我正在Docker中尝试使用Ubuntu 20或Ubuntu 22。我的Dockerfile是:
from ubuntu:22.04
run DEBIAN_FRONTEND=noninteractive apt update
我用docker build .构建了这个。结果是:
Sending build context to Docker daemon 2.048kB
Step 1/2 : from ubuntu:22.04
---> 2dc39ba059dc
Step 2/2 : run DEBIAN_FRONTEND=noninteractive apt update
---> Running in b15002ae9dd5
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://security.ubuntu.com/ubuntu jammy-security
InRelease [110 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [114 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB] Err:1 http://archive.ubuntu.com/ubuntu jammy InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
我收到这个消息重复了好几次,直到我得到:
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
我曾尝试将chmod a+rwx /etc/apt -R作为Dockerfile中的第一个run命令,但没有任何区别。
我还明确运行了docker pull ubuntu:22.04,它说它已经是最新的了。我对ubuntu:20.04图像也有同样的问题。
我已经咨询了所有其他提到这个问题的网络来源,但他们都要求我能够运行apt install apt-key或其他东西,但我无法更新apt,所以什么都不起作用,除了搜索引擎点击的前3页只是显示如何在Ubuntu上安装Docker,而不是相反。
我也试过--security-opt seccomp:unconfined,正如在另一个答案中提到的。以Error response from daemon: The daemon on this platform does not support setting security options on build回应。
所以我的映像没有curl、wget或gnupg,如果没有这些功能,我就无法安装它。当我用apt-key做任何事情时,我得到:E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
我已经设法从deb文件手动安装了gnupg,并手动接收了密钥,这给出了类似的错误消息:
# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93C
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.rQuYmKpjpo/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93C
gpg: requesting key 991BC93C from hkp server keyserver.ubuntu.com
gpg: key 991BC93C: public key "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
W: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '' executing apt-key.
我也试着把/etc/apt/source.list降到最低。同样的问题。
如何从主机添加所需密钥?
作为第二个问题,如何打破这样一种主流工具和分发?每个人都转向其他事情了吗?是什么?我没有很好的互联网接入,所以跟上计算机世界正在发生的事情是一个挑战。
只需升级主机上的docker即可。https://docs.docker.com/engine/install/ubuntu/
这是一个罕见的不兼容的新系统调用来保护密钥,而旧的Docker不支持。没有办法将Ubuntu补丁到旧的Docker上,我花了半天时间尝试。