[Bug 1979139] Re: apt-get update fails inside docker container
Julian Andres Klode
1979139 at bugs.launchpad.net
Wed Jun 22 20:59:03 UTC 2022
Closing as invalid then. I think docker/runc got improved so this
hopefully doesn't happen again with future new syscalls, but also not
sure.
** Changed in: apt (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1979139
Title:
apt-get update fails inside docker container
Status in apt package in Ubuntu:
Invalid
Bug description:
A docker image built with "debootstrap jammy" fails when running "apt-
get update".
1) lsb_release -rd
Description: Ubuntu 20.04 LTS
Release: 20.04
2)
# apt-cache policy docker.io
docker.io:
Installed: 19.03.8-0ubuntu1.20.04.1
Candidate: 20.10.7-0ubuntu5~20.04.2
Version table:
20.10.7-0ubuntu5~20.04.2 500
500 http://mirror.localnet:8055/ubuntu-security focal-security/universe amd64 Packages
*** 19.03.8-0ubuntu1.20.04.1 100
100 /var/lib/dpkg/status
19.03.8-0ubuntu1 500
500 http://mirror.localnet:8055/ubuntu focal/universe amd64 Packages
# docker run --rm -ti ubuntu:jammy apt-cache policy apt
apt:
Installed: 2.4.5
Candidate: 2.4.5
Version table:
*** 2.4.5 500
500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
100 /var/lib/dpkg/status
3) I would expect, that "apt-get update" updates the package lists, as
in
# docker run --rm -ti ubuntu:focal apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB]
Fetched 506 kB in 1s (464 kB/s)
Reading package lists... Done
4) Instead, it fails with
# docker run --rm -ti ubuntu:jammy apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Err:1 http://archive.ubuntu.com/ubuntu jammy InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
W: Some index files failed to download. They have been ignored, or old ones used instead.
5) To reproduce:
# mkdir jammy-jellyfish
# debootstrap jammy jammy-jellyfish
...
# tar -C jammy-jellyfish -c . | docker import - ubuntu:jammy
# docker run --rm -ti ubuntu:jammy apt-get update
Doing the same with focal, works as expected:
# mkdir focal-fossa
# debootstrap focal focal-fossa
...
# tar -C focal-fossa -c . | docker import - ubuntu:focal
# docker run --rm -ti ubuntu:focal apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB]
Fetched 506 kB in 1s (963 kB/s)
Reading package lists... Done
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1979139/+subscriptions
More information about the foundations-bugs
mailing list