The repo contains packages signed by "Arch Linux ARM Build System <builder@archlinuxarm.org>", for example package nspr.
This fails to install because of:
[code]
error: nspr: signature from "Arch Linux ARM Build System <builder@archlinuxarm.org>" is marginal trust
[/code]
That's because:
[code]
pacman-key --finger builder @ archlinuxarm.org
gpg: Warning: using insecure memory!
pub rsa4096 2014-01-18 [SC]
68B3 537F 39A3 13B3 E574 D067 7719 3F15 2BDB E6A6
uid [marginal] Arch Linux ARM Build System <builder@archlinuxarm.org>
sub rsa4096 2014-01-18 [E]
[/code]
And that's because package archlinuxarm-keyring lists four keys in /usr/share/pacman/keyrings/archlinuxarm.gpg, but only three of those are trusted per /usr/share/pacman/keyrings/archlinuxarm-trusted -- you guessed it which is the one not listed there.
The archlinuxarm-keyring package appears to have been unchanged for a long time, but this kind of thing used to work. Is it possible that the build system now uses builder @ archlinuxarm.org to sign packages but that wasn't always so?
A workaround is to
[code]
pacman-key --lsign-key builder @ archlinuxarm.org
[/code]
if the default setup doesn't do it.
Anybody else have this problem?
P.S. Added extra blanks in the e-mail addresses to the broken forum software doesn't make it worse...