Error: ... : signature from "..." is unknown trust

sudo pacman-key --refresh-keys --keyserver pgp.mit.edu
sudo pacman-key -r 8238651DDF5E0594 --keyserver pgp.mit.edu
gpg --recv-key 5D909DF24F2E007B
sudo pacman-key -r 8238651DDF5E0594 --keyserver cryptonomicon.mit.edu

Where are these commands from? They are not from any suggestions in this thread.

@korealinux mostly from this one:

Hope I shared that correctly!

I was getting ready to do this if it had not helped...

If you read through that entire thread, those commands are failing because something is wrong with that MIT server.

I did. Don't you see where I tried the others?
Not sure I get your point?

My suspicion is most keyring issues are actually related to something else. And you have some serious problems right now. This keyring problem was probably a symptom of your other issues.

OK. Thank you for your observation. Do you think that I had serious problems before the attempted updates?

If I did, I was actually unaware.. Things seemed to work well.

Do you see something I should investigate?

I sure hope that you understand how sincere I am when I say thank you for helping.

It is late for me. I will signoff. but I will look through the weekend. If I shoudl do something, it would be best to make sure it is done before work starts on Monday.

Thanx again.

oh! That was a link!
I almost missed that!

um... those issues were resolved when one of those people told me I was on a TESTING channel, and helped me to get to a STABLE channel. So I think things are all good there, now.

Let me know please if you think different.

You also pulled apart the drives in your computer that were connected using some kind of adapter which you suspect had a bad connector.

The packages in testing branch 27 days ago are now in stable branch. There was nothing in testing in the last month that made systems not boot like yours as far as I can remember.

I would not trust a new installation with this many problems already. A keyring problem may be a common question, but it is not a common bug on normal installs. If this was my system, I would be on my 2nd or 3rd re-install by now. I would keep re-doing it until I had no boot errors (or the boot errors I got I knew to be just common warnings) and could do a system update with no issues.

Do it within pamac, preferences/Official Repositories, Use mirrors from:

repos

then refresh mirror list

Thanx all!
@ant thank you.
@korealinux I think my system is stable. I have had no reboot errors, long since that change to Stable.

Reinstalling several times (like it is not a big deal,) is for those who like playing with their OS as a hobby, (I feel.) Perhaps a normal thing for those specializing in computer technology.

I use an OS to get daily work done.

With the help of many, I am learning as I go so that I can maintain a good work-computer which I can rely upon.

I have not had issues since making sure I was on a Stable channel. I have done several little updates since then with NO issues or key signature problems. Then I do this update and I get into very unstable waters.

While it is possible all of this came from previous or remaining issues, like ghosts, I think it may just be a simpler issue of the whole key updates issues which seem documented by many!

So, I appreciate your obvious knowledge and decision to respond and perhaps help, it seems you are trying very hard to concentrate on past solved issues, versus taking my (acknowledged limited experience) perception, and working to figure out a well-defined process for stable updates with checks and validations to make the updates simple.

When a STABLE release is pushed such that the OS alerts the user of xxx updates available, there should be other background processes that make sure proper preparations are in place so that the updates, when triggered, are applied in a good environment.

If the system can see that keys are a problem, that should be resolved or at least flagged, before a button-push builds upon problems. Am I crazy for thinking this is a valid, logical approach?!

If you can't see that as a reasonable suggestion to help make Manjaro better, then what are you intending to respond with?

I honestly mean it. If you see a current issue with my system that suggests it is NOT stable, please tell me what it is, so we can get to fixing it. If not, please turn your obvious ability to make the update process better. I know I can't! So, I hope people like you do. If you can get me in touch with you privately, I would be happy to fund some of that good work, since I lack the knowledge, experience, and ability to do it myself to improve this good OS.

In hindsight, I think THIS was actually the biggest part of the solution.

Thanx @SGS.

Like the first post!

I know it must be difficult to read through all of the extra stupid stuff provided by someone who doesn't know what they don't know. I am not sure how I messed up your suggestion at first. We may never know. But later, dealing with the key individually, I think made the difference.

If this sort of thing happens again, I am better prepared because of your post. Still, I need to go understand more about this whole key signing thing.

I think I recall you helping in the past, so thank you again!

1 Like

There were no such errors reported during the testing process.
Apart from that a user cannot expect that there will be no errors even on Stable branch.
It is important to troubleshoot systematically, search the exact error message, then try solution. If there is a new error messege, search it. The best source is the Arch Wiki. Manjaro Wiki also has information about problems with keys.
Keep cool is crucial, but I understand that it is difficult with such a comlicated error.

Thanx @eugen-b.

I learned some things and it didn't impact my work day too much, so I am grateful.

I am looking now for a very simplistic step-by-step process to make sure I have the best chances when next I do an update. If anyone is aware of a good one, please point? I am sure I will find one, but I figure some looking at this thread may have very specific and recent ideas of a posting.

Thanx!

I think that "testers" usually know how to prepare before a test, or... what to do if this type of issue comes up. I am a new user, without that experience... Well, I was!

Testing should consider "Use Case" scenarios, especially with Manjaro appearing to grow in popularity as an option for previous Windows users. They are here and will coming!

I know now more about the process, and will not be... uncool if it hits again.

No, no! They would have reported if an issue with expired keys or a failing keyserver had occured.

Some testers even have systems which they rarely update. They tend to report explicitely if they updated a machine after a month or so and no issues occured.

I think that the main developers simulate the Stable update before they push it. (They switch on system on Stable branch to the Testing branch and run the update.)

Simplistic and step-by-step will fail, because otherwise it would have been automatized.
It is best (and no brain strain) to back up the system before the update and have a live USB ready. Learn how to use the command manjaro-chroot -a from the live USB. Just try it! It will allow you to enter the installed system and run commands in it from the live USB system.

My simplistic and step-by-step method is to search the exact error message (with quotation marks ("...")), then try the suggested solution from a competent source, if an error occurs, search that error message and so on.

This can be done with the help of this forum. But post the exact terminal output and do one step after another.

I always do this:
Drop into a tty. It takes you out of the GUI. Simpler.
Ctrl alt f3
Enter your credentials.
Sudo pacman-mirrors -f5
Sudo pacman -Syyu
Systemctl reboot when done.

2 Likes

Not quite the same error message but maybe of interest nonetheless:

Had an issue with the keys, but after using the above methods it got solved. Though there is a slight bug, because my pamac is set to auto download the packages it kept getting corrupt packages, I had to disable that & remove the corrupt cache packages. Then it was smooth sailing.

@SuperGrip I am trying to follow what is happening but I do not understand about how to remove the problem.

Here is what happened lastly:

sudo pacman-key --populate archlinux manjaro
==> Appending keys from archlinux.gpg...
==> Appending keys from manjaro.gpg...
==> Locally signing trusted keys in keyring...
  -> Locally signing key B4663188A692DB1E45A98EE95BD96CC4247B52CC...
==> ERROR: B4663188A692DB1E45A98EE95BD96CC4247B52CC could not be locally signed.
  -> Locally signing key D8AFDDA07A5B6EDFA7D8CCDAD6D055F927843F1C...
==> ERROR: D8AFDDA07A5B6EDFA7D8CCDAD6D055F927843F1C could not be locally signed.
  -> Locally signing key 76C6E477042BFE985CC220BD9C08A255442FAFF0...
==> ERROR: 76C6E477042BFE985CC220BD9C08A255442FAFF0 could not be locally signed.
  -> Locally signing key 7C89F4D439B2BFACF425107B62443D89B35859F8...
==> ERROR: 7C89F4D439B2BFACF425107B62443D89B35859F8 could not be locally signed.
  -> Locally signing key 1E7908935AAB9A00D6B47503363DFFFD59152F77...
==> ERROR: 1E7908935AAB9A00D6B47503363DFFFD59152F77 could not be locally signed.
  -> Locally signing key 04BB537F5BC2D399BFA72F8F17C752B61B2F2E90...
==> ERROR: 04BB537F5BC2D399BFA72F8F17C752B61B2F2E90 could not be locally signed.
  -> Locally signing key DDB867B92AA789C165EEFA799B729B06A680C281...
==> ERROR: DDB867B92AA789C165EEFA799B729B06A680C281 could not be locally signed.
  -> Locally signing key 5A97ED6B72418199F0C22B23137C934B5DCB998E...
==> ERROR: 5A97ED6B72418199F0C22B23137C934B5DCB998E could not be locally signed.
  -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
==> ERROR: 684148BB25B49E986A4944C55184252D824B18E8 could not be locally signed.
  -> Locally signing key 75C1B95A4D9514A57EB2DAE71817DC63CD3B5DF5...
==> ERROR: 75C1B95A4D9514A57EB2DAE71817DC63CD3B5DF5 could not be locally signed.
  -> Locally signing key 39F0EC1AE50B37E5F3196F09DAD3B211663CA268...
==> ERROR: 39F0EC1AE50B37E5F3196F09DAD3B211663CA268 could not be locally signed.
  -> Locally signing key 2D14560CDCE6A75BB186DB758238651DDF5E0594...
==> ERROR: 2D14560CDCE6A75BB186DB758238651DDF5E0594 could not be locally signed.
  -> Locally signing key 7A443CEE69B6B3777740E258084A7FC0035B1D49...
==> ERROR: 7A443CEE69B6B3777740E258084A7FC0035B1D49 could not be locally signed.
  -> Locally signing key F66AD0FF0E57C561615A0901CEE477135C5872B0...
==> ERROR: F66AD0FF0E57C561615A0901CEE477135C5872B0 could not be locally signed.
  -> Locally signing key 35B4FF23EA9477582C2A0AF12B80869C5C0102A6...
==> ERROR: 35B4FF23EA9477582C2A0AF12B80869C5C0102A6 could not be locally signed.
  -> Locally signing key E4CDFE50A2DA85D58C8A8C70CAA6A59611C7F07E...
==> ERROR: E4CDFE50A2DA85D58C8A8C70CAA6A59611C7F07E could not be locally signed.
  -> Locally signing key 74C2F2CC05A0AB7D859839938934292D604F8BA2...
==> ERROR: 74C2F2CC05A0AB7D859839938934292D604F8BA2 could not be locally signed.
  -> Locally signing key 77DC01C9971AC3C39A0626F72C089F09AC97B894...
==> ERROR: 77DC01C9971AC3C39A0626F72C089F09AC97B894 could not be locally signed.
  -> Locally signing key 16DC688DF3EECC72323954237EC47C82A42D53A2...
==> ERROR: 16DC688DF3EECC72323954237EC47C82A42D53A2 could not be locally signed.
  -> Locally signing key 2C688B52E3FC0144B7484BABE3B3F44AC45EE0AA...
==> ERROR: 2C688B52E3FC0144B7484BABE3B3F44AC45EE0AA could not be locally signed.
  -> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
==> ERROR: 91FFE0700E80619CEB73235CA88E23E377514E00 could not be locally signed.
  -> Locally signing key 22C903DE964E6FE321656E318DB9F8C18DF53602...
==> ERROR: 22C903DE964E6FE321656E318DB9F8C18DF53602 could not be locally signed.
  -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
==> ERROR: 0E8B644079F599DFC1DDC3973348882F6AC6A4C2 could not be locally signed.
  -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> ERROR: AB19265E5D7D20687D303246BA1DFB64FFF979E7 could not be locally signed.

Forum kindly sponsored by