Can't build container with sudo

Question

Can't build container with sudo

aloneguid opened this issue a year ago · 8 comments

I'm getting the following error trying to build my custom image with sudo:

 [3/8] RUN apt-get update     && apt-get install -y sudo     && echo 'kasm-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers     && rm -rf /var/lib/apt/list/*:
0.232 Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
0.232   Temporary failure resolving 'archive.ubuntu.com'
0.232 Err:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease
0.232   Temporary failure resolving 'archive.ubuntu.com'
0.232 Err:3 http://archive.ubuntu.com/ubuntu focal-backports InRelease
0.232   Temporary failure resolving 'archive.ubuntu.com'
0.232 Err:4 http://security.ubuntu.com/ubuntu focal-security InRelease
0.232   Temporary failure resolving 'security.ubuntu.com'
0.232 Err:5 http://ppa.launchpad.net/kisak/turtle/ubuntu focal InRelease
0.232   Temporary failure resolving 'ppa.launchpad.net'
0.235 Reading package lists...
0.256 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal/InRelease  Temporary failure resolving 'archive.ubuntu.com'
0.256 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease  Temporary failure resolving 'archive.ubuntu.com'
0.256 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-backports/InRelease  Temporary failure resolving 'archive.ubuntu.com'
0.256 W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/focal-security/InRelease  Temporary failure resolving 'security.ubuntu.com'
0.256 W: Failed to fetch http://ppa.launchpad.net/kisak/turtle/ubuntu/dists/focal/InRelease  Temporary failure resolving 'ppa.launchpad.net'
0.256 W: Some index files failed to download. They have been ignored, or old ones used instead.
0.263 Reading package lists...
0.282 Building dependency tree...
0.285 Reading state information...
0.289 Package sudo is not available, but is referred to by another package.
0.289 This may mean that the package is missing, has been obsoleted, or
0.289 is only available from another source
0.289
0.289 E: Package 'sudo' has no installation candidate
------
Dockerfile:11
--------------------
  10 |
  11 | >>> RUN apt-get update \
  12 | >>>     && apt-get install -y sudo \
  13 | >>>     && echo 'kasm-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
  14 | >>>     && rm -rf /var/lib/apt/list/*
  15 |
--------------------
ERROR: failed to solve: process "/bin/sh -c apt-get update     && apt-get install -y sudo     && echo 'kasm-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers     && rm -rf /var/lib/apt/list/*" did not complete successfully: exit code: 100

archive.ubuntu.com is accessible and can be resolved from the build machine.

Dockerfile:

FROM kasmweb/core-ubuntu-focal:1.13.1
USER root

ENV HOME /home/kasm-default-profile
ENV STARTUPDIR /dockerstartup
ENV INST_SCRIPTS $STARTUPDIR/install
WORKDIR $HOME

######### Customize Container Here ###########

RUN apt-get update \
    && apt-get install -y sudo \
    && echo 'kasm-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
    && rm -rf /var/lib/apt/list/*

RUN touch $HOME/Desktop/hello.txt

######### End Customizations ###########

RUN chown 1000:0 $HOME
RUN $STARTUPDIR/set_user_permission.sh $HOME

ENV HOME /home/kasm-user
WORKDIR $HOME
RUN mkdir -p $HOME && chown -R 1000:0 $HOME

USER 1000

Answer 1 · 2023-07-19T11:54:01.000Z

0.232 Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
0.232 Temporary failure resolving 'archive.ubuntu.com'

This is going to be an issue with your local environment. DNS isnt working , so the system can't pull down the packages from the repos

Answer 2 · 2023-07-19T11:58:35.000Z

DNS is fine, in fact i'm building on Ubuntu server

nslookup archive.ubuntu.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   archive.ubuntu.com
Address: 91.189.91.39
Name:   archive.ubuntu.com
Address: 91.189.91.38
Name:   archive.ubuntu.com
Address: 185.125.190.39
Name:   archive.ubuntu.com
Address: 185.125.190.36
Name:   archive.ubuntu.com
Address: 2001:67c:1562::18
Name:   archive.ubuntu.com
Address: 2620:2d:4000:1::19
Name:   archive.ubuntu.com
Address: 2620:2d:4000:1::16
Name:   archive.ubuntu.com
Address: 2001:67c:1562::15

Answer 3 · 2023-07-19T12:00:46.000Z

Was that done from your host or from within a container?

Answer 4 · 2023-07-19T12:01:21.000Z

from the host where i'm building the image

Answer 5 · 2023-07-19T12:02:25.000Z

Try from within a container

Answer 6 · 2023-07-19T12:04:55.000Z

i'm not sure how to do it as container i'm using kasmweb/core-ubuntu-focal:1.13.1 doesn't seem to have anything installed, this is why i'm trying to modify the image.

Answer 7 · 2023-07-19T12:13:16.000Z

The point is, the containers generally don't deal with DNS themselves, its a system that is passed through from the host, but things can still go wrong , including firewall rules that block DNS from the bridged network the containers are on.
https://docs.docker.com/network/#dns-services

So, i suspect any container you test with, will likely have the same resolution problem
You can change the user of any container by using the --user flag. e.g --user root . I recommend doing a docker RUN on your preferred container ( a kasm one and not a kasm one) . Per the link above you can also specify DNS servers with the --dns flag if you want to test that

What is your exact build command?

Answer 8 · 2023-07-19T12:40:30.000Z

Sorry it seems like ubuntu server does not have network access for docker build but does for docker run. I'm not sure why, but running build on desktop, pushing to registry, and running back on ubuntu server works just fine.