I am trying to use Ubuntu 20 or Ubuntu 22 in Docker. My Dockerfile is:
from ubuntu:22.04
run DEBIAN_FRONTEND=noninteractive apt update
I build this with docker build .. The result is:
Sending build context to Docker daemon 2.048kB
Step 1/2 : from ubuntu:22.04
---> 2dc39ba059dc
Step 2/2 : run DEBIAN_FRONTEND=noninteractive apt update
---> Running in b15002ae9dd5
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://security.ubuntu.com/ubuntu jammy-security
InRelease [110 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [114 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB] Err:1 http://archive.ubuntu.com/ubuntu jammy InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
I get this message repeated several times, until I get:
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
I have tried to chmod a+rwx /etc/apt -R as the first run command in the Dockerfile but it made no difference.
I have also explicitly run docker pull ubuntu:22.04 and it said it was already up-to-date. I have the exact same problem with the ubuntu:20.04 image.
I have consulted all other web sources referring to this problem, but they all require me to be able to run apt install apt-key or something else, but I can't update apt to start with so nothing works, besides the first 3 pages of search engine hits just showing how to install Docker on Ubuntu and not the other way around.
I have also tried --security-opt seccomp:unconfined as mentioned in another answer. That responded with Error response from daemon: The daemon on this platform does not support setting security options on build.
So my image doesn't have curl, wget or gnupg and I can't install it without getting this working. When I do anything with apt-key I get: E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
I have managed to install gnupg manually from the deb file, and manually receiving the key, which gives a similar error message:
# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93C
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.rQuYmKpjpo/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93C
gpg: requesting key 991BC93C from hkp server keyserver.ubuntu.com
gpg: key 991BC93C: public key "Ubuntu Archive Automatic Signing Key (2018) <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
W: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '' executing apt-key.
I have also tried trimming down /etc/apt/source.list to the minimum. Same problem.
How can I add the required key from the host?
As a secondary question, how can such a mainstream tool, and distribution, be broken? Has everybody moved on to something else, and what is it? I do not have good internet access so keeping up to date with what is happening in the computer world is a challenge.
Just upgrade the docker on the host. https://docs.docker.com/engine/install/ubuntu/
This is a rare incompatibility of a new syscall to protect keys, that older Docker doesn't support. There is no way to patch Ubuntu to work on old Docker, I spent half a day trying.