MSYS2-packages: Invalid signature, corrupt database

oscar@w10x64-vm-sky MINGW64 ~
$ pacman -Suy
:: Synchronizing package databases...
 mingw32               468.8 KiB   652 KiB/s 00:01 [#####################] 100%
 mingw32.sig           119.0   B  0.00   B/s 00:00 [#####################] 100%
 mingw64               471.4 KiB  3.27 MiB/s 00:00 [#####################] 100%
 mingw64.sig           119.0   B  0.00   B/s 00:00 [#####################] 100%
 msys                  189.8 KiB  0.00   B/s 00:00 [#####################] 100%
 msys.sig              438.0   B  0.00   B/s 00:00 [#####################] 100%
error: msys: key "4A6129F4E4B84AE46ED7F635628F528CF3053E04" is unknown
:: Import PGP key 4A6129F4E4B84AE46ED7F635628F528CF3053E04? [Y/n]
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
error: failed to update msys (invalid or corrupted database (PGP signature))
error: failed to synchronize all databases

oscar@w10x64-vm-sky MINGW64 ~
$ pacman -Suy
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 msys                  189.8 KiB   450 KiB/s 00:00 [#####################] 100%
 msys.sig              438.0   B  0.00   B/s 00:00 [#####################] 100%
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
error: failed to update msys (invalid or corrupted database (PGP signature))
error: failed to synchronize all databases

oscar@w10x64-vm-sky MINGW64 ~
$

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 17
Comments: 38 (10 by maintainers)

Links to this issue

windows - Invalid PGP Signature when updating packages in MSYS2 - Despite fixes - Stack Overflow

Commits related to this issue

Update INSTALL.md for Windows This proposal updates INSTALL.md for the following: * stack comes with `msys2-20200903` * MSYS2 `pacman -Syu` has further keyring issues which can be overcome (https://... — committed to mpilgrem/hmatrix by mpilgrem 3 years ago

Most upvoted comments

See https://www.msys2.org/news/#2020-06-29-new-packagers

+39

lazka on Jul 25, 2020

I was originally having this problem, but while I was writing this post, it got fixed, so I just post this for reference.

I updated via pacman -Syu yesterday, all was fine.

Today I get this error, and I found this bug, and I’m trying to follow the steps:

$ pacman -Syu
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is invalid
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 msys                  205.6 KiB   461 KiB/s 00:00 [#####################] 100%
 msys.sig              438.0   B  0.00   B/s 00:00 [#####################] 100%
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is invalid
error: failed to update msys (invalid or corrupted database (PGP signature))
error: failed to synchronize all databases

$ curl -O http://repo.msys2.org/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 61344  100 61344    0     0   103k      0 --:--:-- --:--:-- --:--:--  103k

$ curl -O http://repo.msys2.org/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119  100   119    0     0    319      0 --:--:-- --:--:-- --:--:--   319

$ pacman-key --verify msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig
==> Checking msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig... (detached)
gpg: Signature made Mon, Jun 29, 2020  7:36:14 AM CEST
gpg:                using DSA key AD351C50AE085775EB59333B5F92EFC1A47D45A1
gpg: Good signature from "Alexey Pavlov (Alexpux) <alexpux@gmail.com>" [full]

$ pacman -U msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is invalid
error: database 'msys' is not valid (invalid or corrupted database (PGP signature))
loading packages...
warning: msys2-keyring-r21.b39fb11-1 is up to date -- reinstalling
error: failed to prepare transaction (invalid or corrupted database)

$ pacman -U --config <(echo) msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz
loading packages...
warning: msys2-keyring-r21.b39fb11-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Packages (1) msys2-keyring-r21.b39fb11-1

Total Installed Size:  0.05 MiB
Net Upgrade Size:      0.00 MiB

:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring                                    [###################################] 100%
(1/1) checking package integrity                                  [###################################] 100%
(1/1) loading package files                                       [###################################] 100%
(1/1) checking for file conflicts                                 [###################################] 100%
:: Processing package changes...
(1/1) reinstalling msys2-keyring                                  [###################################] 100%
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
  -> Locally signing key 6E8FEAFF9644F54EED90EEA0790AE56A1D3CFDDC...
  -> Locally signing key D55E7A6D7CE9BA1587C0ACACF40D263ECA25678A...
  -> Locally signing key 123D4D51A1793859C2BE916BBBE514E53E0D0813...
  -> Locally signing key B91BCF3303284BF90CC043CA9F418C233E652008...
  -> Locally signing key 9DD0D4217D75A33B896159E6DA7EF2ABAEEA755C...
  -> Locally signing key 69985C5EB351011C78DF7F6D755B8182ACD22879...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
  -> Disabling key B19514FB53EB3668471B296E794DCF97F93FC717...
==> Updating trust database...
gpg: next trustdb check due at 2021-06-19

Previously, at this point, I restarted the MSYS2 terminal, and then ran pacman -Syu, which failed again for me - but this time I did not restart the terminal after last command, instead I just proceeded directly:

$ pacman -Syu
error: msys: signature from "David Macek <david.macek.0@gmail.com>" is invalid
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 msys                                 205.6 KiB   467 KiB/s 00:00 [###################################] 100%
 msys.sig                             438.0   B  0.00   B/s 00:00 [###################################] 100%
:: Starting core system upgrade...
warning: terminate other MSYS2 programs before proceeding
resolving dependencies...
looking for conflicting packages...

Packages (3) filesystem-2020.02-7  msys2-runtime-3.1.6-2  msys2-runtime-devel-3.1.6-2

Total Download Size:    8.12 MiB
Total Installed Size:  46.40 MiB
Net Upgrade Size:      -0.02 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 filesystem-2020.02-7-x86_64           31.3 KiB   245 KiB/s 00:00 [###################################] 100%
 msys2-runtime-3.1.6-2-x86_64           2.7 MiB   742 KiB/s 00:04 [###################################] 100%
 msys2-runtime-devel-3.1.6-2-x86_64     5.4 MiB   657 KiB/s 00:08 [###################################] 100%
(3/3) checking keys in keyring                                    [###################################] 100%
(3/3) checking package integrity                                  [###################################] 100%
(3/3) loading package files                                       [###################################] 100%
(3/3) checking for file conflicts                                 [###################################] 100%
(3/3) checking available disk space                               [###################################] 100%
:: Processing package changes...
(1/3) upgrading filesystem                                        [###################################] 100%
(2/3) upgrading msys2-runtime                                     [###################################] 100%
(3/3) upgrading msys2-runtime-devel                               [###################################] 100%
:: To complete this update all MSYS2 processes including this terminal will be closed. Confirm to proceed [Y/n] y

Restarted MSYS2 terminal here - and now pacman -Syu is fine:

$ pacman -Syu
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 msys is up to date
:: Starting core system upgrade...
 there is nothing to do
:: Starting full system upgrade...
 there is nothing to do

+23

sdbbs on Aug 14, 2020

Analysis of the problem

‘pacman-key --populate msys2’ will not work, as the new package listing new packagers has not be installed (and can’t be) due to key issues.

# pacman-key --populate msys2
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
==> Updating trust database...
gpg: no need for a trustdb check

Likewise, ‘pacman-key --refresh-key’ will do nothing, as it can’t know who the new packagers are

If adding keys manually to work around that, pacman-key will fail as the keyserver seems to default to a non working pool (hkps://hkps.pool.sks-keyservers.net):

(...)
gpg: error retrieving 'david.macek.0@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: No name
==> ERROR: Could not update key: 974C8BE49078F532
(...)

Adding hkp://pgp.mit.edu:11371 doesn’t seem to work either

Proposed workaround

In 3 steps:

manually import David Macek key into pacman-key gnupg pubring
add a working keyserver to pacman-key gnupg configuration : https://bbs.archlinux.org/viewtopic.php?id=233362 suggest ubuntu keyserver
update the trust database

Step 1 : add the key manually

# wget https://github.com/1480c1.gpg
--2021-06-23 18:19:41--  https://github.com/1480c1.gpg
Resolving github.com (github.com)... 140.82.114.4
Connecting to github.com (github.com)|140.82.114.4|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 26651 (26K) [text/plain]
Saving to: ‘1480c1.gpg’

1480c1.gpg          100%[===================>]  26.03K  --.-KB/s    in 0.07s

2021-06-23 18:19:41 (390 KB/s) - ‘1480c1.gpg’ saved [26651/26651]

*# pacman-key -a 1480c1.gpg --gpgdir /etc/pacman.d/gnupg/
==> Updating trust database...
gpg: no need for a trustdb check

Step 2: add a keyserver manually

# echo "keyserver hkp://keyserver.ubuntu.com" >> /etc/pacman.d/gnupg/gpg.conf

Step 3: refresh the keys manually

# pacman-key --refresh-key

(...)
gpg: error retrieving 'david.macek.0@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkp://keyserver.ubuntu.com
gpg: key 974C8BE49078F532: "David Macek <david.macek.0@gmail.com>" 4 new signatures
gpg: key 974C8BE49078F532: "David Macek <david.macek.0@gmail.com>" 1 signature cleaned
gpg: Total number processed: 1
gpg:         new signatures: 4
gpg:     signatures cleaned: 1
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   9  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   9  signed:   3  trust: 3-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   3  signed:   0  trust: 3-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-01-23

What happens

Before: package installation or upgrade failed

# pacman -Syuu
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 ucrt64 is up to date
 clang64 is up to date
 msys is up to date
:: Starting core system upgrade...
 there is nothing to do
:: Starting full system upgrade...
:: Replace mingw-w64-x86_64-pkg-config with mingw64/mingw-w64-x86_64-pkgconf? [Y/n] y
:: Replace mingw-w64-x86_64-x264-git with mingw64/mingw-w64-x86_64-x264? [Y/n] y
:: Replace pax-git with msys/pax? [Y/n] y
:: Replace pkg-config with msys/pkgconf? [Y/n] y
:: Replace sqlite-vfslog with msys/sqlite-extensions? [Y/n] y
resolving dependencies...
(...)

Total Download Size:    717.71 MiB
Total Installed Size:  4500.74 MiB
Net Upgrade Size:      1339.98 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
(...)
(364/364) checking keys in keyring                 [#####################] 100%
(364/364) checking package integrity               [#####################] 100%
error: gcc-libs: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/gcc-libs-10.2.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
Interrupt signal received

After: the temporary workaround allows the new key to be properly added:

# pacman -Syuu
(...)

Total Installed Size:  4500.74 MiB
Net Upgrade Size:      1339.98 MiB

:: Proceed with installation? [Y/n] y
(364/364) checking keys in keyring                 [#####################] 100%
(364/364) checking package integrity               [#####################] 100%
(364/364) loading package files                    [#####################] 100%
(364/364) checking for file conflicts              [#####################] 100%
(369/369) checking available disk space            [#####################] 100%
warning: could not get file information for autorebasebase1st.bat
:: Processing package changes...
(1/5) removing sqlite-vfslog                       [#####################] 100%
(2/5) removing pax-git                             [#####################] 100%
(3/5) removing mingw-w64-x86_64-x264-git           [#####################] 100%
(4/5) removing mingw-w64-x86_64-pkg-config         [#####################] 100%
(5/5) removing pkg-config                          [#####################] 100%
(  1/364) upgrading gcc-libs                       [#####################] 100%
(  2/364) upgrading libexpat                       [#####################] 100%
(...)
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
(...)
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
==> Updating trust database...
gpg: next trustdb check due at 2022-01-23
(...)

I believe this is sufficient to close this issue.

+22

csdvrx on Jun 24, 2021

See the news https://www.msys2.org/news/#2020-06-29-new-packagers
Try pacman-key --init; pacman-key --populate
If possible, try newer version of msys2-installer.

+14

Biswa96 on Sep 7, 2020

I was able to fix this by roughly following what @csdvrx proposed. But it felt wrong to just trust some key downloaded from somewhere (I’m talking about the # wget https://github.com/1480c1.gpg step). So here is what I did:

First, this was the error I was getting when running pacman -Syu:

error: bash-completion: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/bash-completion-2.11-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).

The way I fixed it:

Get the Key-ID (0x9078f532) from https://www.msys2.org/news/#2020-06-29-new-packagers
Use https://keyserver.ubuntu.com to get the key. Just type in the ID and you end up here: https://keyserver.ubuntu.com/pks/lookup?search=0x9078f532&fingerprint=on&op=index
Download the key

> wget "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x87771331b3f1ff5263856a6d974c8be49078f532" -O key

Proceed as @csdvrx proposed

> pacman-key -a key --gpgdir /etc/pacman.d/gnupg/
> echo "keyserver hkp://keyserver.ubuntu.com" >> /etc/pacman.d/gnupg/gpg.conf
> pacman-key --refresh-keys

After this pacman -Syu worked again. I did not need to close any windows or the like.

wickedmic on Jul 6, 2021

I did not get errors initially, but I’ve been having new packages fail to verify. The solution for me turned out to be pacman -S msys2-keyring, after which pacman -Syu worked again.

nulano on Oct 20, 2021

See https://www.msys2.org/news/#2020-06-29-new-packagers

This useless link is mentioned in all tickets related to that failure with msys2 update (it doesn’t work for me, not sure what I need to run, and I don’t want to read that long poem). I’ve used msys2 for many years, have never had any problems, and this update with key is a huge failure imo. No clear answer what to run to make and update/upgrade. This should have been handled properly instead of breaking things for everybody.

After running all possible commands mentioned all over the place, I still cannot update and get this error from running pacman -Syuu:

(8/8) checking package integrity                                                                                                                                         [########################################################################################################] 100%
      0 [main] pacman (18360) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [--------------------------------------------------------------------------------------------------------]   0%
      0 [main] pacman (11244) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [###################-------------------------------------------------------------------------------------]  19%
      1 [main] pacman (15672) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [####################------------------------------------------------------------------------------------]  20%
      0 [main] pacman (31588) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [#################################################-------------------------------------------------------]  48%
      0 [main] pacman (27008) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [####################################################----------------------------------------------------]  50%
      0 [main] pacman (21016) shared_info::initialize: size of shared memory region changed from 40888 to 49080                                                          [#######################################################-------------------------------------------------]  53%
(8/8) loading package files                                                                                                                                              [########################################################################################################] 100%
error: could not open file /var/cache/pacman/pkg/bash-5.1.004-1-x86_64.pkg.tar.zst: Child process exited with status 127
error: could not open file /var/cache/pacman/pkg/filesystem-2021.01-1-x86_64.pkg.tar.zst: Child process exited with status 127
error: could not open file /var/cache/pacman/pkg/mintty-1~3.4.4-1-x86_64.pkg.tar.zst: Child process exited with status 127
error: could not open file /var/cache/pacman/pkg/libzstd-1.4.8-1-x86_64.pkg.tar.zst: Child process exited with status 127
error: could not open file /var/cache/pacman/pkg/zstd-1.4.8-1-x86_64.pkg.tar.zst: Child process exited with status 127
error: could not open file /var/cache/pacman/pkg/pacman-5.2.2-9-x86_64.pkg.tar.zst: Child process exited with status 127
error: failed to commit transaction (cannot open package file)
Errors occurred, no packages were upgraded.

pps83rbx on Jan 21, 2021

@pps83rbx The following steps worked for me when updating an older msys2 version:

install the new keys ( https://www.msys2.org/news/#2020-06-29-new-packagers)
taskkill /fi “MODULES eq msys-2.0.dll” + exit the terminal (https://github.com/msys2/MSYS2-packages/issues/1966)
install zstd and pacman manually ( https://github.com/msys2/MSYS2-packages/issues/1967) pacman --noconfirm -U "http://repo.msys2.org/msys/x86_64/libzstd-1.4.4-2-x86_64.pkg.tar.xz" pacman --noconfirm -U "http://repo.msys2.org/msys/x86_64/zstd-1.4.4-2-x86_64.pkg.tar.xz" pacman --noconfirm -U "http://repo.msys2.org/msys/x86_64/pacman-5.2.1-6-x86_64.pkg.tar.xz"
taskkill /fi “MODULES eq msys-2.0.dll” + exit the terminal
update pacman separately first (https://www.msys2.org/news/#2020-05-31-update-may-fail-with-could-not-open-file) pacman --noconfirm -Sydd pacman
taskkill /fi “MODULES eq msys-2.0.dll” + exit the terminal
Core update (in case any core packages are outdated) pacman --noconfirm -Syuu
taskkill /fi “MODULES eq msys-2.0.dll” + exit the terminal
Normal update pacman --noconfirm -Syuu
taskkill /fi “MODULES eq msys-2.0.dll”

dmn-star on Jan 28, 2021

Googling the error, it redirects here. After doing rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate msys2 && pacman-key --refresh-keys, looks like some gpg keys has erros:

gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: key 280056C915DFC20C marked as ultimately trusted
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/6505491C7A061E293231E6B2280056C915DFC20C.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
==> Appending keys from msys2.gpg...
==> Locally signing trusted keys in keyring...
  -> Locally signed 6 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
  -> Disabled 2 keys.
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   6  signed:   5  trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   5  signed:   0  trust: 5-, 0q, 0n, 0m, 0f, 0u
gpg: error retrieving 'alexey.pawlow@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key F40D263ECA25678A: "Alexey Pavlov (Alexpux) <alexey.pawlow@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'david.macek.0@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 790AE56A1D3CFDDC: "David Macek (MSYS2 master key) <david.macek.0@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'martellmalone@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key DA7EF2ABAEEA755C: "Martell Malone (martell) <martellmalone@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'mingw.android@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key BBE514E53E0D0813: "Ray Donnelly (MSYS2 Developer - master key) <mingw.android@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'reiter.christoph@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 755B8182ACD22879: "Christoph Reiter (MSYS2 master key) <reiter.christoph@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'icquinteiro@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 9F418C233E652008: "Ignacio Casal Quinteiro <icquinteiro@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'alexpux@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 5F92EFC1A47D45A1: "Alexey Pavlov (Alexpux) <alexpux@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'david.macek.0@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 974C8BE49078F532: "David Macek <david.macek.0@gmail.com>" 3 new signatures
gpg: key 974C8BE49078F532: "David Macek <david.macek.0@gmail.com>" 1 signature cleaned
gpg: Total number processed: 1
gpg:         new signatures: 3
gpg:     signatures cleaned: 1
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   6  signed:   6  trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-11-18
gpg: error retrieving 'martellmalone@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key D595C9AB2C51581E: "Martell Malone (MSYS2 Developer) <martellmalone@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'reiter.christoph@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key FA11531AA0AA7F57: "Christoph Reiter (MSYS2 development key) <reiter.christoph@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'me@martellmalone.com' via WKD: No name
gpg: error reading key: No name
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 794DCF97F93FC717: "Martell Malone (martell) <me@martellmalone.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: error retrieving 'mingw.android@gmail.com' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 4DF3B7664CA56930: "Ray Donnelly (MSYS2 Developer) <mingw.android@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

The error still persists:

error: mingw-w64-x86_64-libvorbis: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/mingw-w64-x86_64-libvorbis-1.3.7-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: mingw-w64-x86_64-ffms2: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/mingw-w64-x86_64-ffms2-2.40-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

Maybe 3 or 4 years ago, I’ve posted a workaround here to a different MSYS error preventing me to upgrade the system.

The exact same workaround works with this one:

Edit /etc/pacman.conf add SigLevel = Never and save.
Run the command rm -r /etc/pacman.d/gnupg/ && pacman-key --init && pacman-key --populate msys2
Try pacman -Suy again, it should work without any further issues.
When all set and done, remove SigLevel = Never from /etc/pacman.conf and save.

Now everything should be working.

pacman -Suy
:: Synchronizing package databases...
 mingw32 is up to date
 mingw64 is up to date
 ucrt64 is up to date
 clang32 is up to date
 clang64 is up to date
 msys is up to date
:: Starting core system upgrade...
 there is nothing to do
:: Starting full system upgrade...
 there is nothing to do

Hope it helps.

wtuemura on Sep 20, 2022

Thanks, I just did and indeed that fixed it. Sorry for the noise

DominusExult on Oct 30, 2020

error: mingw32: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” is unknown :: Import PGP key 4A6129F4E4B84AE46ED7F635628F528CF3053E04? [Y/n] error: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” could not be looked up remotely error: mingw64: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” is unknown :: Import PGP key 4A6129F4E4B84AE46ED7F635628F528CF3053E04? [Y/n] error: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” could not be looked up remotely error: msys: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” is unknown :: Import PGP key 4A6129F4E4B84AE46ED7F635628F528CF3053E04? [Y/n] error: key “4A6129F4E4B84AE46ED7F635628F528CF3053E04” could not be looked up remotely error: database ‘mingw32’ is not valid (invalid or corrupted database (PGP signature)) error: database ‘mingw64’ is not valid (invalid or corrupted database (PGP signature)) error: database ‘msys’ is not valid (invalid or corrupted database (PGP signature)) Install MSYS2 and MINGW development toolchain failed Installation failed: pacman failed

I tried all of the option that you have suggested over here but none of it doesnt work for me

Kinfe123 on Sep 7, 2020