Unknown Trust issue blocking updates

So I cloned my HD to a new larger HD, and after 2 months the new HD failed, so I restored the old one. However as a result, I’m getting the standard “Signature from X is unknown trust” issue when I try to do an update. The standard resolution to this is to install the endeavouros-keyring package. That too failed for the same reason and so I had to use the procedure documented at

of changing the SigLevel to Never to install it, and then changing it back to PackageRequired afterwards. That works, but it doesn’t resolve the issue with trying to update the rest of the system as it just gives the same unknown trust error for every package. Neither does using the command

sudo pacman -U /var/cache/pacman/pkg/{archlinux,endeavouros}-keyring*.pkg.tar.zst

that produces the error

loading packages...
error: '/var/cache/pacman/pkg/archlinux-keyring-20230821-2-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20230918-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20231017-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20231107-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20231113-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20231130-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20231222-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240208-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240313-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240429-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240520-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240609-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
error: '/var/cache/pacman/pkg/archlinux-keyring-20240709-1-any.pkg.tar.zst': invalid or corrupted package (PGP signature)
warning: endeavouros-keyring-20231222-1 is up to date -- reinstalling

Any way to rescue this, or is it just best to do a reinstall?

You should be able to correct this issue. You may have to remove the cache and try again as it shows corrupted packages. I would definitely update the mirrors as well before trying again.

So I deleted the archlinux keyring files from the cache, updated the mirrors, and reinstalled the endeavouros-keyring package again (didn’t require changing the SigLevel this time) but I still get the same unknown trust issue when I do a pacman -Syu

Have you looked at the wiki here?

https://discovery.endeavouros.com/signature-and-keyring/pacman-keyring-issues/2021/03/

1 Like

Ok, clearing out the keyring and starting from scratch seems to have fixed it. Thank you for the fix.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.