:/Mozilla:/Add-ons:/Arch/Arch/x86_64
[linux@vmarchendeavour ~]$ sudo pacman -Syyu
:: Synchronizing package databases...
endeavouros 22,2 KiB 133 KiB/s 00:00 [------------------------------------] 100%
core 134,5 KiB 399 KiB/s 00:00 [------------------------------------] 100%
extra 8,3 MiB 17,0 MiB/s 00:00 [------------------------------------] 100%
multilib 139,9 KiB 415 KiB/s 00:00 [------------------------------------] 100%
home_Ximi1970_Mozilla_Add-ons_Ar... 3,7 KiB 28,5 KiB/s 00:00 [------------------------------------] 100%
:: Starting full system upgrade...
there is nothing to do
[linux@vmarchendeavour ~]$ sudo pacman -S systray-x
resolving dependencies...
looking for conflicting packages...
Package (1) New Version Net Change Download Size
home_Ximi1970_Mozilla_Add-ons_Arch_Arch/systray-x 1:0.9.8-1 0,77 MiB 0,47 MiB
Total Download Size: 0,47 MiB
Total Installed Size: 0,77 MiB
:: Proceed with installation? [Y/n]
:: Retrieving packages...
systray-x-1:0.9.8-1-x86_64 481,4 KiB 908 KiB/s 00:01 [------------------------------------] 100%
(1/1) checking keys in keyring [------------------------------------] 100%
(1/1) checking package integrity [------------------------------------] 100%
(1/1) loading package files [------------------------------------] 100%
(1/1) checking for file conflicts [------------------------------------] 100%
:: Processing package changes...
(1/1) installing systray-x [------------------------------------] 100%
:: Running post-transaction hooks...
(1/1) Arming ConditionNeedsUpdate...
I had kind of the same signature error for months and could not figure out what the problem was. So i simply excluded the systray package from upgrading. But after many failed approaches i finally found the problem. It will not be the same as yours, because i use fedora but still the approach could help you.
So for me it was an old cert which was not updated at all, even after multiple commands to refresh.
You can start by checkig gpg --list-keys. There you can see all safed certs in your keyring (i think).
This is the first place to find an old cert. Remember to also check the root keyring by using sudo gpg --list-keys.
If you have an old cert there you can delete it by using gpg --delete-keys 01A5D4EFE73D0F34F8253112BEEF5C3607D86FE9 (for example. maybe you have to change the cert id).
In my special case Fedora or RPM had an own cert keyring or something like this.
Found the described problem here.
So basically you list all certs that rpm has installed by using sudo rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} → %{summary}\n' and search for the Ximi1970 cert.
Then you delete the Ximi1970 cert by using (in my case) sudo rpm -e gpg-pubkey-07d86fe9-6150a3db.
Maybe you need to execute a dnf clean all, but afterwards it was installing the package without problem.
Maybe you have a similar problem but with the arch package manager.
I need to create a section in the README for this. And add also the other distros and how to solve it. Need to wait till next year to test it ;-)