Mugshot, key is unknown

I have been trying to do a complete system update/upgrade but keep getting the following error message:

 error: mugshot: key "BFB13EA507EFDADB64A944813A40CB5E7E5CBC30" is unknown
:: Import PGP key BFB13EA507EFDADB64A944813A40CB5E7E5CBC30? [Y/n] n
:: File /var/cache/pacman/pkg/mugshot-0.4.3-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

I have tried to delete and keep PGP key and keep getting the same error. Any ideas how to resolve this?


Fixed output SGS :slight_smile:

Read next post

You must delete Y

:arrow_down:

You have to agree (Y) to import PGP key.
Or run pacman-key --refresh-keys.
Read more

2 Likes

If none of that works and the file is truly corrupted you can always try deleting the file manually from your package cache using the terminal as sudo (or use pacman's --overwrite option).

I have tried Y and N and neither solved the issue before posting this issue. It's more likely a corrupted package. I understand that there was an issue with chaotic AUR and am wondering if this could be an issue due to the need to rebuild chaotic AUR. I'm pretty experienced with Arch Linux, but it seems that this issue is something I haven't run into in a very long time.

I have done the following to be sure, but:
gpg --receive-keys BFB13EA507EFDADB64A944813A40CB5E7E5CBC30

gpg: keybox '/home/sevenday4/.gnupg/pubring.kbx' created
gpg: keyserver receive failed: General error

sudo pacman-key --populate archlinux
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...

sudo pacman-key -r BFB13EA507EFDADB64A944813A40CB5E7E5CBC30
gpg: keyserver receive failed: General error
==> ERROR: Remote key not fetched correctly from keyserver.

Also, not sure which package is the culprit at the moment and will investigate and post the results of my find in a bit.

Okay, this is what I did to correct the issue with 'supposed' corrupt key:

sudo pacman-key --refresh-keys
sudo pacman -Sy archlinux-keyring && pacman -Su

There were several packages that wouldn't update and in the end this is what I got:

error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded

Have you tried changing your mirrors to say Germany or the US.

Yes I did change my mirrors to US. Maybe, I should add Canada as well since it's fairly close by.

Usually the US servers are faster than Canada, but I usually use both.

Then you should try the full reset method, as suggested in the link.

1 Like

The issue is with the package called mugshot. So I'm going to remove it and see what happens. I will also leave message to the developer, if there's no resolve, about this issue.

Since there are no other users with the same report, I doubt it's something that needs to be reported to the dev.
It seems a keyring/signature issue and it seems to exist in your system.
Let's see what happens...

1 Like

Yes, I agree that it is an isolated case. But, I still cannot resolve the Key issue. I'm going to roam Google and see if there's a fix that someone else found.

I had to re-install Garuda since I really broke it. I now have US, Canada, and Germany with the same issue.

Did you try all advice?
Did you delete the package?
Did you reset PGP keys?
What? Please inform us about what are the results of what is advised, if you want help. Don't make us feel abandoned. We'll start crying!!... :sob:

1 Like

pacman-key --list-sigs Campos

pub rsa2048 2018-10-20 [SC]
EF925EA60F33D0CB85C44AD13056513887B78AEB
uid [ full ] Pedro Henrique Lara Campos [email protected]
sig 3 3056513887B78AEB 2018-10-20 Pedro Henrique Lara Campos [email protected]
sig L 1BFDC9677BE3F874 2020-09-12 Pacman Keyring Master Key [email protected]
sub rsa2048 2020-07-14 [S]
sig 3056513887B78AEB 2020-07-14 Pedro Henrique Lara Campos [email protected]
sub rsa2048 2018-10-20 [E]
sig 3056513887B78AEB 2018-10-20 Pedro Henrique Lara Campos [email protected]

But I don.t see: BFB13EA507EFDADB64A944813A40CB5E7E5CBC30 even after importing this key.

Yes I did delete mugshot but still received the same error. I also tried reinstalling archlinux-keyring with the same results.

Don't worry, I won.t abandon you. I have Arch vanilla on my machine and didn't have this kind of issue. I want to try to solve this and the more brains that works in solving this issue the better.

Install chaotic-keyring

4 Likes

Thank you friend! I didn't know the name of the keyring so I tried garuda-keyring and of course that didn't exist. I knew that the ChaoticAUR was being rebuilt and wasn't sure that this was going to be resolved until it was done.

Thank you @tbg and @petsam for your inputs. I know what it's like to be an administrator, was one with another distro.

3 Likes

I found the solution. I hate to drag this up but I had the same problem. You just need to remove whoogle and the it all works