Open astro-angelfish opened 3 weeks ago
https://wiki.archlinux.org/title/Pacman/Package_signing#Removing_packages_from_cache
I guess I've already tried sudo pacman -Scc
and confirmed the removal when pacman notifies me before redownloaded for a few times. Finally I had to install each category individually and figured out broken packages with empty dependency.
Tools in BlackArch always requires me to build from rubygem or pypi but I'm in a restricted network and power supply will shut down each night in my dormitory. It is really painful when installing BlackArch. It just made me more suffering when got hit by these broken packages. So I also highly suggest complete prebuilt packages in BlackArch.
Some of these tools have dependencies which would conflict with system libraries. That’s the reason they require isolated installation. This is in line with arch Linux packaging guidelines.
BTW I can’t reproduce your issue with empty dependencies on an up to date system. I can confirm the corruption for stegolego though.
It is not recommended to install all tools at once and should be in any of our guides anymore. Where did you find the command?
Some of these tools have dependencies which would conflict with system libraries. That’s the reason they require isolated installation. This is in line with arch Linux packaging guidelines.
BTW I can’t reproduce your issue with empty dependencies on an up to date system. I can confirm the corruption for stegolego though.
It is not recommended to install all tools at once and should be in any of our guides anymore. Where did you find the command?
stegolego
is an example in my memory and I've noticed that there are multiple (for about 4 to 5? I guess) packages that contain empty depend
entry. But I'm sorry that I've already forgot their names. They are just aborting the whole installation and bring up other false positives of corruption detection.
I've also noticed that there are false positives when getting some other innocent BlackArch packages installed. But it could be easily fixed by separating them. I don't know whether it is a problem with pacman since I did not found enough document for the problem.
I got that on legacy website and it burnt into my memory. I did not check the newer installation guide because it worked for a long time and I always do that before I sleep when I was at home.
I guess some packages like pypi packages would use virtualenv to make an isolated environment and could be prebuilt into the package archive than building them in post installation hooks to reduce building time on installation. I think I should do some experiments first and could bring up some PRs if my assumptions are correct.
I got that on legacy website and it burnt into my memory. I did not check the newer installation guide because it worked for a long time and I always do that before I sleep when I was at home.
It's more likely to break during install the more tools are added as there might be conflicts between them. How often do you recreate your blackarch environment?
I guess some packages like pypi packages would use virtualenv to make an isolated environment and could be prebuilt into the package archive than building them in post installation hooks to reduce building time on installation. I think I should do some experiments first and could bring up some PRs if my assumptions are correct.
This would blow up package size. As installing all tools at once isn't recommended anyways the build times shouldn't be that big of an issue. If you want to have all tools available, you could also go with the ova, without installing them all, just updating.
It's more likely to break during install the more tools are added as there might be conflicts between them. How often do you recreate your blackarch environment?
Not very often. I just decided to recreate my environment because I've encountered other issues that are not related to blackarch on my laptop and I'm too lazy to inspect and resolve them (and they seem to be hard to resolve). Last time I recreate my environment before this incident is for about one or two years ago.
This would blow up package size. As installing all tools at once isn't recommended anyways the build times shouldn't be that big of an issue. If you want to have all tools available, you could also go with the ova, without installing them all, just updating.
Thanks for letting me know about ova images. I'll figure out how to use them to get tools on the top of Arch Linux later.
Anyways, this issue could be closed at the time the packages with bad entries are all fixed.
Anyways, this issue could be closed at the time the packages with bad entries are all fixed.
As I said before, I can't reproduce your empty dependency related issue.
Anyways, this issue could be closed at the time the packages with bad entries are all fixed.
As I said before, I can't reproduce your empty dependency related issue.
I wonder if there is anything wrong on my side
Here is my output of stegolego
, with commands I've issued and pacman version. And I also tried pacman -Sy stegolego
but just got the same error.
This is my /etc/pacman.conf
Bug description
Some tool package may contain empty
depend =
entry, causing pacman complains about corrupted packages and refuses to install for me.I've found
stegolego
package has the bad entry and I remember I've also corrected other broken packages.Steps to reproduce
strap.sh
on a fresh arch installpacman -S blackarch
on rootActual result: Describe here what happens after you run the steps above (i.e. the buggy behaviour)
Trying to focus on the single package:
Trying to install the whole group, causing pacman reports false corruptions:
Expected result: Describe here what should happen after you run the steps above (i.e. what would be the correct behaviour)
Screenshots
Info for developers
Device: Hasee TX6-CU5DS with 16GB memory. GNU/Linux distribution: Arch Linux Tool version: stegolego-8.85354f6-3
Link to debug log
They can't even be correctly installed. No log available.