SYSTEM UPDATES - 346 Packages Wont Install - HELP?

Hi All… I have been using Asahi on my MBP M1 for 9 months and it’s been very stable :] However for the last 3 to 4 days, whenever I check for System Updates, they download but do NOT give me the usual Reboot to Install at the end. After the download, it displays the following failure message:

Invalid package file:

package proton-vpn-gtk-app-4.7.3-1.fc40.noarch cannot be verified and repo protonvpn-fedora-stable is GPG enabled: /var/cache/PackageKit/40/metadata/protonvpn-fedora-stable-40-aarch64/packages/proton-vpn-gtk-app-4.7.3-1.fc40.noarch.rpm could not be verified. /var/cache/PackageKit/40/metadata/protonvpn-fedora-stable-40-aarch64/packages/proton-vpn-gtk-app-4.7.3-1.fc40.noarch.rpm: digest: SIGNATURE: NOT OK

I’m not highly skilled with Linux, so have no idea how to fix this Proton VPN issue… any help would be very appreciated :]

Also YES I use Proton VPN app… I had you guys help me install that the first day, and it’s been fine ever since.

Thanks
VAULT

Sorry all, I have checked around on the forum and see the issue is Proton VPN and an expired certificate. I just don’t know how to fix it… and it would appear I wont be able to install ANY updates again, until I resolve this… Anyone know how I can resolve… ?

Thanks, VAULT

I also see some else 6 months back had a similar issue and their solution was to “Removing Protonvpn solved the issue”.

Will removing Proton VPN (and later reinstalling it) solve my issue… ? And if, so how do I do that… ?

Thanks
VAULT

What would be overkill, just exclude the broken (or key interfered with) proton vpn package(s) with:

sudo dnf upgrade --exclude=proton-vpn\*

that means upgrade all packages available for upgrade except any who’s name started with “proton-vpn”.

Or you could just ignore that repo:

sudo dnf upgrade --disablerepo=protonvpn-fedora-stable

The 2nd one is probably the most straightforward since that ignores the entire proton repo and doesn’t leverage my ad hoc assumption that all those proton packages that have the expired key start with “proton-vpn” in their names.

NOTE that the --disablerepo argument works in a “one-shot” manner, it doesn’t modify the dnf configuration permanently. If you were to run another dnf command it would use the proton repo again

1 Like

Thank you Mark! What a legend!

This is what I love about Linux… if you know what you are doing that is :]

So I went with option two and update complete.

Thanks so much

VAULT