Public bug reported:
When building container images which require TLS certificates,
particularly under podman it is desirable to mount the hosts
/etc/ssl/certs directory into the container either during runtime or
during build.
This mount should normally be done read-only to prevent conflicting with
the host.
However, if the container then has an apt package install requested
which depends on ca-certificates, the installation will fail because the
post-install script fails due to update-ca-certificates being unable to
write to /etc/ssl/certs/ca-certificates.crt on the read-only mount. This
then blocks dependent package installs.
It should be possible to request skipping this process so ca-
certificates can be satisfied without needing to execute the ca-
certificates update immediately after installation.
** Affects: ca-certificates (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076308
Title:
Allow requesting not running update-ca-certificates during install
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/2076308/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
