Have pacman problem with gpg keys when elevating pikaur privileges

rafnov commented 2 weeks ago

pikaur -Vq
Pikaur v1.30.2
Pacman v7.0.0 - libalpm v15.0.0 - pyalpm v0.10.6

Description:

I have this problem since more than 24 hours with any file I try to update with pikaur -Syu, while pacman installs them fine, without any issue.

Attached log:

[rav: ~]$ LANG=C pikaur --pikaur-debug -Syu
△  debug: main_1000: Setting stdout to utf-8...
△  debug: main_1000: already set - nothing to do
△  debug: main_1000: Setting stderr to utf-8...
△  debug: main_1000: already set - nothing to do
△  debug: main_1000: Pikaur operation found for args ['/usr/bin/pikaur', '--pikaur-debug', '-Syu']: cli_install_packages
=> sudo -- /usr/bin/pikaur --pikaur-debug -Syu --pikaur-config=/home/rav/.config/pikaur.conf --user-id=1000 --home-dir=/home/rav --xdg
-cache-home=/home/rav/.cache --xdg-config-home=/home/rav/.config --xdg-data-home=/home/rav/.local/share
△  debug: main_0: Setting stdout to utf-8...
△  debug: main_0: already set - nothing to do
△  debug: main_0: Setting stderr to utf-8...
△  debug: main_0: already set - nothing to do
△  debug: main_0: Pikaur operation found for args ['/usr/bin/pikaur', '--pikaur-debug', '-Syu', '--pikaur-config=/home/rav/.config/pik
aur.conf', '--user-id=1000', '--home-dir=/home/rav', '--xdg-cache-home=/home/rav/.cache', '--xdg-config-home=/home/rav/.config', '--xd
g-data-home=/home/rav/.local/share']: cli_install_packages
△  debug: news: init
△  debug: news: fetch_latest
=> GET https://archlinux.org/feeds/news/
=> pacman --color=always --sync --refresh
:: Synchronizing package databases...
 core is up to date
 extra is up to date
△  debug: pacman: Discarding repo cache...

△  Starting full AUR upgrade...
△  debug: install_info_fetcher: 
Gonna fetch install info for:
    install_package_names=[]
    not_found_repo_pkgs_names=[]
    pkgbuilds_packagelists={}
    manually_excluded_packages_names=[]
    skip_checkdeps_for_pkgnames=[]

Reading repository package databases...
Reading local package database...
△  debug: install_info_fetcher: Gonna get repo pkgs install info...
△  debug: pacman: Gonna get sysupgrade info...
=> pacman --color=always --sync --sysupgrade --print-format %r/%n
△  debug: install_info_fetcher: gonna get AUR pkgs install info for:
    aur_packages_versionmatchers=[]
    self.aur_updates_install_info=[]
    aur_packages_names_to_versions={}
△  debug: install_info_fetcher: found AUR pkgs:
    aur_pkg_list=[]
not found AUR pkgs:
    not_found_aur_pkgs=[]
Reading AUR packages info...
△  debug: aur_module: find_aur_packages: 0x0uploader uncached
△  debug: aur_module: find_aur_packages: adbmanager-bin uncached
△  debug: aur_module: find_aur_packages: ascii-image-converter uncached
△  debug: aur_module: find_aur_packages: colord-brightness uncached
△  debug: aur_module: find_aur_packages: dvdisaster-unofficial uncached
△  debug: aur_module: find_aur_packages: freetube-bin uncached
△  debug: aur_module: find_aur_packages: genwipe.sh uncached
△  debug: aur_module: find_aur_packages: hdaps-gl uncached
△  debug: aur_module: find_aur_packages: iwgtk uncached
△  debug: aur_module: find_aur_packages: lcdtest uncached
△  debug: aur_module: find_aur_packages: lightdm-mini-greeter uncached
△  debug: aur_module: find_aur_packages: localepurge uncached
△  debug: aur_module: find_aur_packages: moc-pulse uncached
△  debug: aur_module: find_aur_packages: obsidian-2-theme-git uncached
△  debug: aur_module: find_aur_packages: pakbak-git uncached
△  debug: aur_module: find_aur_packages: pikaur uncached
△  debug: aur_module: find_aur_packages: redshifter uncached
△  debug: aur_module: find_aur_packages: sound-theme-smooth uncached
△  debug: aur_module: find_aur_packages: spectre-meltdown-checker uncached
△  debug: aur_module: find_aur_packages: transmission-gtk3 uncached
△  debug: aur_module: find_aur_packages: uad-ng-bin uncached
△  debug: aur_module: find_aur_packages: ventoy-bin uncached
△  debug: aur_module: find_aur_packages: waterfox-bin uncached
△  debug: aur_module: find_aur_packages: web-os-dev-manager-bin uncached
△  debug: aur_module: find_aur_packages: xame uncached
△  debug: aur_module: find_aur_packages: xfce4-hdaps uncached
△  debug: aur_module: find_aur_packages: zen-browser-bin uncached
△  debug: aur_module: find_aur_packages: obsidian-2-theme uncached
△  debug: aur_module: find_aur_packages: pakbak uncached
=> GET https://aur.archlinux.org/rpc/?v=5&type=info&arg[]=0x0uploader&arg[]=adbmanager-bin&arg[]=ascii-image-converter&arg[]=colord-br
ightness&arg[]=dvdisaster-unofficial&arg[]=freetube-bin&arg[]=genwipe.sh&arg[]=hdaps-gl&arg[]=iwgtk&arg[]=lcdtest&arg[]=lightdm-mini-g
reeter&arg[]=localepurge&arg[]=moc-pulse&arg[]=obsidian-2-theme-git&arg[]=pakbak-git&arg[]=pikaur&arg[]=redshifter&arg[]=sound-theme-s
mooth&arg[]=spectre-meltdown-checker&arg[]=transmission-gtk3&arg[]=uad-ng-bin&arg[]=ventoy-bin&arg[]=waterfox-bin&arg[]=web-os-dev-man
ager-bin&arg[]=xame&arg[]=xfce4-hdaps&arg[]=zen-browser-bin&arg[]=obsidian-2-theme&arg[]=pakbak
△  debug: install_info_fetcher: get_aur_pkgs_info: aur_updates_install_info_by_name={}
△  debug: install_info_fetcher: got AUR pkgs install info: []
△  debug: aur_deps: find_aur_deps: package_names=[]
△  debug: aur_deps: find_aur_deps: result_aur_deps={}
△  debug: install_info_fetcher: get_aur_deps_info: self.aur_deps_relations={}
△  debug: install_info_fetcher: get_aur_deps_info: aur_pkgs={}
△  debug: install_info_fetcher: get_aur_deps_info: [done]
△  debug: install_info_fetcher: get_repo_deps_info: [done]
△  debug: install_info_fetcher: :: marking dependant pkgs...
△  debug: install_info_fetcher:   :: mark_dependant :: get_repo_provided...
△  debug: install_info_fetcher:   :: mark_dependant :: get local pkgs...
△  debug: install_info_fetcher:   :: mark_dependant :: all_requested_pkg_names=[]
△  debug: install_info_fetcher:   :: mark_dependant :: explicit_aur_pkg_names=[]
△  debug: install_info_fetcher:   :: mark_dependant ::  - hwdata
△  debug: install_info_fetcher:       :: mark_dependant ::    providing_for=[]
△  debug: install_info_fetcher: == marked dependant pkgs.
=> pacman --color=always --query --upgrades --quiet
=> pacman --color=always --sync hwdata linux --print-format %r/%n
△  Ignoring package update linux (6.11.2.arch1-1 => 6.11.6.arch1-1) (ignored in Pacman config)
△  debug: install_cli: self.install_info.all_install_info_containers=([<RepoInstallInfo "hwdata" 0.388-1 -> 0.389-1>], [], [], [], [],
 [], [], [])
△  debug: news: print
△  debug: news: loading date from /home/rav/.cache/pikaur/last_seen_news.dat
△  debug: news: data: Sat, 14 Sep 2024 11:40:54 +0000, parsed: 2024-09-14 11:40:54+00:00
△  debug: news: Arch News Date: 2024-09-14 11:40:54+00:00, Last-seen date: 2024-09-14 11:40:54+00:00

△  Repository package will be installed:
 hwdata                                0.388-1              -> 0.389-1

△  debug: prompt: Gonna get input from user...
△  debug: FileLock: Acquiring /tmp/pikaur_prompt_12752.lock...
△  debug: FileLock: Acquired /tmp/pikaur_prompt_12752.lock
△  debug: prompt_nolock: Restoring TTY...
△  debug: prompt_nolock: Using standard input reader...
△  Proceed with installation? [Y/n] 
△  [v]iew package details   [m]anually select packages
△  [r] show if packages are required by already installed packages
>> 
△  debug: FileLock: Releasing /tmp/pikaur_prompt_12752.lock
△  debug: FileLock: Released /tmp/pikaur_prompt_12752.lock
△  debug: prompt: No answer provided - using "Y".
△  debug: install_cli: << GET_PACKAGE_BUILD
△  debug: install_cli: self.pkgbuilds_packagelists={}
△  debug: install_cli: self.package_builds_by_name={}
△  debug: install_cli: self.package_builds_by_provides={}
△  debug: install_cli: >> GET_PACKAGE_BUILD

pikspect => pacman --color=always --sync --sysupgrade
△  debug: pikspect: Opening virtual terminal...
△  debug: pikspect: fd: 5, pid: 35732
                                     :: Starting full system upgrade...
warning: linux: ignoring package upgrade (6.11.2.arch1-1 => 6.11.6.arch1-1)
resolving dependencies...
looking for conflicting packages...
△  debug: pikspect: Found right answer to `Proceed with installation? [Y/n]`: `Y`

Packages (1) hwdata-0.389-1

Total Installed Size:  9.28 MiB
Net Upgrade Size:      0.02 MiB

:: Proceed with installation? [Y/n] Y
(1/1) checking keys in keyring                                                   [##############################################] 100%
(1/1) checking package integrity                                                 [##############################################] 100%
error: GPGME error: General error
error: hwdata: missing required signature
:: File /var/cache/pacman/pkg/hwdata-0.389-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] ^C

actionless commented 2 weeks ago

i see from the log that the last command which causing this error is:

pikspect => pacman --color=always --sync --sysupgrade

does the error persists if run that pacman command directly without pikaur?

rafnov commented 2 weeks ago

No, it finished fine. Log from translator as I run with my locale:


:: Starting full system upgrade....
warning: linux: ignoring package upgrade (6.11.2.arch1-1 => 6.11.6.arch1-1)
resolving dependencies...
looking for conflicting packages...

Packages (1) hwdata-0.389-1

To install:       9.28 MiB
Change after update:  0.02 MiB

:: Continue installation? [T/n] 
(1/1) checking keys in the database [##############################################] 100%
(1/1) checking package integrity [##############################################] 100%
(1/1) loading file list [##############################################] 100%
(1/1) checking file conflicts [##############################################] 100%
(1/1) checking available disk space [##############################################] 100%
:: Processing package changes.... 
(1/1) updating hwdata [##############################################] 100%
:: Running post-transaction...
(1/1) Arming ConditionNeedsUpdate...```

actionless commented 2 weeks ago

this doesn't make any sense

and what happens if you run it again in the pikaur?

rafnov commented 2 weeks ago

GPGME error again:

:: Retrieving packages...
 curl-8.11.0-1-x86_64                               1136.8 KiB  1612 KiB/s 00:01 [##############################################] 100%
 libheif-1.19.2-1-x86_64                             516.6 KiB  2.29 MiB/s 00:00 [##############################################] 100%
 gpgme-1.24.0-1-x86_64                               462.2 KiB  2010 KiB/s 00:00 [##############################################] 100%
 Total (3/3)                                           2.1 MiB  1590 KiB/s 00:01 [##############################################] 100%
(3/3) checking keys in keyring                                                   [##############################################] 100%
(3/3) checking package integrity                                                 [##############################################] 100%
error: GPGME error: General error
error: GPGME error: General error
error: GPGME error: General error
error: curl: missing required signature
:: File /var/cache/pacman/pkg/curl-8.11.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: gpgme: missing required signature
:: File /var/cache/pacman/pkg/gpgme-1.24.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: libheif: missing required signature
:: File /var/cache/pacman/pkg/libheif-1.19.2-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

Again pacman upgraded those packages successfully. Maybe that was something wrong with gpgme? I will check again later as now it says "there is nothing to do".

actionless commented 2 weeks ago

then make sure you don't have this option set in pikaur's config:

https://github.com/actionless/pikaur?tab=readme-ov-file#gpgdir-default--root-default-etcpacmandgnupg

(or better try with the empty config, so it would just use defaults)

rafnov commented 2 weeks ago

That one is not set in ~/.config/pikaur.conf. https://0x0.st/XDp4.conf

rafnov commented 2 days ago

@actionless , what more info do you need? The problem persists. Pikaur never bothered me about missing keys before. On the other hand: it always warned working on root account - now it does not. Pikaur just calls pacman and elevates priviledges when needed, right? So what do I miss? I can install package fine on root account with pikaur, I can't via user account.

actionless commented 1 day ago

since you have close-to-default pikaur config, and the problem not happens in general with default arch setup but happens to you during privilege escalation only - then some of your custom settings (for example related to gpg keys, pacman or smth else in the middle) is not passing correctly during user escalation:

mb it's this thing: https://github.com/actionless/pikaur?tab=readme-ov-file#preserveenv-default-pkgdestvisualeditorhttp_proxyhttps_proxyftp_proxyhttp_proxyhttps_proxyftp_proxyall_proxy

mb smth else, but the only way to figure it out - you could try running up a docker container or VM with a clean arch install - and next porting there you setting there one by one until it breaks

actionless / pikaur

Have pacman problem with gpg keys when elevating pikaur privileges #847

Description:

Attached log: