This is a snippet of a Dockerfile that is exhibiting an error that I don't understand:
FROM dorowu/ubuntu-desktop-lxde-vnc
LABEL maintainer "bpinaya#wpi.edu"
# Adding keys for ROS
RUN sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list'
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
Gives this result
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
---> Running in 7bb30729ec87
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.HkofyyhjvI/gpg.1.sh --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file or directory
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.HkofyyhjvI/S.dirmngr' failed: No such file or directory
gpg: keyserver receive failed: No dirmngr
The command '/bin/sh -c apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116' returned a non-zero code: 2
According to this post here, you need to install dirmngr. I also needed to install gnupg in order to get this to work on my local docker container when testing.
I updated your Dockerfile code below with my changes:
FROM dorowu/ubuntu-desktop-lxde-vnc
LABEL maintainer "bpinaya#wpi.edu"
# Update
RUN apt-get update && \
apt-get upgrade -y
# Install required packages
RUN apt-get install -y \
dirmngr \
gnupg
# Adding keys for ROS
RUN sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list'
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
This gave me the following output on the last step:
Step 6/6 : RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
---> Running in a0cfb3588173
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.USze27holj/gpg.1.sh --keyserver hkp://pgp.mit.edu:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
gpg: key 5523BAEEB01FA116: public key "ROS Builder <rosbuild#ros.org>" imported
gpg: Total number processed: 1
gpg: imported: 1
Occasionally this reports back with the following error:
gpg: keyserver receive failed: Cannot assign requested address
That error doesn't seem consistent though, so it could be something with my own network connection.
I wanted to comment but don't have enough reputation to. Please consider my answer as an appendix to #brian-elliott 's answer. Dirmngr seems to have some strange default setup to use tor or some non-standard DNS. So make sure you have something like this:
standard-resolver
keyserver keyserver.ubuntu.com
keyserver keys.gnupg.net
in your ~/.gnupg/dirmngr.conf
Related
Trying to install docker image using dockerfile on top of Debian 10.3 and when run docker-compose up --build, I'm getting this issue:
> [mariadb:10.3.24 13/18] RUN set -ex; export GNUPGHOME="$(mktemp -d)"; for key in 177F4010FE56CA3336300305F1656F24C74CD1D8; do gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; done; gpg --batch --export 177F4010FE56CA3336300305F1656F24C74CD1D8 > /etc/apt/trusted.gpg.d/mariadb.gpg; command -v gpgconf > /dev/null && gpgconf --kill all || :; rm -r "$GNUPGHOME"; apt-key list:
------
failed to solve: rpc error: code = Unknown desc = executor failed running [/bin/sh -c set -ex; export GNUPGHOME="$(mktemp -d)"; for key in $GPG_KEYS; do gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; done; gpg --batch --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mariadb.gpg; command -v gpgconf > /dev/null && gpgconf --kill all || :; rm -r "$GNUPGHOME"; apt-key list]: exit code: 2
dockerfile:
FROM debian:10.3
...
ENV MARIADB_MAJOR 10.3
ENV MARIADB_VERSION 1:10.3.27-0+deb10u1
RUN set -ex; \
{ \
echo "mariadb-server-$MARIADB_MAJOR" mysql-server/root_password password "$MYSQL_ROOT_PASSWORD"; \
echo "mariadb-server-$MARIADB_MAJOR" mysql-server/root_password_again password "$MYSQL_ROOT_PASSWORD"; \
} | debconf-set-selections; \
apt-get update; \
apt-get install -y \
"mariadb-server=$MARIADB_VERSION" \
# mariadb-backup is installed at the same time so that `mysql-common` is only installed once from just mariadb repos
mariadb-backup \
socat \
; \
Anything related to specific package or other problem?
I am trying to install rvm in my Ubuntu 18.04.2 LTS and am getting error while installing gpg keys.
Command:
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
Error:
gpg: connecting dirmngr at '/run/user/1000/gnupg/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
dirmngr is installed.
You can run the same key using Sudo Command I am Sure the run and perfectly wrok
sudo apt-key adv --recv-keys --keyserver hkp://p80.pool.sks-keyservers.net:80 7638D0442B90D010
I am trying the command docker-compose up to start the Validator Node in my Hyperledger Sawtooth setup on my Ubuntu machine.
I am running this command behind my company's proxy.
When I use the command docker-compose up, I get the following output:
Building validator
Step 1/15 : FROM ubuntu:xenial
---> 4a689991aa24
Step 2/15 : RUN echo "deb http://repo.sawtooth.me/ubuntu/ci xenial universe" >> /etc/apt/sources.list && (apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 8AA7AF1F1091A5FD || apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 8AA7AF1F1091A5FD) && apt-get update
---> Using cache
---> 59b3dd0413ec
Step 3/15 : RUN apt-get install -y -q --allow-downgrades git python3 python3-stdeb
---> Using cache
---> fa792ef3800a
Step 4/15 : RUN apt-get install -y -q --allow-downgrades python3-grpcio python3-grpcio-tools python3-protobuf
---> Using cache
---> b21e9522d61d
Step 5/15 : RUN apt-get install -y -q --allow-downgrades python3-cbor python3-colorlog python3-cryptography>=1.7.1 python3-dev python3-lmdb python3-netifaces=0.10.4-0.1build2 python3-pyformance python3-secp256k1 python3-toml python3-yaml python3-zmq unzip
---> Using cache
---> bff0f3b39a0a
Step 6/15 : RUN curl -OLsS https://github.com/google/protobuf/releases/download/v3.5.1/protoc-3.5.1-linux-x86_64.zip && unzip protoc-3.5.1-linux-x86_64.zip -d protoc3 && rm protoc-3.5.1-linux-x86_64.zip
---> Running in 37e4dd702373
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: Service 'validator' failed to build: The command '/bin/sh -c curl -OLsS https://github.com/google/protobuf/releases/download/v3.5.1/protoc-3.5.1-linux-x86_64.zip && unzip protoc-3.5.1-linux-x86_64.zip -d protoc3 && rm protoc-3.5.1-linux-x86_64.zip' returned a non-zero code: 60
It says that the server verification failed and stops at step(6/15).
How do I fix this?
You need to install the key for the repository.
For the stable repository, use:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 8AA7AF1F1091A5FD
$ sudo add-apt-repository 'deb [arch=amd64] http://repo.sawtooth.me/ubuntu/bumper/stable xenial universe'
For the nightly, development repository use:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 44FC67F19B2466EA
$ sudo apt-add-repository 'deb [arch=amd64] http://repo.sawtooth.me/ubuntu/nightly xenial universe'
The following command seems to work when running it in a shell
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
but fails when executed in a Dockerfile as follows:
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.1CIuj3LUOP/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
gpg: cannot open '/dev/tty': No such device or address
The specific Dockerfile RUN commands executes on a openjdk:8 image which in turn draws from buildpack-deps:stretch-scm
Solved by adding --no-tty on the apt-key adv command also;
Any idea however why this was happening?
I am following the instructions for installing Yarn on CircleCI, but CircleCI is showing these errors when trying to check the key server:
sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.j5q2IRFiKK --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d//apt.postgresql.org.gpg --keyserver pgp.mit.edu --recv D101F7899D41F3C3
gpg: requesting key 9D41F3C3 from hkp server pgp.mit.edu
gpgkeys: key D101F7899D41F3C3 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3 returned exit code 2
Action failed: sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3
The error message means that GPG couldn't load the public GPG key used to verify the package signatures. Try doing this instead:
sudo apt-key adv --fetch-keys http://dl.yarnpkg.com/debian/pubkey.gpg
The issue is that the pgp.mit.edu keyserver sometimes has outages, which results in the error message you're seeing. Loading the GPG key via URL should be more reliable.