-
Notifications
You must be signed in to change notification settings - Fork 455
apt update fails on ubuntu:jammy unless --security-opt seccomp=unconfined is specified #236
Comments
@tnir, it looks like you hit this issue: https://bugs.launchpad.net/cloud-images/+bug/1943049 It should be fixed in latest docker.io package in archives. Can you try to update? |
@woky Thanks. Nothing is changed even with https://hub.docker.com/layers/ubuntu/library/ubuntu/latest/images/sha256-c27987afd3fd8234bcf7a81e46cf86c2c4c10ef06e80f0869c22c6ff22b29f9d?context=explore (linux/amd64) 🤔 :
|
You need to update Docker and libseccomp on your host (not just a newer
Docker image).
|
What versions are required of Docker and libseccomp? I'm hitting similar issues to the above using:
|
Definitely at least libseccomp 2.4.2 or newer, but possibly even as
high as 2.5.0.
|
Even with libseccomp 2.5.1-1ubuntu1~20.04.2, it does not work to me:
|
@tnir It seems you're running focal host with docker-ce package from https://docs.docker.com/engine/install/ubuntu/, not docker.io from Ubuntu archive, but you're not using the latest version. Your docker-ce is at Anyway, I've tried to replicate your setup with
so my versions are
And I still can't reproduce your bug:
Any suggestions to reproduce this? |
We can reproduce this. Neither 21.10 nor 20.04 have this issue, but |
Can you try to run the following commands and post output all?
|
@woky
(doesn't work)
(seems to work) 3:
(also works) That's not really an acceptable fix though, because running with |
|
@tnir it works fine with, doesn't work without, unless that's what you meant |
@tnir Can you run the following on your host and attach here resulting
Also, please post output of the following from your host
TIA EDIT: Please also attach output of |
I am running into this issue on: Trying to build with: Running in console:
I am unable to build and therefore cannot run with Please note: I have built on both: AWS EC2 Ubuntu
I've tried the following Ubuntu images with similar errors (in no particular order): The following seems to work: Edit*:
|
@srepollock i don't know what problem you're seeing there, but it's not the same as the ones the other people are discussing which is a problem with the clone3 syscall, which is only used in jammy and kinetic images -- if you're seeing the issue with focal, it's 100% something else so please file a new bug! |
This repository is no longer canonical; see #248 for more details. |
apt update
(orapt-get update
) fails onubuntu:jammy
(ubuntu@sha256:7599221e4e2e4eeb90ad282fc523139578f3dfea245b5049c4fee1b28776d2be
) if--security-opt seccomp=unconfined
is not specified.or
The text was updated successfully, but these errors were encountered: