This question already has answers here:
How to circumvent "apt-key output should not be parsed"?
(4 answers)
Closed 4 years ago.
Lately, I'm getting this error when building Ubuntu/Debian based containers:
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.jZsMrv3GZH/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
mgpg: cannot open '/dev/tty': No such device or address
When I'm calling the apt-key commands such as these:
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
I could use apt with an untrusted option so I wouldn't need the key at all, but that sounds as a dirty solution.
When using gpg directly I probably could use the --no-tty or --batch options to fix it, but what is the somewhat clean way to do it with apt-key command which is a wrapper for the pgp?
I think I got it, at least until the GPG or APT-KEY will be fixed I could use this workaround which does modify the apt-key script in place.
For the more fancier apt-key this will work, quickly tested on debian:
sed -i "s%{GPG_EXE}\")' --%{GPG_EXE}\")' --batch --%g" /usr/bin/apt-key
While for the basic apt-key this could work (untested as I can't recall exactly where I seen this simpler variant):
sed -i 's%GPG_CMD="gpg %GPG_CMD="gpg --batch %g' /usr/bin/apt-key
You need privileges to write to the the /usr/bin/apt-key so ither run as root or use sudo
Related
This is a snippet of a Dockerfile that is exhibiting an error that I don't understand:
FROM dorowu/ubuntu-desktop-lxde-vnc
LABEL maintainer "bpinaya#wpi.edu"
# Adding keys for ROS
RUN sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list'
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
Gives this result
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
---> Running in 7bb30729ec87
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.HkofyyhjvI/gpg.1.sh --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file or directory
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.HkofyyhjvI/S.dirmngr' failed: No such file or directory
gpg: keyserver receive failed: No dirmngr
The command '/bin/sh -c apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116' returned a non-zero code: 2
According to this post here, you need to install dirmngr. I also needed to install gnupg in order to get this to work on my local docker container when testing.
I updated your Dockerfile code below with my changes:
FROM dorowu/ubuntu-desktop-lxde-vnc
LABEL maintainer "bpinaya#wpi.edu"
# Update
RUN apt-get update && \
apt-get upgrade -y
# Install required packages
RUN apt-get install -y \
dirmngr \
gnupg
# Adding keys for ROS
RUN sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list'
RUN apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
This gave me the following output on the last step:
Step 6/6 : RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
---> Running in a0cfb3588173
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.USze27holj/gpg.1.sh --keyserver hkp://pgp.mit.edu:80 --recv-key 421C365BD9FF1F717815A3895523BAEEB01FA116
gpg: key 5523BAEEB01FA116: public key "ROS Builder <rosbuild#ros.org>" imported
gpg: Total number processed: 1
gpg: imported: 1
Occasionally this reports back with the following error:
gpg: keyserver receive failed: Cannot assign requested address
That error doesn't seem consistent though, so it could be something with my own network connection.
I wanted to comment but don't have enough reputation to. Please consider my answer as an appendix to #brian-elliott 's answer. Dirmngr seems to have some strange default setup to use tor or some non-standard DNS. So make sure you have something like this:
standard-resolver
keyserver keyserver.ubuntu.com
keyserver keys.gnupg.net
in your ~/.gnupg/dirmngr.conf
The following command seems to work when running it in a shell
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
but fails when executed in a Dockerfile as follows:
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.1CIuj3LUOP/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
gpg: cannot open '/dev/tty': No such device or address
The specific Dockerfile RUN commands executes on a openjdk:8 image which in turn draws from buildpack-deps:stretch-scm
Solved by adding --no-tty on the apt-key adv command also;
Any idea however why this was happening?
I am following the instructions for installing Yarn on CircleCI, but CircleCI is showing these errors when trying to check the key server:
sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.j5q2IRFiKK --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d//apt.postgresql.org.gpg --keyserver pgp.mit.edu --recv D101F7899D41F3C3
gpg: requesting key 9D41F3C3 from hkp server pgp.mit.edu
gpgkeys: key D101F7899D41F3C3 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3 returned exit code 2
Action failed: sudo apt-key adv --keyserver pgp.mit.edu --recv D101F7899D41F3C3
The error message means that GPG couldn't load the public GPG key used to verify the package signatures. Try doing this instead:
sudo apt-key adv --fetch-keys http://dl.yarnpkg.com/debian/pubkey.gpg
The issue is that the pgp.mit.edu keyserver sometimes has outages, which results in the error message you're seeing. Loading the GPG key via URL should be more reliable.
Unable to install docker with:
sudo sh -c "echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list"
error log:
GPG error: https://get.docker.com docker Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY D8576A8BA88D21E9
Seems like the getting started page has changed.
Aug 2017
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
https://docs.docker.com/engine/installation/linux/docker-ce/debian/#install-using-the-repository
Aug 2019
The link to the installation page has changed again
https://docs.docker.com/install/linux/docker-ce/debian
If don't want to use those commands from manual http://docs.docker.com/linux/step_one/:
$ sudo apt-get update
$ sudo apt-get install wget
$ wget -qO- https://get.docker.com/ | sh
there is what you need:
$ wget -qO- https://get.docker.com/gpg | sudo apt-key add -
PS:
https://docs.docker.com/installation/debian/
The apt has a set of trusted keys and sometimes we only need to add the one that is missing.
You could have added the key just by running the following command:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D8576A8BA88D21E9
Greetings.
Got the solution, I was trying to install docker 1.5 on a 32-bit Ubuntu, whereas the documentation says it needs 64 bit Ubuntu.
check here in Prerequisites section
I have trying to install rvm and I found the following message in the terminal after I typed this: curl -L https://get.rvm.io | bash -s stable
GPG signature verification failed for '/home/ephraim/.rvm/archives/rvm-1.26.3.tgz' - 'https://github.com/wayneeseguin/rvm/releases/download/1.26.3/1.26.3.tar.gz.asc'!
try downloading the signatures:
gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
or if it fails:
command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
the key can be compared with:
https://rvm.io/mpapis.asc
https://keybase.io/mpapis
How can I get rid of these problems?
Follow the instructions in the error and run,
gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
You can download the signature and import manually.
Get the signature:
curl -#LO https://rvm.io/mpapis.asc
Import signature:
gpg --import mpapis.asc
This will resolve your problem.
Depending on your needs you may need to run:
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
Note gpg2, not gpg as mentioned in instruction. Here more details as found. This should be helpful. Make sure you run gpg command while logged in as the same OS user who makes rvm installation.