I3wm installation problems: "endeavouros-skel-i3wm... is unknown trust"

Wasup, guys. First topic here!

I chose EndeavorOS as my primary distro (i’m dual-booting). It’s actually the first time for me using an Arch-based distro so I’m not really familiar with pacman and its errors.

The problem is as follows:

I’ve been trying to install the i3 version of EndeavourOS all day long but I kept getting an package manager error, something like “Error Code 1” (which seems to be troubling other users out there, but no solution worked for me and I tried a lot of procedures actually…). But that’s ok, I forgot about it and tried to install Endeavour through the offline installation. It ran flawlessly. So, my idea from there was to install this offline Xfce version and then installing i3wm from it. So, I then followed the Endeavor Team’s tutorial in GitHub. All worked fine 'till the last line: sudo pacman -S --needed - < i3. It gave me an error. Something about the “xbindkeys” package being corrupted. So, then I searched for solutions. There where some people that were having problems updating their packages showing up with the same kind of problem and the solution was to update the package signing keys. I tried some commands to “force” these updates as far as I was comfortable doing and eventually the error was solved! But then… another error of the same kind appeared:

error: endeavouros-skel-i3wm: signature from "EndeavourOS <info@endeavouros.com>" is unknown trust
:: File /var/cache/pacman/pkg/endeavouros-skel-i3wm-3.26-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

So, this seems to be directly associated with the OS Team? Is it a personal error of my machine or is there a chance of being a external problem? I actually found an user with a similar problem (regarding unknown/marginal trust) that tried the same process of installation (not related to EndeavourOS) few days later and it was all solved!? This made me think if something needs to be updated for me and others to be able to run this command. And might this be the motive of the failure of the online installation I tried early this day? I actually tried to install the Qtile community edition first today and everything worked well (as far as I understood) but I just wasn’t able to install i3 in either way.

If this is a nooby question, I’m sorry… I chose this distro because I know that it is passionately devoted to its community and I hope that my problems may enrich this forum some way…

Thanks!

2 Likes

update your keyring:

pacman -Sy archlinux-keyring && pacman -Su

https://discovery.endeavouros.com/signature-and-keyring/pacman-keyring-issues/2021/03/

Edit: @ruben.bat1sta welcome to the purple universe :enos_flag: :enos: :penguin_face: :rocketa_purple:

2 Likes

hei welcome here at the :purple_square: side…
I know not easy to provide needed logs if you are not used to doing such.
https://discovery.endeavouros.com/forum-log-tool-options/how-to-include-systemlogs-in-your-post/2021/03/
There is currently no known issue installing i3 with the latest ISO.

The info i get out of your post say me that it could be you installed offline and try to install i3 without updating the system before?
As pacman/archlinux do not support partly updates… so if some packages needs updates it will cause issues installing other new packages.

Before any new package install you need to make sure the system and database of packages is up to date. use the button from welcome screen or run yay in a terminal.

in this case it will need the endeavouros-keyring too:

sudo pacman -Sy archlinux-keyring endeavouros-keyring && sudo pacman -Su

1 Like
signature from "EndeavourOS <info@endeavouros.com>"

That’s right, I overlooked that it comes from the EnOS repo

So, by updating the archlinux-keyring alone I got the same error regarding endeavour keyring again and the “xbindkeys” error came back xD:

[details="Summary"]
error: endeavouros-skel-i3wm: signature from "EndeavourOS <info@endeavouros.com>" is unknown trust
:: File /var/cache/pacman/pkg/endeavouros-skel-i3wm-3.26-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: xbindkeys: signature from "Konstantin Gizdov <arch@kge.pw>" is marginal trust
:: File /var/cache/pacman/pkg/xbindkeys-1.8.7-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
[/details]

I tried the “endeavouros-keyring” as @joekamprad stated but same thing showed up:

[details="Summary"]
[rubenpb@ruben-endeavour endeavouros-i3wm-setup]$ sudo pacman -Sy archlinux-keyring endeavouros-keyring && sudo pacman -Su
[sudo] password for rubenpb: 
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
 endeavouros is up to date
warning: archlinux-keyring-20220713-1 is up to date -- reinstalling
warning: endeavouros-keyring-20220614-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Package (2)                      Old Version  New Version  Net Change  Download Size

core/archlinux-keyring           20220713-1   20220713-1     0.00 MiB               
endeavouros/endeavouros-keyring  20220614-1   20220614-1     0.00 MiB       0.02 MiB

Total Download Size:   0.02 MiB
Total Installed Size:  1.54 MiB
Net Upgrade Size:      0.00 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
 endeavouros-keyring-2...    19.7 KiB  25.7 KiB/s 00:01 [------------------------------] 100%
(2/2) checking keys in keyring                          [------------------------------] 100%
(2/2) checking package integrity                        [------------------------------] 100%
error: endeavouros-keyring: signature from "EndeavourOS <info@endeavouros.com>" is unknown trust
[/details]

And, responding fully to @joekamprad, my system seems to be totally updated…:

[details="Summary"]
[rubenpb@ruben-endeavour ~]$ yay
[sudo] password for rubenpb: 
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
 endeavouros is up to date
:: Starting full system upgrade...
 there is nothing to do
:: Searching databases for updates...
:: Searching AUR for updates...
 there is nothing to do
[/details]

I was able to install the above package without any problems, which means that the problem is with your computer.

try the following commands from the link I posted above:

Only EndeavourOS packages failed with key error:

There are also some harder ways if nothing helps:

sudo pacman-key --add /usr/share/pacman/keyrings/endeavouros.gpg 
sudo pacman-key --lsign-key 497AF50C92AD2384C56E1ACA003DB8B0CB23504F
sudo pacman-key --populate
sudo pacman-key --refresh-keys
sudo pacman -Syy

This will recopy EndeavourOS key back into pacmans keyring.

https://discovery.endeavouros.com/signature-and-keyring/pacman-keyring-issues/2021/03/

if none of that helps then follow @joekamprad recommendations about system logs etc. we would then need more information to be able to help.

2 Likes

So, I think I’ve made it! Let’s go through the process…

Early today I tried to install it on a virtual machine in another computer just to see if the story repeated itself. And it did. The same error that appeared at the manual-post-offline-installation occurred during the online installation on another machine:

[details="Summary"]
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "Total Download Size:      0.02 MiB" 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "Total Installed Size:  1989.72 MiB" 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "" 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: ":: Proceed with installation? [Y/n]" 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: ":: Retrieving packages..." 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "xbindkeys-1.8.7-2-x86_64 downloading..." 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "checking keyring..." 
2022-07-15 - 09:54:00 [6]: [PYTHON JOB]: "checking package integrity..." 
2022-07-15 - 09:54:05 [6]: QML Component (default slideshow) Next slide
2022-07-15 - 09:54:18 [6]: [PYTHON JOB]: "error: xbindkeys: signature from \"Konstantin Gizdov <arch@kge.pw>\" is marginal trust" 
2022-07-15 - 09:54:18 [6]: [PYTHON JOB]: ":: File /var/cache/pacman/pkg/xbindkeys-1.8.7-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature))." 
2022-07-15 - 09:54:18 [6]: [PYTHON JOB]: "Do you want to delete it? [Y/n] error: failed to commit transaction (invalid or corrupted package)"
[/details] 

Full logs here.

This made me think that something was really going on with this package. The other day I was able to do an online installation of i3 EndeavourOS on another machine of mine under the same network and all went flawlessly so this made me think that from then to now something happened with the package that I wasn’t able to correct all by myself… Also, today, another user ran into the same error in the Arch Forum regarding the “xbindkeys package”, so that gave me another reason to think this was not my problem.

Then, I followed @jonathon FAQ entry on signature errors which actually partially solved my problem with the xbindkeys package yesterday but today it wasn’t working for some reason… But he wrote a beautiful post where he explained how the keyserver might need to be changed (to e,g, “pgp.,mit.edu”, “keyserver.ubuntu.com”, etc.) and refreshed and that really helps a lot of people out there, but wasn’t working for me. But then I decided to follow your latter instructions, @pycrk. I ran your commands thinking that they would probably solve the endeavouros package, but I still needed to solve the xbindkeys one. So I decided to run pacman-key --list-keys 'arch@kge.pw' to see the keys associated to it and I used the “–lsign-key” command with the keys that the “–list-keys” command gave me. I don’t know if this is safe really, but if your installation process requires that package from that address I would assume it is safe(?). Anyways… I did it and it worked like a charm! I will leave the commands that I used in order bellow:

sudo pacman-key --add /usr/share/pacman/keyrings/endeavouros.gpg 
sudo pacman-key --lsign-key 497AF50C92AD2384C56E1ACA003DB8B0CB23504F
sudo pacman-key --populate
sudo pacman-key --refresh-keys
sudo pacman -Syy

>Then i wrote:

sudo pacman-key --lsign-key 4BE61D684CB4E31741614E7089AA27231C530226
sudo pacman-key --lsign-key 0A9DDABB64B993D82AD45E4F32EAB0A976938292

>These are the two keys that showed to me at "pacman-key --list-keys 'arch@kge.pw'"

sudo pacman-key --populate
sudo pacman-key --refresh-keys
sudo pacman -Syy

[If you want to know the full diagnosis of the problem read the whole thread]

Thanks for your help guys. Can you let me know If i made the right decisions commandwise?

Also, sorry if I’m not formatting the post text right. This “Summary” thing, isn’t hiding anything is it? Still need to check up the tutorials about the posts (it’s also my first time writing in a real forum lol).

1 Like

it could be that this one developer was updating his key… but as you had the issue multiple times… it is strange… could be this one key was somehow wrong. I just uninstall this package and install fresh from the mirror and it does not give errors… Will check ISO install no…
We do update all keys before starting install already

    Starting job "initialize pacman ... ranking mirrors ... copy pacman mirrorlist and keyring to target ..." ( 12 / 42 ) 
2022-07-15 - 09:47:43 [6]:     .. Running ("/bin/sh", "-c", "pacman -Sy --noconfirm archlinux-keyring endeavouros-keyring") 
2022-07-15 - 09:47:55 [6]:     .. Running ("/bin/sh", "-c", "chmod +x /etc/calamares/scripts/create-pacman-keyring") 
2022-07-15 - 09:47:55 [6]:     .. Running ("/bin/sh", "-c", "bash /etc/calamares/scripts/create-pacman-keyring") 
2022-07-15 - 09:47:58 [6]:     .. Running ("/bin/sh", "-c", "bash /etc/calamares/scripts/update-mirrorlist") 
2022-07-15 - 09:48:06 [6]: QML Component (default slideshow) Next slide
2022-07-15 - 09:48:27 [6]:     .. Running ("/bin/sh", "-c", "cp /etc/pacman.d/mirrorlist /tmp/calamares-root-f3p61d59/etc/pacman.d/") 
2022-07-15 - 09:48:27 [6]:     .. Running ("/bin/sh", "-c", "cp -a /etc/pacman.d/gnupg /tmp/calamares-root-f3p61d59/etc/pacman.d/") 
2022-07-15 - 09:48:27 [6]:     .. Running ("/bin/sh", "-c", "cp /etc/resolv.conf /tmp/calamares-root-f3p61d59/etc/") 
2022-07-15 - 09:48:27 [6]: virtual void Calamares::JobThread::run()
    Starting job "pacstrap" ( 13 / 42 ) 

so may we have some kind of mess inside the process that causes this… but I have no clue currently :wink:

But I see this:
https://bbs.archlinux.org/viewtopic.php?pid=2046357#p2046357

So some would verify my logical thinking… as it is only one package… it is nothing generally wrong with the keys… and I see the key failing is not new created or changed currently.

3 Likes

so just see i can still replicate the issue here.

The workaround is to untag the package from the packages list here:

2022-07-15_14-57
2022-07-15_14-58

We will check if this will get solved soon or we will go to provide a HotFix.

4 Likes

Thanks! Hope it gets solved soon! I guess there’s no problem If I stay with my fix? I kinda forced the installation of the package it seems… If there really is a bug and the package needs an update will I be able to install it automatically later using pacman?

Your workaround probably works fine, but isn’t “xbindkeys” important?

i am not really sure what for we need the package at the moment… it has no deps at all could be needed for some scripts from i3 I think.
It is only optional and will not cause all over issue with i3 if not installed.

1 Like

Ok, thanks for the info!

added a BUG report as no one does it…

3 Likes

should be solved by now .

3 Likes