Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import PGP key 5F944B027F7FE2091985AA2EFA11531AA0AA7F57? [Y/n] #2591

Closed
al-cheb opened this issue Jul 29, 2021 · 7 comments
Closed

Import PGP key 5F944B027F7FE2091985AA2EFA11531AA0AA7F57? [Y/n] #2591

al-cheb opened this issue Jul 29, 2021 · 7 comments

Comments

@al-cheb
Copy link

al-cheb commented Jul 29, 2021
edited
Loading

Describe the issue

Using the latest version of msys2(msys2-base-x86_64-20210725.tar.xz) time to time on a clean vm I get the error :: Import PGP key 5F944B027F7FE2091985AA2EFA11531AA0AA7F57? [Y/n] and command bash pacman-key --list-keys always returns empty output. I can't reproduce the same issue on the previous msys2-base-x86_64-20210604.tar.xz version.

[Failed] Import PGP key 5F944B027F7FE2091985AA2EFA11531AA0AA7F57? 
Starting msys2 download using msys2-base-x86_64-20210725.tar.xz
Downloading package from: https://github.com/msys2/msys2-installer/releases/download/2021-07-25/msys2-base-x86_64-20210725.tar.xz to path C:\Users\RUNNER~1\AppData\Local\Temp\msys2-base-x86_64-20210725.tar.xz .
Finished download
Starting msys2 extraction

---------------------------------------- bash pacman-key --init
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: key 50A69C8B781885DA marked as ultimately trusted
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/FEA79273C47960179C9675F050A69C8B781885DA.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
bash pacman-key --populate msys2
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   1  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   1  signed:   6  trust: 1-, 0q, 0n, 0m, 0f, 0u
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   2  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   2  signed:   6  trust: 2-, 0q, 0n, 0m, 0f, 0u
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   3  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   3  signed:   8  trust: 3-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   4  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   4  signed:   8  trust: 4-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   5  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   5  signed:   7  trust: 5-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
-> Locally signed 6 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
/usr/bin/pacman-key: line 208: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   6  signed:   6  trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
-> Disabled 1 keys.
==> Updating trust database...
gpg: next trustdb check due at 2022-01-23
bash pacman-key --list-keys

---------------------------------------- pacman --noconfirm -Syyuu
error: mingw32: key "5F944B027F7FE2091985AA2EFA11531AA0AA7F57" is unknown
error: mingw32: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: mingw64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: ucrt64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: clang64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: msys: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
:: Import PGP key 5F944B027F7FE2091985AA2EFA11531AA0AA7F57? [Y/n] 
:: Synchronizing package databases...
mingw32 downloading...
mingw64 downloading...
ucrt64 downloading...
clang64 downloading...
msys downloading...
error: mingw32: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: mingw64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: ucrt64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: clang64: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: msys: signature from "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" is unknown trust
error: failed to synchronize all databases (invalid or corrupted database (PGP signature))
Successful attempt 
Starting msys2 download using msys2-base-x86_64-20210725.tar.xz
Downloading package from: https://github.com/msys2/msys2-installer/releases/download/2021-07-25/msys2-base-x86_64-20210725.tar.xz to path C:\Users\RUNNER~1\AppData\Local\Temp\msys2-base-x86_64-20210725.tar.xz .
Finished download
Starting msys2 extraction

---------------------------------------- bash pacman-key --init
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: key 30D6AEE142EAB153 marked as ultimately trusted
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/928BE667E5A118F962233F6830D6AEE142EAB153.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
bash pacman-key --populate msys2
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   1  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   1  signed:   6  trust: 1-, 0q, 0n, 0m, 0f, 0u
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   2  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   2  signed:   6  trust: 2-, 0q, 0n, 0m, 0f, 0u
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   3  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   3  signed:   8  trust: 3-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   4  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   4  signed:   8  trust: 4-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   5  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   5  signed:   7  trust: 5-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
-> Locally signed 6 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
/usr/bin/pacman-key: line 208: /dev/fd/63: No such file or directory
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   6  signed:   6  trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23
-> Disabled 1 keys.
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   6  signed:   6  trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23

==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
/usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
-> Locally signed 6 keys.
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
/usr/bin/pacman-key: line 208: /dev/fd/63: No such file or directory
-> Disabled 1 keys.
==> Updating trust database...
gpg: next trustdb check due at 2022-01-23

---------------------------------------- bash.exe pacman-key --list-keys
/etc/pacman.d/gnupg/pubring.gpg
-------------------------------
pub   rsa4096 2021-07-29 [SC]
    3C59C1165C0055DE2BE83CDA47EAFDEBF7082C37
uid           [ultimate] Pacman Keyring Master Key <pacman@localhost>

pub   rsa2048 2014-09-28 [SC]
    D55E7A6D7CE9BA1587C0ACACF40D263ECA25678A
uid           [  full  ] Alexey Pavlov (Alexpux) <alexey.pawlow@gmail.com>
sub   rsa2048 2014-09-28 [E]

pub   rsa4096 2020-06-19 [SC]
    6E8FEAFF9644F54EED90EEA0790AE56A1D3CFDDC
uid           [  full  ] David Macek (MSYS2 master key) <david.macek.0@gmail.com>

pub   rsa4096 2014-10-04 [SC]
    9DD0D4217D75A33B896159E6DA7EF2ABAEEA755C
uid           [  full  ] Martell Malone (martell) <martellmalone@gmail.com>
sub   rsa4096 2014-10-04 [E]

pub   rsa4096 2014-09-28 [SC]
    123D4D51A1793859C2BE916BBBE514E53E0D0813
uid           [  full  ] Ray Donnelly (MSYS2 Developer - master key) <mingw.android@gmail.com>
sub   rsa4096 2014-09-28 [E]

pub   rsa4096 2020-06-22 [SC]
    69985C5EB351011C78DF7F6D755B8182ACD22879
uid           [  full  ] Christoph Reiter (MSYS2 master key) <reiter.christoph@gmail.com>
sub   rsa4096 2020-06-22 [E]

pub   rsa2048 2014-09-29 [SC]
    B91BCF3303284BF90CC043CA9F418C233E652008
uid           [  full  ] Ignacio Casal Quinteiro <icquinteiro@gmail.com>
sub   rsa2048 2014-09-29 [E]

pub   dsa2048 2013-11-11 [SC]
    AD351C50AE085775EB59333B5F92EFC1A47D45A1
uid           [  full  ] Alexey Pavlov (Alexpux) <alexpux@gmail.com>
sub   elg2048 2013-11-11 [E]

pub   rsa4096 2018-01-14 [SC] [expires: 2022-01-23]
    87771331B3F1FF5263856A6D974C8BE49078F532
uid           [  full  ] David Macek <david.macek.0@gmail.com>
sub   rsa4096 2018-01-14 [E] [expires: 2022-01-23]
sub   rsa3072 2018-01-14 [S] [expires: 2022-01-23]

pub   rsa4096 2015-07-22 [SC]
    C65EC8966983541D52B97A16D595C9AB2C51581E
uid           [  full  ] Martell Malone (MSYS2 Developer) <martellmalone@gmail.com>
sub   rsa4096 2015-07-22 [E]

pub   rsa4096 2014-09-28 [SC]
    909F9599D1A2046B21FAEB3C4DF3B7664CA56930
uid           [  full  ] Ray Donnelly (MSYS2 Developer) <mingw.android@gmail.com>
sub   rsa4096 2014-09-28 [E]

pub   rsa4096 2020-06-22 [SC]
    5F944B027F7FE2091985AA2EFA11531AA0AA7F57
uid           [  full  ] Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>
sub   rsa4096 2020-06-22 [E]

pub   rsa4096 2014-11-05 [SC]
    B19514FB53EB3668471B296E794DCF97F93FC717
uid           [  full  ] Martell Malone (martell) <me@martellmalone.com>
sub   rsa4096 2014-11-05 [E]

---------------------------------------- pacman --noconfirm -Syyuu
:: Synchronizing package databases...
mingw32 downloading...
mingw64 downloading...
ucrt64 downloading...
clang64 downloading...
msys downloading...
:: Starting core system upgrade...
there is nothing to do
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (12) curl-7.77.0-1  glib2-2.68.3-1  gnupg-2.2.29-1  less-590-1  libcurl-7.77.0-1  libedit-20210714_3.1-1  libexpat-2.4.1-1  libgcrypt-1.9.3-1  libp11-kit-0.24.0-1  libreadline-8.1.001-1  libxml2-2.9.12-1  p11-kit-0.24.0-1

Total Download Size:    7.46 MiB
Total Installed Size:  29.19 MiB
Net Upgrade Size:       0.08 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
libgcrypt-1.9.3-1-x86_64 downloading...
libreadline-8.1.001-1-x86_64 downloading...
libxml2-2.9.12-1-x86_64 downloading...
glib2-2.68.3-1-x86_64 downloading...
less-590-1-x86_64 downloading...
libp11-kit-0.24.0-1-x86_64 downloading...
p11-kit-0.24.0-1-x86_64 downloading...
libexpat-2.4.1-1-x86_64 downloading...
libedit-20210714_3.1-1-x86_64 downloading...
libcurl-7.77.0-1-x86_64 downloading...
curl-7.77.0-1-x86_64 downloading...
gnupg-2.2.29-1-x86_64 downloading...
checking keyring...
checking package integrity...
loading package files...
checking for file conflicts...
checking available disk space...
:: Processing package changes...
upgrading libgcrypt...
upgrading libreadline...
upgrading libxml2...
upgrading glib2...
upgrading less...
upgrading libp11-kit...
upgrading p11-kit...
upgrading libexpat...
upgrading libedit...
upgrading libcurl...
upgrading curl...
upgrading gnupg...
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
gpg: WARNING: server 'gpg-agent' is older than us (2.2.28-unknown < 2.2.29-unknown)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
usr/bin/pacman-key: line 195: /dev/fd/63: No such file or directory
-> Locally signed 6 keys.
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
usr/bin/pacman-key: line 208: /dev/fd/63: No such file or directory
-> Disabled 1 keys.
==> Updating trust database...
gpg: next trustdb check due at 2022-01-23
:: Running post-transaction hooks...
(1/1) Updating the info directory file...

Any recommendations how to debug the issue?

Steps to Reproduce the Problem

By default the folder msys64\etc\pacman.d\gnupg doesn't exist.

wget https://github.com/msys2/msys2-installer/releases/download/2021-07-25/msys2-base-x86_64-20210725.tar.xz 
bash.exe -c "pacman-key --init"
bash.exe -c "pacman-key --populate msys2"
bash.exe -c "pacman-key --list-keys"
pacman.exe -Syyuu --noconfirm

Additional Context: Operating System, Screenshots

  • OS: Microsoft Windows Server 2019 10.0.17763

Failed:
image

Success:
image
@al-cheb
Copy link
Author

al-cheb commented Jul 29, 2021

cc @lazka

@lazka
Copy link
Member

lazka commented Jul 29, 2021
edited
Loading

hm, would you be willing to try doing it the "official" way? https://www.msys2.org/docs/ci/#other-systems Since that's what we use to test the initial setup: https://github.com/msys2/msys2-installer/actions/runs/1077166627

I'll try to follow your steps later... to see if I can reproduce.

@lazka
Copy link
Member

lazka commented Jul 30, 2021

ref actions/runner-images#3819

Not exactly what I meant, but an improvement never the less.

@al-cheb
Copy link
Author

al-cheb commented Aug 2, 2021
edited
Loading

ref actions/virtual-environments#3819

Not exactly what I meant, but an improvement never the less.

I can not reproduce the same behavior with using the default installer, that's why we have decided to unblock deployments.

@Nayr438
Copy link

Nayr438 commented Aug 22, 2021

This seems too still be an issue with the latest installer that is available on the website. "msys2-x86_64-20210725.exe"
The solution in the first report however seems to have resolved it.

@Biswa96
Copy link
Member

Biswa96 commented Mar 14, 2022

Is this issue fixed now?

@ivellioscolin
Copy link

$ rm -r /etc/pacman.d/gnupg/
$ pacman-key --init
$ pacman-key --populate msys2
$ curl -O https://repo.msys2.org/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz
$ curl -O https://repo.msys2.org/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig
$ pacman -U --config <(echo) msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz

@al-cheb al-cheb closed this as completed May 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@lazka @ivellioscolin @Biswa96 @al-cheb @Nayr438