The Parabola Keyring (parabola-keyring) must be installed on every Parabola system in order to install and upgrade software packages. This key-ring holds cryptographic identification keys of the trusted developers who create the packages in the repositories. Whenever installing or upgrading a package from an official package mirror, the package manager (PacMan) first verifies that the signature is recognized and valid. The package will not be installed otherwise. Note that PacMan will not verify the authenticity of any packages that are installed directly from the local file-system. However, that is not the normal method of installing packages and is not recommended.
1 Resetting the Parabola Keyring
Sometimes it may be necessary to reset your package trust key-ring. This can happen for several reasons such as:
- An unexpected system shutdown has caused data loss to the /etc/pacman.d/gnupg directory
- Your cat did it accidentally
- (Other causes)
This would be manifest by errors while installing or upgrading packages such as:
- signature from "someone <firstname.lastname@example.org>" is marginal trust
- Failed to commit transaction (Invalid or corrupted package (PGP signature))
You can restore the keyring to the current sane state by running these commands:
sudo pacman -Scc sudo pacman -Syy archlinux-keyring archlinux32-keyring archlinuxarm-keyring parabola-keyring sudo pacman-key --init sudo pacman-key --populate archlinux archlinux32 archlinuxarm parabola sudo pacman-key --refresh-keys
Now try to install those troublesome packages again.
2 pacman-key --populate does not work
In this case /usr/share/pacman/keyrings may be damaged. To recover you will need to reinstall the keyring packages using the Parabola LiveISO.
Once the LiveISO is running on your computer: (where /dev/sdXY are the appropriate drive partitions on your system, ex. /dev/sda1)
sudo mount /dev/sdXY /mnt sudo pacstrap /mnt archlinux-keyring archlinux32-keyring archlinuxarm-keyring parabola-keyring sudo killall gpg-agent sudo umount /mnt/dev sudo umount /mnt reboot
If you still have trouble after this procedure, please open a bug report with the errors you see.