Hey there,
I am having some issues with the garuda Dragonized ISO (that I downloaded two days ago) while trying to install packages:
First pacman complained about there being no keyring and suggested that I could run pacman-key --init. So I ran that with sudo and it worked fine.
Now that I wanted to install a package, but ran into another problem: Everytime I try to install any package, I get an error: File xy is corrupted (invalid or corrupted package (PGP Signature)).
So my next thought was to just follow the Guide "Issues with "signature is marginal trust" or ..." by Jonathon.
Long story short: even trying to reinstall the keyring packages throws the same PGP error.
I am out of Ideas.
What is wrong here?
Thanks!
(Yes, no inxi - I don't have my forums password at hand, but the info should be just looking at other forumbposts of mine while keeping the installation ISO in mind - Sorry. (I could take a picture though lol))
Well I was able to kinda circumvent the issue by disabling the pacman pgp checks. I just wanted to install one package anyways. (Trying to debug the wayland issue)
I installed one of the daily d460nized builds (yesterday?) and needed to "Refresh Keyrings" from the Welcome icon. No problems installing anything after that. Disabling PGP checks is a very insecure way of circumventing what is written explicitly to protect you.
Solving the problem with an established, secure method is the solution. Hastiness and Linux don't mix well. sigh. But I've been in your shoes and done the same. So this is clearly a case of do what I say not what I do.
Well I was just testing something anyways so I don't care that much about disabling that security check on a live system.
I just wanted to finally get to test that.
