You also do not have the latest docker installed. Be aware that if the host system is older than the guest, various things can fail due to seccomp issues, the latest docker should always be used.
So please check with all updates installed in the host, the official ubuntu:jammy image, and using a chroot. I'm reasonably sure that you are just missing updates to docker and runc or whatever that allowlist the syscalls used by jammy glibc. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1979139 Title: apt-get update fails inside docker container Status in apt package in Ubuntu: Incomplete Bug description: A docker image built with "debootstrap jammy" fails when running "apt- get update". 1) lsb_release -rd Description: Ubuntu 20.04 LTS Release: 20.04 2) # apt-cache policy docker.io docker.io: Installed: 19.03.8-0ubuntu1.20.04.1 Candidate: 20.10.7-0ubuntu5~20.04.2 Version table: 20.10.7-0ubuntu5~20.04.2 500 500 http://mirror.localnet:8055/ubuntu-security focal-security/universe amd64 Packages *** 19.03.8-0ubuntu1.20.04.1 100 100 /var/lib/dpkg/status 19.03.8-0ubuntu1 500 500 http://mirror.localnet:8055/ubuntu focal/universe amd64 Packages # docker run --rm -ti ubuntu:jammy apt-cache policy apt apt: Installed: 2.4.5 Candidate: 2.4.5 Version table: *** 2.4.5 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status 3) I would expect, that "apt-get update" updates the package lists, as in # docker run --rm -ti ubuntu:focal apt-get update Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB] Fetched 506 kB in 1s (464 kB/s) Reading package lists... Done 4) Instead, it fails with # docker run --rm -ti ubuntu:jammy apt-get update Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease Err:1 http://archive.ubuntu.com/ubuntu jammy InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C Reading package lists... Done W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C W: Some index files failed to download. They have been ignored, or old ones used instead. 5) To reproduce: # mkdir jammy-jellyfish # debootstrap jammy jammy-jellyfish ... # tar -C jammy-jellyfish -c . | docker import - ubuntu:jammy # docker run --rm -ti ubuntu:jammy apt-get update Doing the same with focal, works as expected: # mkdir focal-fossa # debootstrap focal focal-fossa ... # tar -C focal-fossa -c . | docker import - ubuntu:focal # docker run --rm -ti ubuntu:focal apt-get update Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease Get:2 http://archive.ubuntu.com/ubuntu focal/main Translation-en [506 kB] Fetched 506 kB in 1s (963 kB/s) Reading package lists... Done To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1979139/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
