[root@CT102 ~]# pacman -S sudo
resolving dependencies...
looking for conflicting packages...

Packages (1) sudo-1.9.16.p2-2

Total Installed Size:  7.76 MiB

:: Proceed with installation? [Y/n] Y
(1/1) checking keys in keyring                                                                               [################################################################] 100%
warning: Public keyring not found; have you run 'pacman-key --init'?
downloading required keys...
error: keyring is not writable
error: required key missing from keyring
error: failed to commit transaction (could not find or read file)
Errors occurred, no packages were upgraded.

上面提示我们运行 pacman-key --init，运行个看看

[root@CT102 ~]# pacman-key --init
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/etc/pacman.d/gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: directory '/etc/pacman.d/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/53F21CFED766961EE6CC5B23078548EEE0862396.rev'
gpg: Done
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
[root@CT102 ~]# pacman -S sudo
resolving dependencies...
looking for conflicting packages...

Packages (1) sudo-1.9.16.p2-2

Total Installed Size:  7.76 MiB

:: Proceed with installation? [Y/n] Y
(1/1) checking keys in keyring                                                                               [################################################################] 100%
downloading required keys...
:: Import PGP key C06086337C50773E, "Jelle van der Waa <jelle@archlinux.org>"? [Y/n] Y
(1/1) checking package integrity                                                                             [################################################################] 100%
error: sudo: signature from "Jelle van der Waa <jelle@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/sudo-1.9.16.p2-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

这个时候我们 pacman-key --populate 即可。

[root@CT102 ~]# pacman-key --populate
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
  -> Locally signed 5 keys.
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: inserting ownertrust of 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
  -> Disabled 45 keys.
==> Updating trust database...
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   5  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   5  signed:  96  trust: 0-, 0q, 0n, 5m, 0f, 0u
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: (use option "--allow-weak-key-signatures" to override)
gpg: depth: 2  valid:  73  signed:  20  trust: 73-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2025-06-16
[root@CT102 ~]# pacman -S sudo
resolving dependencies...
looking for conflicting packages...

Packages (1) sudo-1.9.16.p2-2

Total Download Size:   1.88 MiB
Total Installed Size:  7.76 MiB

:: Proceed with installation? [Y/n] Y
:: Retrieving packages...
 sudo-1.9.16.p2-2-x86_64                                                        1923.0 KiB  2.05 MiB/s 00:01 [################################################################] 100%
(1/1) checking keys in keyring                                                                               [################################################################] 100%
(1/1) checking package integrity                                                                             [################################################################] 100%
(1/1) loading package files                                                                                  [################################################################] 100%
(1/1) checking for file conflicts                                                                            [################################################################] 100%
(1/1) checking available disk space                                                                          [################################################################] 100%
:: Processing package changes...
(1/1) installing sudo                                                                                        [################################################################] 100%
:: Running post-transaction hooks...
(1/3) Reloading system manager configuration...
(2/3) Creating temporary files...
(3/3) Arming ConditionNeedsUpdate...

最后不要忘了 pacman -Sy --needed archlinux-keyring 更新密钥环。

相关文档：https://wiki.archlinux.org/title/Pacman/Package_signing