search

wslutilities / wslu

A collection of utilities for Windows Subsystem for Linux
https://wslutiliti.es/wslu
GNU General Public License v3.0
3.44k stars 155 forks source link

Arch keyring package signing key has expired #278

Closed BMurri closed 1 year ago

BMurri commented 1 year ago

Windows Version

Windows 11

Windows Build Number

22621

WSL Version

WSL 2

Distro Version

ManjaroLinux 23.0.0

WSL Utilities Version

unknown

Describe the bug

The WSL Utilities Package Signing Key <contact@wslutiliti.es> signing key has expired.

Steps to Reproduce

  1. Go to terminal
  2. Type sudo pacman -Syu followed by the Enter key
  3. Type the password requested by sudo

  4. See the following error message x2 followed by the subsequent error message

    error: wslutilities: signature from "WSL Utilities Package Signing Key contact@wslutiliti.es" is unknown trust error: failed to synchronize all databases (invalid or corrupted database (PGP signature))

Expected behavior

updating the packages on my system would succeed.

Additional context

running pacman-key -l produces the following:

pub rsa4096 2021-06-12 [SC] [expired: 2023-06-12] B9BBB9AFF017C6F638DEF280A2861ABFD897DD37 uid [ expired] WSL Utilities Package Signing Key contact@wslutiliti.es

Code of Conduct

dan-m8t commented 1 year ago

As a temporary workaround you can disable the wslutilities repo in /etc/pacman.conf

#[wslutilities]
#Server = https://pkg.wslutiliti.es/arch/

afaik there are not that often updates to packages from that repo, correct me if I am wrong but I need pacman working.

patrick330602 commented 1 year ago

Thanks for the report, I will update it tonight.

bobby4k commented 1 year ago

As temporary

sudo vim /etc/pacman.conf

SigLevel = Never
#LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required
patrick330602 commented 1 year ago

The key for the Arch Linux is updated.

You should do the following as root:

pacman-key -d A2861ABFD897DD37

#download the new key
wget https://pkg.wslutiliti.es/public.key
pacman-key --add public.key

#locally sign the new key
pacman-key --lsign-key 2D4C887EB08424F157151C493DD50AA7E055D853

NOTE: This will also affect Debian related builds. I will try to update that tomorrow since it's already 3am in the morning.

BMurri commented 1 year ago

@patrick330602 Thank you

willgladstone commented 1 year ago

Thanks @patrick330602 for getting to this so fast. Will you let us know when the debian builds are updated?

patrick330602 commented 1 year ago

Thanks @patrick330602 for getting to this so fast. Will you let us know when the debian builds are updated?

@willgladstone yep, I will also post updates on Mastodon at https://fosstodon.org/@wslutilities, on Twitter at https://twitter.com/wslutilities and directly on Blog at https://blog.wslutiliti.es

patrick330602 commented 1 year ago

Debian and Kali builds are also updated: https://blog.wslutiliti.es/2023/06/16/key-update/index.html