Invalid or corrupted package (PGP signature) during pacman sync / install

I’ve been using Linux off and on for the last 20 years. I’m currently moving
back to Arch Linux after a short stint on OS X (now MacOS). I am quite the Arch
noob but I’ve been completely taken by it’s simplicity and wasn’t turned off by
high barrier of entry to install.

That said, as a novice, I’m still in that “WTF is broken now??!?” phase where
I’m fighting with my system quite a bit. Today I was trying to get my MacBook
Pro completely battle ready as I can attack October full on Linux. That’s when I
started to encounter issues syncing (reads: installing) certain packages with

The error was quite simple, there was a problem with either the signature or the
package itself. pacman would ask if I wanted to delete the package and that
would be the end of it.

I got to searching the web and found a mixed lot of solutions but nothing that
seemed to work. Thinking back to a similar issue I’ve had on other distros, I
decided to look into how to blow away the keys that pacman was using so I
could have a fresh start.

sudo rm -R /etc/pacman.d/gnupg
sudo pacman-key --init
sudo pacman -Syy
sudo pacman-key --populate archlinux
sudo pacman -Syu
sudo pacman -S package

Was a tad bit nuclear but it got things working again!

I do think the steps could have been simplified a bit. I’m sure as I learn more
about Arch and it’s quirks I’ll be revisiting this and simplifying things a bit.

Josh Sherman - The Man, The Myth, The Avatar

About Josh

Husband. Father. Pug dad. Musician. Founder of Holiday API, Head of Engineering and Emoji Specialist at Mailshake, and author of the best damn Lorem Ipsum Library for PHP.

If you found this article helpful, please consider buying me a coffee.