Why I cannot run `apt update` inside a fresh ubuntu:22.04?

Question

I currently don't manage to run apt update inside a fresh ubuntu:22.04 (codename jammy).

Protocol

$ docker --version
Docker version 20.10.2, build 2291f61

$ docker run --init --rm -it ubuntu:22.04
root@123456789:/# apt update

Observed

$ docker run --init --rm -it ubuntu:22.04
root@6444bf2cb8b4:/# apt update
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [90.7 kB]            
Get:3 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [90.7 kB] 
Get:4 http://security.ubuntu.com/ubuntu jammy-security InRelease [90.7 kB]             
Get:5 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1792 kB]       
Get:7 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]           
Get:8 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]             
Fetched 20.2 MB in 1s (17.6 MB/s)                                                           
Reading package lists... Done
E: Problem executing scripts APT::Update::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
E: Sub-process returned an error code
root@6444bf2cb8b4:/# 

Expected

apt update pass like on a ubuntu:20.04 base image...

note: same issue with apt-get install ...

ref: https://hub.docker.com/_/ubuntu

Answer 1

Seems this is related to the use of the syscall clone3 by Glibc >= 2.34...

So you need Docker >= 20.10.9 to fix it.

ref: https://github.com/moby/moby/pull/42681
ref: https://pascalroeleven.nl/2021/09/09/ubuntu-21-10-and-fedora-35-in-docker/

Answer 2

I ran into the same issue. Here is my tactical work-around.

For context ...

I am working inside a Gitpod instance.

$ docker --version
Docker version 20.10.12, build e91ed57
$ docker pull ubuntu:22.04
$ docker run --rm -it ubuntu:22.04 /bin/bash

root@2fcf92fb7c84:/# apt update
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [90.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [90.7 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [90.7 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1792 kB]
Fetched 20.2 MB in 2s (11.1 MB/s)
Reading package lists... Done
E: Problem executing scripts APT::Update::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
E: Sub-process returned an error code

Quick nano install ...

Despite the error message above, the update was sufficient to install nano. I ignore the misleading error message at the end of the nano install.

root@3958950e9c57:/# apt install nano
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
  :
E: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
E: Sub-process returned an error code

My fix ...

I use nano to edit /etc/apt/apt.conf.d/docker-clean, commenting out the second line (APT::...). I subsequently ran into a similar error message with line 1 (DPkg::...); so, it too gets commented out.

It might be okay to just remove docker-clean all together; but for now, I have left one line in place.

Both '//' and '#' can be used to comment out lines.

root@3958950e9c57:/# nano /etc/apt/apt.conf.d/docker-clean

  .. nano session not shown ..

root@3958950e9c57:/# cat /etc/apt/apt.conf.d/docker-clean
# DPkg::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };
# APT::Update::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };
Dir::Cache::pkgcache ""; Dir::Cache::srcpkgcache "";

The results ...

The confusing message resulting from the now commented-out lines is gone.

root@beab61fbde20:/# apt update
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done

Required Improvement ...

A better solution would be to repair the line that I have commented out. I was not able to find the right edits; so, just left the line commented out.

In Docker ...

I use sed in lieu of nano.

FROM ubuntu:22.04
USER root

RUN sed -i -e 's/^APT/# APT/' -e 's/^DPkg/# DPkg/' \
      /etc/apt/apt.conf.d/docker-clean

Then, tag an adjusted Ubuntu image for local use.

docker build -t fixed-ubuntu:22.04 -f Dockerfile .

Answer 3

I upgraded docker engine to version 20.10.14 and it resolved the problem.