jonknud commented 2 years ago

Details

Image version:

phusion/baseimage:jammy-1.0.0

What steps did you take and what happened:

I tryed to run apt install in the docker image.

It did not install the wanted packege

It though an error

In focal-1.2.0 this worked

What did you expect to happen:

It installs the packege

Anything else you would like to add:

I am not sure if it is an bug. But I could not find any solution via google search. Could it be related to the centos 7 host?

Additional Information:

me@pc-centos7:~/# docker run -ti phusion/baseimage:jammy-1.0.0 bash

root@bd69c484bb0e:/# apt update
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Err:1 http://security.ubuntu.com/ubuntu jammy-security InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]
Err:2 http://archive.ubuntu.com/ubuntu jammy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]
Err:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://security.ubuntu.com/ubuntu jammy-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Problem executing scripts APT::Update::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
E: Sub-process returned an error code

root@bd69c484bb0e:/# apt-get install nano
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package nano is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'nano' has no installation candidate

root@bd69c484bb0e:/# apt-get update
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Err:1 http://security.ubuntu.com/ubuntu jammy-security InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]
Err:2 http://archive.ubuntu.com/ubuntu jammy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://security.ubuntu.com/ubuntu jammy-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Problem executing scripts APT::Update::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
E: Sub-process returned an error code

root@bd69c484bb0e:/# apt-get install nano
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package nano is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'nano' has no installation candidate
root@bd69c484bb0e:/#

samip5 commented 2 years ago

That sounds like a bug, so I'm marking it as such. It would appear that the container is missing signatures, for some reason.

Have to look into why.

samip5 commented 2 years ago

It does work for me:

$ docker run -it --name test phusion/baseimage:jammy-1.0.0 bash
root@be9c8593e822:/# apt update
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]                     
Get:3 http://security.ubuntu.com/ubuntu jammy-security/universe Sources [1,655 B]   
Get:4 http://security.ubuntu.com/ubuntu jammy-security/restricted Sources [16.5 kB]
Get:5 http://security.ubuntu.com/ubuntu jammy-security/main Sources [47.0 kB]
Get:6 http://security.ubuntu.com/ubuntu jammy-security/multiverse Sources [5,126 B]   
Get:7 http://security.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [4,653 B]
Get:8 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [136 kB]   
Get:9 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [143 kB]
Get:10 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [66.0 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]                  
Get:12 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy/main Sources [1,668 kB]
Get:14 http://archive.ubuntu.com/ubuntu jammy/multiverse Sources [361 kB]
Get:15 http://archive.ubuntu.com/ubuntu jammy/restricted Sources [28.2 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy/universe Sources [22.0 MB]
Get:17 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
Get:18 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1,792 kB]
Get:19 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
Get:20 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]
Get:21 http://archive.ubuntu.com/ubuntu jammy-updates/restricted Sources [17.3 kB]
Get:22 http://archive.ubuntu.com/ubuntu jammy-updates/universe Sources [15.4 kB]
Get:23 http://archive.ubuntu.com/ubuntu jammy-updates/main Sources [73.6 kB]
Get:24 http://archive.ubuntu.com/ubuntu jammy-updates/multiverse Sources [5,126 B]
Get:25 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [108 kB]
Get:26 http://archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [4,653 B]
Get:27 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [230 kB]
Get:28 http://archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [143 kB]
Get:29 http://archive.ubuntu.com/ubuntu jammy-backports/universe Sources [1,139 B]
Get:30 http://archive.ubuntu.com/ubuntu jammy-backports/universe amd64 Packages [1,202 B]
Fetched 45.3 MB in 4s (11.2 MB/s)                             
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

jonknud commented 2 years ago

Thank you very much :-)

When will the update be in docker hub?

(If you are busy, no problem. I can use the release files)

samip5 commented 2 years ago

Thank you very much :-)

When will the update be in docker hub?

(If you are busy, no problem. I can use the release files)

I couldn't reproduce your issue, as it works fine without any changes and I used the same tag that's currently in docker hub aka phusion/baseimage:jammy-1.0.0.

jonknud commented 2 years ago

I tryed a little more. And your image works with docker-ce from docker.com on centos 7 but it does not work on the docker version from redhat / centos in centos 7.

The version from centos is old: Docker version 1.13.1.

I probably have to upgrade the docker version on the servers or wait for almalinux 8/9 ...

Thank you a lot for your help.

stas-sl commented 1 year ago

Hmm, I have the same issue... My host is Ubuntu 18.04, Docker 19.03, if it makes any difference.

Ahh, ok, this indeed seems to be related to old docker version: https://stackoverflow.com/questions/72624687/apt-get-update-fails-on-ubuntu-22-base-docker-image

samip5 commented 1 year ago

Hmm, I have the same issue... My host is Ubuntu 18.04, Docker 19.03, if it makes any difference.

Probably should update both Ubuntu and Docker.

I'm also locking this as it has been solved already, as one should be running up-to-date things.

phusion / baseimage-docker

apt does not work #612

Details