When I run into a problem I can’t and the Google doesn’t have it, I document it for the next person.

Recently, RVM started using GNU Privacy Guard to sign releases (a good thing!). However, when I tried to upgrade to the a signed release, GPG failed with:

1
gpg: public key of ultimately trusted key 00000000 not found

The gpg --check-trustdb and gpg --update-trustdb commands report the problem, but do not repair it.

Googling this returns all of eight results. One is a note from 2002 that says this error is caused by the trust database not being update when an ultimately trusted key is removed from the key ring. My key ring has been kicking around for some 20 years and I have no idea when this would have happened.

The fix is to remove the key from the trust database thusly. First export the trust database and move it out of the way:

1
2
gpg --export-ownertrust > ownertrust-gpg.txt
mv ~/.gnupg/trustdb.gpg ~/.gnupg/trustdb.gpg-broken

Edit ownertrust-gpg.txt and removed the problem key. It should be the one that ends in 00000. Then import the edited file, which will recreate the database:

1
gpg --import-ownertrust ownertrust-gpg.txt

And you should be good to go.

Comments