I was installing minecraft launcher via pacman when this happened:

error: minecraft-launcher: signature from “lilac (build machine) lilac@build.archlinuxcn.org” is unknown trust
:: File /var/cache/pacman/pkg/minecraft-launcher-1:1.0.1221-3-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

I tried doing:
pacman-key --init
pacman-key --populate archlinux endeavouros
and also trying yay but it doesn’t work.
Can anyone help?

From the Arch Wiki:

Invalid signature errors

pacman-key depends on system time. If your system clock is not synchronized, system installation/upgrade may fail with:

error: PackageName: signature from “User email@archlinux.org” is invalid error: failed to commit transaction (invalid or corrupted package (PGP signature)) Errors occurred, no packages were upgraded.

If using ntpd, correct the system time (as root) with ntpd -qg followed by hwclock -w.

Other NTP clients can be used. See time synchronization.

If correction of the system clock does not resolve the failure, try one of the following approaches:

Removing packages from cache

Some packages could be corrupted or may be unsigned, causing failure. Remove each offending package from the system cache rm /var/cache/pacman/pkg/pkgname so it gets freshly downloaded, or clear the entire cache.

Resetting all the keys

Remove or reset all the keys installed in your system by removing the /etc/pacman.d/gnupg directory (as root) and by rerunning pacman-key --init followed by pacman-key --populate to re-add the default keys.

It is not the system clock, I have reset the keys too as mentioned in the text.

sudo pacman -Sy archlinux-keyring

Nope, doesn’t work.

Try working through this FAQ:

Paste the terminal input/output into the thread as you go so we can see what is happening.

 muntasir  ~  sudo pacman -S minecraft-launcher
Deploying root access for muntasir. Password pls:
resolving dependencies…
looking for conflicting packages…

Package (1) New Version Net Change Download Size

archlinuxcn/minecraft-launcher 1:1.0.1221-3 1.61 MiB 0.50 MiB

Total Download Size: 0.50 MiB
Total Installed Size: 1.61 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages…
minecraft-launcher-1:1.0.1221-3-x… 507.9 KiB 522 KiB/s 00:01 [#####################################] 100%
(1/1) checking keys in keyring [#####################################] 100%
(1/1) checking package integrity [#####################################] 100%
error: minecraft-launcher: signature from “lilac (build machine) lilac@build.archlinuxcn.org” is unknown trust
:: File /var/cache/pacman/pkg/minecraft-launcher-1:1.0.1221-3-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Same thing happens with Do you want to delete it? [Y/n] n

It looks like you have a added a 3rd party repo.

If you are using a 3rd party repo, you need to add the keys for it.

Which is described on that repos github directly

sudo pacman -Sy && sudo pacman -S archlinuxcn-keyring

U have archlinuxcn mirrorlist?

sudo pacman -Sy && sudo pacman -S archlinuxcn-keyring

idk what that means

You added the archlinuxcn repo which is not part of Arch Linux. It is an unofficial 3rd party repo.

When you do that, you need to install the keys. One way to do that in this case is to install archlinuxcn-keyring as suggested above.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.