原因
pacman 上游更新了密钥环的格式,使得本地的主密钥无法签署其它密钥。
解决方法
请以 root 权限运行:
pacman -Syu haveged
systemctl starthaveged
systemctl enable haveged
rm -fr /etc/pacman.d/gnupg
pacman-key --init
pacman-key --populate archlinux
pacman-key --populate archlinuxcn
pacman-key --populate blackarch
效果
\[root@name aaa\]# pacman -Syu haveged
systemctl starthaveged
systemctl enable haveged
rm -fr /etc/pacman.d/gnupg
pacman-key --init
pacman-key --populate archlinux
pacman-key --populate archlinuxcn
:: Synchronizing package databases...
core is up to date
extra is up to date
community 6.7 MiB 5.65 MiB/s 00:01 \[######################\] 100%
archlinuxcn is up to date
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...
Packages (1) haveged-1.9.18-1
Total Download Size: 0.05 MiB
Total Installed Size: 0.15 MiB
:: Proceed with installation? \[Y/n\] y
:: Retrieving packages...
haveged-1.9.18-1... 47.0 KiB 643 KiB/s 00:00 \[######################\] 100%
(1/1) checking keys in keyring \[######################\] 100%
(1/1) checking package integrity \[######################\] 100%
(1/1) loading package files \[######################\] 100%
(1/1) checking for file conflicts \[######################\] 100%
(1/1) checking available disk space \[######################\] 100%
:: Processing package changes...
(1/1) installing haveged \[######################\] 100%
:: Running post-transaction hooks...
(1/3) Reloading system manager configuration...
(2/3) Arming ConditionNeedsUpdate...
(3/3) Updating linux initcpios...
\==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
\-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux.img
\==> Starting build: 5.18.12-arch1-1
\-> Running build hook: \[base\]
\-> Running build hook: \[udev\]
\-> Running build hook: \[autodetect\]
\-> Running build hook: \[modconf\]
\-> Running build hook: \[block\]
\-> Running build hook: \[filesystems\]
\-> Running build hook: \[keyboard\]
\-> Running build hook: \[fsck\]
\==> Generating module dependencies
\==> Creating zstd-compressed initcpio image: /boot/initramfs-linux.img
\==> Image generation successful
\==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'fallback'
\-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux-fallback.img -S autodetect
\==> Starting build: 5.18.12-arch1-1
\-> Running build hook: \[base\]
\-> Running build hook: \[udev\]
\-> Running build hook: \[modconf\]
\-> Running build hook: \[block\]
\==> WARNING: Possibly missing firmware for module: wd719x
\==> WARNING: Possibly missing firmware for module: qla2xxx
\==> WARNING: Possibly missing firmware for module: aic94xx
\==> WARNING: Possibly missing firmware for module: qla1280
\==> WARNING: Possibly missing firmware for module: qed
\==> WARNING: Possibly missing firmware for module: bfa
\==> WARNING: Possibly missing firmware for module: xhci\_pci
\-> Running build hook: \[filesystems\]
\-> Running build hook: \[keyboard\]
\-> Running build hook: \[fsck\]
\==> Generating module dependencies
\==> Creating zstd-compressed initcpio image: /boot/initramfs-linux-fallback.img
\==> Image generation successful
Unknown command verb starthaveged.
Created symlink /etc/systemd/system/sysinit.target.wants/haveged.service → /usr/lib/systemd/system/haveged.service.
gpg: /etc/pacman.d/gnupg/trustdb.gpg: trustdb created
gpg: no ultimately trusted keys found
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
\==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/74FD535E23E6F840C5832162F42F047410F5E81D.rev'
gpg: Done
\==> Updating trust database...
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
\==> Appending keys from archlinux.gpg...
\==> Locally signing trusted keys in keyring...
\-> Locally signed 6 keys.
\==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
\==> Disabling revoked keys in keyring...
\-> Disabled 51 keys.
\==> Updating trust database...
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 6 signed: 93 trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2 valid: 70 signed: 30 trust: 70-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2022-08-09