sudo pacman -Syu fails with "error: failed to commit transaction (invalid or corrupted package)"
I am trying to update an Arch Linux installation:
sudo pacman -Syu
It goes on for a while and then starts to write error messages such as:
(691/691) checking keys in keyring [##############################################################################################] 100%
(691/691) checking package integrity [##############################################################################################] 100%
error: libtiff: signature from "Levente Polyak (anthraxx) <levente@leventepolyak.net>" is unknown trust
:: File /var/cache/pacman/pkg/libtiff-4.1.0-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: krb5: signature from "Levente Polyak (anthraxx) <levente@leventepolyak.net>" is unknown trust
:: File /var/cache/pacman/pkg/krb5-1.17.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
I tried both, to answer these questions with Y and n.
Yet, in both cases, the installation bails out with the final error message:
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
I have no idea how I can fix this and proceed with the installation.
The key error message in your output is
:: File /var/cache/pacman/pkg/libtiff-4.1.0-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
That means that the package integrity cannot be checked by its PGP signature. Often the reason is that you may have done the previous update a while ago. In the meantime some keys by Arch developers may have changed, and some new updates are signed with the new (PGP) keys.
Please try by updating the keyring first:
pacman -Sy archlinux-keyring
then try again
pacman -Syu
And let us know. Prefix the commands with sudo if you are using a user (non-root) shell.