Please actually follow the error message and check that the keyring
permissions are correct.

** Changed in: apt (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1979139

Title:
  apt-get update fails inside docker container

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  A docker image built with "debootstrap jammy" fails when running "apt-
  get update".

  1) lsb_release -rd
  Description:    Ubuntu 20.04 LTS
  Release:        20.04

  2)
  # apt-cache policy docker.io
  docker.io:
    Installed: 19.03.8-0ubuntu1.20.04.1
    Candidate: 20.10.7-0ubuntu5~20.04.2
    Version table:
       20.10.7-0ubuntu5~20.04.2 500
          500 http://mirror.localnet:8055/ubuntu-security 
focal-security/universe amd64 Packages
   *** 19.03.8-0ubuntu1.20.04.1 100
          100 /var/lib/dpkg/status
       19.03.8-0ubuntu1 500
          500 http://mirror.localnet:8055/ubuntu focal/universe amd64 Packages

  # docker run --rm -ti ubuntu:jammy apt-cache policy apt
  apt:
    Installed: 2.4.5
    Candidate: 2.4.5
    Version table:
   *** 2.4.5 500
          500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
          100 /var/lib/dpkg/status

  3) I would expect, that "apt-get update" updates the package lists, as
  in

  # docker run --rm -ti ubuntu:focal apt-get update
  Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
  Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB]
  Fetched 506 kB in 1s (464 kB/s)         
  Reading package lists... Done

  4) Instead, it fails with

  # docker run --rm -ti ubuntu:jammy apt-get update
  Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
  Err:1 http://archive.ubuntu.com/ubuntu jammy InRelease
    The following signatures couldn't be verified because the public key is not 
available: NO_PUBKEY 871920D1991BC93C
  Reading package lists... Done
  W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the 
keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as 
the file is not readable by user '_apt' executing apt-key.
  W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the 
keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as 
the file is not readable by user '_apt' executing apt-key.
  W: An error occurred during the signature verification. The repository is not 
updated and the previous index files will be used. GPG error: 
http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures 
couldn't be verified because the public key is not available: NO_PUBKEY 
871920D1991BC93C
  W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease  
The following signatures couldn't be verified because the public key is not 
available: NO_PUBKEY 871920D1991BC93C
  W: Some index files failed to download. They have been ignored, or old ones 
used instead.

  5) To reproduce:

  # mkdir jammy-jellyfish
  # debootstrap jammy jammy-jellyfish
  ...
  # tar -C jammy-jellyfish -c . | docker import - ubuntu:jammy
  # docker run --rm -ti ubuntu:jammy apt-get update

  Doing the same with focal, works as expected:

  # mkdir focal-fossa
  # debootstrap focal focal-fossa
  ...
  # tar -C focal-fossa -c . | docker import - ubuntu:focal
  # docker run --rm -ti ubuntu:focal apt-get update
  Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
  Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB]
  Fetched 506 kB in 1s (963 kB/s)        
  Reading package lists... Done

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1979139/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to