On Tue, 6 Nov 2012 14:02:23 -0500 Dave Reisner <d@xxxxxxxxxxxxxx> wrote: > On Tue, Nov 06, 2012 at 01:50:01PM -0500, David Rosenstrauch wrote: > > Saw these errors from pacman today, which are preventing me from > > upgrading some packages: > > > > error: directfb: signature from "Eric Belanger <eric@xxxxxxxxxxxxx>" > > is invalid > > error: xmms2: signature from "Sergej Pupykin <arch@xxxxxxxxxxxx>" is > > invalid error: failed to commit transaction (invalid or corrupted package > > (PGP signature)) > > > > Anyone have an idea what's up? > > > > DR > > Nuke the packages from your cache, and redownload them. The error > message is misleading -- the signatures are invalid FOR the packages, > meaning the package data is not what the signature "expected". > > The situation is much improved come pacman 4.1 -- we'll just prompt you > to delete the package, much like we did historically when a package > failed checksums. > > d A bit OT, but anyway... Are there any plans for actually storing *.sig files in the cache alongside the packages? This costs a tiny amount of space, but IMHO will make verification (especially of old packages) much easier. -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Attachment:
signature.asc
Description: PGP signature
