apt update fails on unprivileged docker arm container due to invalid gpg signature
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libseccomp (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
Running `apt update` in a ubuntu:20.04 docker container on raspberry pi fails with GPG errors.
Expected behaviour:
Successfully update the system through `apt update`
What happens instead:
`Err:1 http://
At least one invalid signature was encountered.`
Complete log:
https:/
How to reproduce:
On a Raspberry Pi 3b or 4b (and maybe others ?), run the following command:
`docker run ubuntu:latest apt update`
or more specifically:
`docker run arm32v7/
More information:
I can reproduce the bug on the following host systems:
* Raspberry Pi 3b running HypriotOS
* Raspberry Pi 4b running Raspbian GNU/Linux 10 (buster)
The problem does not happens on the following host system:
* Raspberry Pi 3b running Arch Linux Arm
description: | updated |
summary: |
- apt update fails on docker arm container 20.04 + apt update fails on unprivileged docker arm container due to + inaccessible clock |
summary: |
- apt update fails on unprivileged docker arm container due to - inaccessible clock + apt update fails on unprivileged docker arm container due to invalid gpg + signature |
The root cause of the problem [is in libseccomp
When][1]. The newer version fixes the problem, but it is not yet available in Debian's stable repos. There are two way to fix this problem:
**Method 1**
Start the container with `--privileged`. This bypasses docker's security measures, so it is not recommended.
**Method 2**
Upgrade libseccomp manually. Dowload version from unstable repos (I tested with 2.4.3-1) [here][2].
Uninstall the current version:
`sudo dpkg --force-all -P libseccomp2`
Install the new version:
`sudo dpkg -i libseccomp2_ 2.4.3-1+ b1_armhf. deb`
[1]: https:/ /github. com/moby/ moby/issues/ 40734 /packages. debian. org/sid/ libseccomp2
[2]: https:/