Home Arch Linux How To Fix “invalid or corrupted package (PGP signature)” Error In Arch Linux

How To Fix “invalid or corrupted package (PGP signature)” Error In Arch Linux

By sk
Published: Last Updated on 132.2K views

This brief guide describes how to fix invalid or corrupted package (PGP signature) error in Arch Linux and its variants like EndeavourOS and Manjaro Linux.

Introduction

The other day I encountered with the following error when I tried to upgrade my Arch Linux system using command 'sudo pacman -Syu':

[...]
:: File /var/cache/pacman/pkg/libpsl-0.16.1-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

Then, I ran 'sudo pacman -Syyu' command, but still no luck. I kept getting the same error every time.

After a bit of search on Google and Arch Linux forums, I found that there are new keys in the archlinux-keyring package.

Fix "invalid or corrupted package (PGP signature)" error in Arch Linux

To solve "invalid or corrupted package (PGP signature)" error in Arch Linux, we need to update the archlinux-keyring package.

To do so, run:

$ sudo pacman -S archlinux-keyring

Sample output:

resolving dependencies...
looking for conflicting packages...

Packages (1) archlinux-keyring-20170104-1

Total Installed Size: 0.81 MiB
Net Upgrade Size: 0.04 MiB

:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring [######################] 100%
(1/1) checking package integrity [######################] 100%
(1/1) loading package files [######################] 100%
(1/1) checking for file conflicts [######################] 100%
(1/1) checking available disk space [######################] 100%
:: Processing package changes...
(1/1) upgrading archlinux-keyring [######################] 100%
==> Appending keys from archlinux.gpg...
gpg: marginals needed: 3 completes needed: 1 trust model: PGP
gpg: depth: 0 valid: 1 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 6 signed: 69 trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2 valid: 69 signed: 7 trust: 69-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2017-09-07
==> Locally signing trusted keys in keyring...
 -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
 -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
 -> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
 -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
 -> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
 -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
 -> Disabling key F5A361A3A13554B85E57DDDAAF7EF7873CFD4BB6...
 -> Disabling key 7FA647CD89891DEDC060287BB9113D1ED21E1A55...
 -> Disabling key D4DE5ABDE2A7287644EAC7E36D1A9E70E19DAA50...
 -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
 -> Disabling key 9515D8A8EAB88E49BB65EDBCE6B456CAF15447D5...
 -> Disabling key 4A8B17E20B88ACA61860009B5CED81B7C2E5C0D2...
 -> Disabling key 63F395DE2D6398BBE458F281F2DBB4931985A992...
 -> Disabling key 0B20CA1931F5DA3A70D0F8D2EA6836E1AB441196...
 -> Disabling key 8F76BEEA0289F9E1D3E229C05F946DED983D4366...
 -> Disabling key 66BD74A036D522F51DD70A3C7F2A16726521E06D...
 -> Disabling key 81D7F8241DB38BC759C80FCE3A726C6170E80477...
 -> Disabling key E7210A59715F6940CF9A4E36A001876699AD6E84...
==> Updating trust database...
gpg: next trustdb check due at 2017-09-07

The above command will update the new keys and disable the revoked keys in your Arch Linux system.

Again, I tried to upgrade my Arch Linux using command:

$ sudo pacman -Syu

This time the upgrade process went well without any issues.

You May Also Like

22 comments

Anonymous July 31, 2019 - 9:22 am

Thanks Man…

Reply
longhairhippy August 15, 2019 - 10:58 am

Seriously helpful! Thank you!

Reply
B March 9, 2022 - 3:31 am

THANK YOU. My Arch system was doing this for TWO MONTHS and I just finally fixed it with this! 😀

Reply
Janko April 29, 2022 - 2:22 pm

Working in 2022 for EndeavourOS as well, thank you a lot!

Reply
Teagan May 30, 2022 - 11:46 pm

I couldn’t update it because of the missing\corrupted key

Reply
Doria July 24, 2022 - 12:12 pm

After 1 hour trying different solutions for this problem I found this one and it worked! Updating the keyring did the trick for me.
Thanks a lot!

Reply
sk July 24, 2022 - 1:20 pm

Glad it worked out for you. Happy to help.

Reply
Kgb August 5, 2022 - 1:13 am

Thanks

Reply
kapil October 28, 2022 - 8:43 pm

Thank you very much

Reply
eisGeist December 22, 2022 - 12:51 pm

Dear SK, thank you so much!
I’m a Arch Linux newbee and your post solved the issue keeping me from successfully update my linux box.
Cheers!

Reply
Urias December 23, 2022 - 4:35 am

You saved my day. I was having troubles installing python-docutils before I could compile a Wps Office package.

Reply
1 2

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More