Join Log in
Score:1
AntouanK avatar Server

apt-get fails to resolve url in docker container, even though the container can resolve it just fine!

jp flag
AntouanK

This is such a strange situation. I'm trying to build an image, and apt-get update fails. Network works fine though. DNS is fine, I can even wget the same urls just fine!!

See terminal output :

❯ docker run -i -t python /bin/bash

root@e0264555b919:/# apt-get update
Err:1 http://deb.debian.org/debian bullseye InRelease
  Temporary failure resolving 'deb.debian.org'
Err:2 http://deb.debian.org/debian-security bullseye-security InRelease
  Temporary failure resolving 'deb.debian.org'
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
  Temporary failure resolving 'deb.debian.org'
Reading package lists... Done
W: Failed to fetch http://deb.debian.org/debian/dists/bullseye/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://deb.debian.org/debian-security/dists/bullseye-security/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/bullseye-updates/InRelease  Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.

root@e0264555b919:/# wget http://deb.debian.org/debian/dists/bullseye-updates/InRelease
--2023-01-07 11:50:33--  http://deb.debian.org/debian/dists/bullseye-updates/InRelease
Resolving deb.debian.org (deb.debian.org)... 151.101.62.132, 2a04:4e42:f::644
Connecting to deb.debian.org (deb.debian.org)|151.101.62.132|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 44066 (43K)
Saving to: ‘InRelease’

InRelease                   100%[==========================================>]  43.03K  --.-KB/s    in 0.01s

2023-01-07 11:50:33 (3.84 MB/s) - ‘InRelease’ saved [44066/44066]

root@e0264555b919:/# head InRelease
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Origin: Debian
Label: Debian
Suite: stable-updates
Version: 11-updates
Codename: bullseye-updates
Date: Sat, 07 Jan 2023 08:40:57 UTC
Valid-Until: Sat, 14 Jan 2023 08:40:57 UTC

root@e0264555b919:/# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 1.1.1.1

root@e0264555b919:/#

Any idea on why it does that? I tried several debian based images, all the same issue!

1709
2 + 1
apt
AntouanK avatar
jp flag
AntouanK
it might be the permissions to /etc/resolv.conf. I can see it has an owner of 1000 when the root user has id 0. It obviously mounts the one I have in my host. https://github.com/moby/moby/issues/41229 But I cannot see why that makes apt/apt-get fail. wget works, curl works... Also apk on alpine images works fine.
0
Reply
Score:0
AntouanK avatar Server
jp flag
AntouanK

Apparently the issue was that the docker root directory was in an ntfs partition with user ownership ( not root ).

I moved it because / was running out of space, and it seems like the /etc/resolv.conf file is mounted on all containers. apt-get didn't like that for some reason and cannot read it.

I re-installed docker with /var/lib/docker as the default root directory, and debian containers work fine now.

So, I guess I need a root owned partition to be able to move the docker root directory.

+ 0
Score:-1
marlon avatar Server
cn flag
marlon

This errors after type "apt-get update" looks like have not outside access. Try to test it by e.g. curl -I https://google.com or just ping google.com

+ 9
AntouanK avatar
jp flag
AntouanK
Exactly, that is what I'm saying. It looks like access, but it's not! The curl command you gave me, works fine in that same container! But apt-get doesn't. Read the terminal output I pasted, you'll see what I mean.
0
Reply
marlon avatar
cn flag
marlon
Do you try use sudo? I know its root.
0
Reply
AntouanK avatar
jp flag
AntouanK
cannot do that. ❯ docker run -i -t python /bin/bash root@0d4f07365963:/# sudo apt-get update bash: sudo: command not found
0
Reply
marlon avatar
cn flag
marlon
In my opinion the sudo is the clue but Im not sure. Read this https://askubuntu.com/questions/440118/why-does-apt-get-require-sudo I have a sudo pkg on each my VM's. Type dpkg -l and check.
0
Reply
vidarlo avatar
ar flag
vidarlo
@marlon You use sudo to run it as root. Docker containers doesn't really have anything but root, and `sudo` is *not* the clue. Lack of privileges would not lead to this error message anyway; try it yourself - run `apt update` as normal user.
0
Reply
marlon avatar
cn flag
marlon
Maybe permissions to resources directory at etc/apt-get ? But it no make sense for user root.
0
Reply
marlon avatar
cn flag
marlon
See @vidarlo, the permissions in this case has been the solution.
0
Reply
vidarlo avatar
ar flag
vidarlo
@marlon I'd argue the issue likely was NTFS...
0
Reply
marlon avatar
cn flag
marlon
@vidarlo, and I'd argue the issue likely was permissions :-) I met this in VE systems, so I thought the sudo was reason.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.