我们新增Dark Mode(暗模式),(只是在晚上)可以改变MAC OS&Windows系统的暗模式实现切换;安卓和苹果手机是一样的。
Linux

docker 运行 ubuntu 22.04 出现 NO_PUBKEY 871920D1991BC93C

gyue2345·2022-08-11·205 次阅读··

   2022-08-11 22:21 LJY2345    抢沙发   隐藏边栏   黑色模式    205 
   评分 0 次,平均分 0.0    抢沙发   隐藏边栏   黑色模式
[收起] 文章目录

I added the key to the Ubuntu keyserver (for some reason, they didn't have the key for the Kitware apt repository, which was updated in 2022)

Running this should solve your problem now:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6AF7F09730B3F0A4
docker 运行 ubuntu 22.04 出现 NO_PUBKEY 871920D1991BC93C

以上这是非容器解决方法
https://askubuntu.com/questions/1389758/apt-get-update-fails-due-to-no-pubkey-6af7f09730b3f0a4

问题

在ubuntu22.04的容器里面运行apt update的时候出现了以下报错

 

[[email protected] docker-kubuntu]# docker run --rm -it ubuntu:22.04 bash
[email protected]:/# apt updateGet:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]                    
Err:1 http://security.ubuntu.com/ubuntu jammy-security InRelease                   
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:2 http://archive.ubuntu.com/ubuntu jammy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]
Err:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [90.7 kB]
Err:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: GPG error: http://security.ubuntu.com/ubuntu jammy-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' is not signed.
N: Updating from such a repository can't be donesecurely, and is therefore disabled by default.
N: See apt-secure(8) manpage forrepository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy InRelease' is not signed.
N: Updating from such a repository can't be donesecurely, and is therefore disabled by default.
N: See apt-secure(8) manpage forrepository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates InRelease' is not signed.
N: Updating from such a repository can't be donesecurely, and is therefore disabled by default.
N: See apt-secure(8) manpage forrepository creation and user configuration details.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) inthe keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt'executing apt-key.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports InRelease' is not signed.
N: Updating from such a repository can't be donesecurely, and is therefore disabled by default.
N: See apt-secure(8) manpage forrepository creation and user configuration details.
E: Problem executing scripts APT::Update::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'E: Sub-process returned an error code

 

原因

经过查询,发现是ubuntu21.10和fedora35开始使用glibc2.34甚至更高的版本。在glibc2.34版本里面,开始使用一个名为clone3的系统调用。通常情况下,容器里面所有的系统调用都会被docker捕获,然后docker决定如何处理它们。如果docker中没有为特定系统调用指定策略,则默认的策略会通知容器这边"Permission Denied"。但是,如果 Glibc 收到此错误,它不会回退。它仅在收到响应“此系统调用不可用”时才执行此操作。

解决

办法一

运行容器的时候,加上这个参数来绕过docker系统调用限制

--security-opt seccomp=unconfined

不过这会有很大的问题,一个是你的容器将变得不安全,另一个是这些参数在构建镜像的时候是不可用的。所以,请参考办法二

办法二

将docker升级到20.10.8以上的版本(> 20.10.8)

由于生产环境调整docker版本不是一件容易的事情,所以生产环境在构建镜像时候要避免使用ubuntu21.10和fedora35以更高版本的镜像,以及使用它们作为基础镜像的其他镜像。目前官方大部分镜像基于debian,后续要确认debian系列镜像是否受此影响

参考: https://stackoverflow.com/questions/71941032/why-i-cannot-run-apt-update-inside-a-fresh-ubuntu22-04

参考: https://pascalroeleven.nl/2021/09/09/ubuntu-21-10-and-fedora-35-in-docker/

参考: https://github.com/moby/moby/pull/42681

赞赏

历史上的文章

除特别注明外,本站所有文章均为LJY IT BLOG原创,转载请注明出处来自https://www.ljy2345.com/2022/08/docker-run-ubuntu-22-04-appear-no_pubkey-871920d1991bc93c/

博 主作者: 关注:6    粉丝:1最后编辑于:2022年9月1日
LJY IT BLOG的站长。

扫一扫打赏

支付宝扫一扫打赏

微信扫一扫打赏

view comments - NOTHING
🌙
😃

切换注册
忘记密码 ?

×

您也可以使用第三方帐号快捷登录

切换登录

×
扫一扫二维码分享
下载海报
  切换主题 | SCHEME TOOL