Discussion:
[arch-general] Gnucash 2.6.10-1 download error
Francis Gerund
2016-01-28 23:57:05 UTC
Permalink
Hello.

I am running Arch x86_64.

sudo pacmatic -Syyuv gnucash results in:

Root : /
Conf File : /etc/pacman.conf
DB Path : /var/lib/pacman/
Cache Dirs: /var/cache/pacman/pkg/
Lock File : /var/lib/pacman/db.lck
Log File : /var/log/pacman.log
GPG Dir : /etc/pacman.d/gnupg/
Targets : gnucash
:: Synchronizing package databases...
core 122.4 KiB 408K/s 00:00
[#########################################] 100%
extra 1764.7 KiB 1812K/s 00:01
[#########################################] 100%
community 3.3 MiB 1832K/s 00:02
[#########################################] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (18) aqbanking-5.5.1-2 goffice0.8-0.8.17-3 guile1.8-1.8.8-4
gwenhywfar-4.13.1-3 ktoblzcheck-1.48-3
libart-lgpl-2.3.21-3 libdbi-0.9.0-2 libdbi-drivers-0.9.0-2
libgnomecanvas-2.30.3-3 libgsf-1.14.34-1
libmariadbclient-10.1.10-1 libofx-0.9.10-1
libxml++-2.40.1-1 opensp-1.5.2-5 postgresql-libs-9.4.5-1
python-3.5.1-1 slib-3b5-1 gnucash-2.6.10-1

Total Download Size: 0.66 MiB
Total Installed Size: 221.06 MiB

:: Proceed with installation? [Y/n]
:: Retrieving packages ...
libdbi-0.9.0-2-x86_64 642.2 KiB 1212K/s 00:01
[#########################################] 100%
libdbi-drivers-0.9.0-2-x86_64 35.4 KiB 1771K/s 00:00
[#########################################] 100%
(18/18) checking keys in keyring
[#########################################] 100%
(18/18) checking package integrity
[#########################################] 100%
error: libdbi: signature from "Thorsten Töpper <***@freethoughts.de>"
is unknown trust
:: File /var/cache/pacman/pkg/libdbi-0.9.0-2-x86_64.pkg.tar.xz is corrupted
(invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: libdbi-drivers: signature from "Thorsten Töpper <
***@freethoughts.de>" is unknown trust
:: File /var/cache/pacman/pkg/libdbi-drivers-0.9.0-2-x86_64.pkg.tar.xz is
corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
No pacnew files to update.



Also,
sudo pacmatic -S libdbi
[sudo] password for default:
Recent ML chatter:
resolving dependencies...
looking for conflicting packages...

Packages (1) libdbi-0.9.0-2

Total Download Size: 0.63 MiB
Total Installed Size: 1.92 MiB

:: Proceed with installation? [Y/n]
:: Retrieving packages ...
libdbi-0.9.0-2-x86_64 642.2 KiB 1387K/s 00:00
[#########################################] 100%
(1/1) checking keys in keyring
[#########################################] 100%
(1/1) checking package integrity
[#########################################] 100%
error: libdbi: signature from "Thorsten Töpper <***@freethoughts.de>"
is unknown trust
:: File /var/cache/pacman/pkg/libdbi-0.9.0-2-x86_64.pkg.tar.xz is corrupted
(invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP
signature))
Errors occurred, no packages were upgraded.
No pacnew files to update.


And,
sudo pacmatic -S libdbi-drivers
Recent ML chatter:
resolving dependencies...
looking for conflicting packages...

Packages (2) libdbi-0.9.0-2 libdbi-drivers-0.9.0-2

Total Download Size: 0.66 MiB
Total Installed Size: 2.08 MiB

:: Proceed with installation? [Y/n]
:: Retrieving packages ...
libdbi-0.9.0-2-x86_64 642.2 KiB 698K/s 00:01
[#########################################] 100%
libdbi-drivers-0.9.0-2-x86_64 35.4 KiB 4.94M/s 00:00
[#########################################] 100%
(2/2) checking keys in keyring
[#########################################] 100%
(2/2) checking package integrity
[#########################################] 100%
error: libdbi: signature from "Thorsten Töpper <***@freethoughts.de>"
is unknown trust
:: File /var/cache/pacman/pkg/libdbi-0.9.0-2-x86_64.pkg.tar.xz is corrupted
(invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: libdbi-drivers: signature from "Thorsten Töpper <
***@freethoughts.de>" is unknown trust
:: File /var/cache/pacman/pkg/libdbi-drivers-0.9.0-2-x86_64.pkg.tar.xz is
corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package (PGP
signature))
Errors occurred, no packages were upgraded.
No pacnew files to update.



(Note: other packages download fine, and I see no apparent problems with
pacman. )

Should this be reported as a bug (or 2-3 bugs)?

Or just I just patiently wait for Gnucash 2.6.11-1 (gnucash-latest) to move
to the "extra" repository? And if so, any idea when it might be ready?
Doug Newgard
2016-01-29 00:13:37 UTC
Permalink
On Thu, 28 Jan 2016 18:57:05 -0500
Post by Francis Gerund
Should this be reported as a bug (or 2-3 bugs)?
No, it's not a bug. Info about this has been all over the mailing lists,
forums, and IRC for days. Do some checking around.
Francis Gerund
2016-01-29 00:49:12 UTC
Permalink
Post by Doug Newgard
On Thu, 28 Jan 2016 18:57:05 -0500
Post by Francis Gerund
Should this be reported as a bug (or 2-3 bugs)?
No, it's not a bug. Info about this has been all over the mailing lists,
forums, and IRC for days. Do some checking around.
I'm sort of new to Arch. I just installed yesterday, so didn't know about
that. I did not see a bug report (maybe I missed it).

And I thought that even if it is flagged as out-of-date, it would still
install.

I thought it was a reasonable question to ask (with some detail provided),
and I was tring to be helpful.

I don't know the etiquette here yet. Sorry.

And Gnucash is really important to me.

I will try checking the email archives.

At Arch, is IRC preferred over mailing lists as a source of information?

IRC is much harder for em to use effectively; it's like trying to dring
from a fire hose.
kendell clark
2016-01-29 00:54:19 UTC
Permalink
Post by Francis Gerund
Post by Doug Newgard
On Thu, 28 Jan 2016 18:57:05 -0500
Post by Francis Gerund
Should this be reported as a bug (or 2-3 bugs)?
No, it's not a bug. Info about this has been all over the mailing lists,
forums, and IRC for days. Do some checking around.
I'm sort of new to Arch. I just installed yesterday, so didn't know about
that. I did not see a bug report (maybe I missed it).
And I thought that even if it is flagged as out-of-date, it would still
install.
I thought it was a reasonable question to ask (with some detail provided),
and I was tring to be helpful.
I don't know the etiquette here yet. Sorry.
And Gnucash is really important to me.
I will try checking the email archives.
At Arch, is IRC preferred over mailing lists as a source of information?
IRC is much harder for em to use effectively; it's like trying to dring
from a fire hose.
This seems reasonable to me. Even if a package is flagged out of date,
it will still download and install successfully, unless there's a
problem with it's gpg signature. If that's the case, pacman will fail
with a sometimes cryptic error. If you want, I can try building a
package from current stable gnucash source and upload it somewhere where
you can fetch until arch updates it's package.
Thanks
Kendell clark
Francis Gerund
2016-01-29 01:23:14 UTC
Permalink
Post by Doug Newgard
On Thu, 28 Jan 2016 18:57:05 -0500
Post by Francis Gerund
Should this be reported as a bug (or 2-3 bugs)?
No, it's not a bug. Info about this has been all over the mailing lists,
forums, and IRC for days. Do some checking around.
I'm sort of new to Arch. I just installed yesterday, so didn't know about
that. I did not see a bug report (maybe I missed it).
And I thought that even if it is flagged as out-of-date, it would still
install.
I thought it was a reasonable question to ask (with some detail provided),
and I was tring to be helpful.
I don't know the etiquette here yet. Sorry.
And Gnucash is really important to me.
I will try checking the email archives.
At Arch, is IRC preferred over mailing lists as a source of information?
IRC is much harder for em to use effectively; it's like trying to dring
from a fire hose.
This seems reasonable to me. Even if a package is flagged out of date, it
will still download and install successfully, unless there's a problem with
it's gpg signature. If that's the case, pacman will fail with a sometimes
cryptic error. If you want, I can try building a package from current
stable gnucash source and upload it somewhere where you can fetch until
arch updates it's package.
Thanks
Kendell clark
Kendall,

Thanks for your reply.

After checking the mailing list archives, I found a similar problem was
with the "courage" package, which was solved by (as root):

pacman-key --refresh-keys

I tried that, and it *seems* to have worked. I downloaded
Gnucash 2.6.10-1, and it *appears* to be okay.

So, don't go to the trouble of building a package.
But thanks for offering. I appreciate it!
Ralf Mardorf
2016-01-29 05:48:22 UTC
Permalink
Post by Francis Gerund
After checking the mailing list archives, I found a similar problem was
pacman-key --refresh-keys
Actually your install suffers from not being updated. The refresh was
needed, when the keyring package was only available by the testing
repository, but since a few days it's provided by core [1].

I never used pacmatic, so perhaps you should consider to update using
'sudo pacman -Syu'. If your install is up-to-date, then the output of
'pacman -Q archlinux-keyring' must be 'archlinux-keyring 20160123-1'.

[1]
[***@archlinux ~]$ grep "upgraded archlinux-keyring" /var/log/pacman.log | grep 2016
[2016-01-26 08:16] [ALPM] upgraded archlinux-keyring (20151220-1 -> 20160123-1)
[***@archlinux ~]$ grep
pkgver= /var/abs/core/archlinux-keyring/PKGBUILD pkgver=20160123
[***@archlinux ~]$ pacman -Si archlinux-keyring | grep Ver
Version : 20160123-1
Francis Gerund
2016-01-30 15:08:58 UTC
Permalink
Post by Ralf Mardorf
Post by Francis Gerund
After checking the mailing list archives, I found a similar problem was
pacman-key --refresh-keys
Actually your install suffers from not being updated. The refresh was
needed, when the keyring package was only available by the testing
repository, but since a few days it's provided by core [1].
I never used pacmatic, so perhaps you should consider to update using
'sudo pacman -Syu'. If your install is up-to-date, then the output of
'pacman -Q archlinux-keyring' must be 'archlinux-keyring 20160123-1'.
[1]
/var/log/pacman.log | grep 2016
[2016-01-26 08:16] [ALPM] upgraded archlinux-keyring (20151220-1 -> 20160123-1)
pkgver= /var/abs/core/archlinux-keyring/PKGBUILD pkgver=20160123
Version : 20160123-1
Thanks for the info guys, but now this is weird:

After doing:

sudo pacman -Syyuv
and
sudo pacman -Syyuv archlinux-keyring
and
sudo pacman-key --refresh-keys
and
sudo pacman-key --refresh-keys --updatedb
and
sudo pacman -Syyuv
and
rebooting

. . . and then doing it all again, I still get:

sudo pacmatic -Q archlinux-keyring
archlinux-keyring 20151220-1

sudo pacmatic -Ss archlinux-keyring
core/archlinux-keyring 20151220-1 [installed]
Arch Linux PGP keyring


But there sure seems to be a newer version in core:

1 exact match found.
Arch Repo Name Version Description Last Updated Flag Date any Core
archlinux-keyring
<https://www.archlinux.org/packages/core/any/archlinux-keyring/> 20160123-1
Arch Linux PGP keyring 2016-01-25
Yet my system won't even admit that a newer version exists!

Is there a way to update archlinux-keyring without reinstalling the whole
system?
Doug Newgard
2016-01-30 15:13:01 UTC
Permalink
On Sat, 30 Jan 2016 10:08:58 -0500
Post by Francis Gerund
1 exact match found.
Arch Repo Name Version Description Last Updated Flag Date any Core
archlinux-keyring
<https://www.archlinux.org/packages/core/any/archlinux-keyring/> 20160123-1
Arch Linux PGP keyring 2016-01-25
Yet my system won't even admit that a newer version exists!
Is there a way to update archlinux-keyring without reinstalling the whole
system?
Try a different mirror
Ralf Mardorf
2016-01-30 15:32:42 UTC
Permalink
Post by Doug Newgard
Post by Francis Gerund
https://www.archlinux.org/packages/core/any/archlinux-keyring/
Is there a way to update archlinux-keyring without reinstalling the
whole system?
Yes, there is.

The above link provides a box named "Package Actions". One option is
"Download From Mirror". To install a downloaded package run

"# pacman -U /path/to/package/package_name-version.pkg.tar.xz" -
https://wiki.archlinux.org/index.php/pacman#Additional_commands

However, you should follow Doug's hint.
Post by Doug Newgard
Try a different mirror
Edit your mirrorlist, perhaps there's a
file /etc/pacman.d/mirrorlist.pacnew. If so, compare the new list with
the mirrors you're using now. Maybe some mirrors aren't valid anymore.

Regards,
Ralf
Francis Gerund
2016-01-30 15:48:57 UTC
Permalink
Post by Doug Newgard
On Sat, 30 Jan 2016 10:08:58 -0500
Post by Francis Gerund
1 exact match found.
Arch Repo Name Version Description Last Updated Flag Date any Core
archlinux-keyring
<https://www.archlinux.org/packages/core/any/archlinux-keyring/>
20160123-1
Post by Francis Gerund
Arch Linux PGP keyring 2016-01-25
Yet my system won't even admit that a newer version exists!
Is there a way to update archlinux-keyring without reinstalling the whole
system?
Try a different mirror
Thanks Doug.

That was indeed the problem (and solution). Why didn't I think of that?
Francis Gerund
2016-01-30 15:52:53 UTC
Permalink
Post by Francis Gerund
Post by Doug Newgard
On Sat, 30 Jan 2016 10:08:58 -0500
Post by Francis Gerund
1 exact match found.
Arch Repo Name Version Description Last Updated Flag Date any Core
archlinux-keyring
<https://www.archlinux.org/packages/core/any/archlinux-keyring/>
20160123-1
Post by Francis Gerund
Arch Linux PGP keyring 2016-01-25
Yet my system won't even admit that a newer version exists!
Is there a way to update archlinux-keyring without reinstalling the
whole
Post by Francis Gerund
system?
Try a different mirror
Thanks Doug.
That was indeed the problem (and solution). Why didn't I think of that?
Thanks Ralf, for that.

And to all who replied.

The problems seems to be fixed. I just need to remember to keep the
mirrorlist up to date.

Eli Schwartz
2016-01-29 01:14:42 UTC
Permalink
Post by Francis Gerund
I'm sort of new to Arch. I just installed yesterday, so didn't know about
that. I did not see a bug report (maybe I missed it).
And I thought that even if it is flagged as out-of-date, it would still
install.
I thought it was a reasonable question to ask (with some detail provided),
and I was tring to be helpful.
I don't know the etiquette here yet. Sorry.
And Gnucash is really important to me.
I will try checking the email archives.
At Arch, is IRC preferred over mailing lists as a source of information?
IRC is much harder for em to use effectively; it's like trying to dring
from a fire hose.
See:

https://bbs.archlinux.org/viewtopic.php?id=156905
https://bbs.archlinux.org/viewtopic.php?id=207957
https://bbs.archlinux.org/viewtopic.php?id=207989


But mostly, this Wiki entry:
https://wiki.archlinux.org/index.php/Pacman#Signature_from_.22User_.3Cemail.40gmail.com.3E.22_is_unknown_trust.2C_installation_failed


There is nothing wrong with gnucash, and of course you can install
packages that are flagged out of date.
Notice which package has a problem -- not gnucash, but libdbi{,-drivers}

...

Anywhere as a source of information is fine, but obviously the best
source of information in this case is the Troubleshooting section of the
pacman Wiki page -- failing that, it is best to first see if you can
find other people who have had the problem, and see how they solved it. :)
--
Eli Schwartz
Loading...