On Fri, Apr 4, 2014 at 11:52 AM, Thomas Bächler <thomas@xxxxxxxxxxxxx> wrote: > Am 04.04.2014 11:40, schrieb Carsten Mattner: >> Same problem if I try to downgrade readline and bash >> >> :: File /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz is >> corrupted (invalid or corrupted package (PGP signature)). >> Do you want to delete it? [Y/n] n >> error: bash: missing required signature >> :: File /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz is >> corrupted (invalid or corrupted package (PGP signature)). > > Use pacman -U to downgrade readline+bash from your cache (this skips > signature verification by default). You may even have to log out and in > again. > > If you are paranoid, verify both packages with pacman-key -v before > installing them (I think that one should still work, as opposed to > pacman+gpgme). pacman-key -v bash-4.3-3-x86_64.pkg.tar.xz ==> Checking bash-4.3-3-x86_64.pkg.tar.xz ... gpg: symbol lookup error: /usr/lib/libreadline.so.6: undefined symbol: UP ==> ERROR: The signature identified by bash-4.3-3-x86_64.pkg.tar.xz could not be verified. sha256sum bash-4.3-3-x86_64.pkg.tar.xz c02d4486ffd345b83868afa5f8ff61ac720e96559ac1b8bb84051625401364c0 sha256sum readline-6.3-3-x86_64.pkg.tar.xz fc31861827cc94578ae69158312e605d2ffb26f1658e47406659f75f2bcc7196 Wouldn't it be great if I could check the file checksum of bash at https://www.archlinux.org/packages/core/x86_64/bash/? Can you at least confirm the checksums to be the same on your machine?
