[SOLVED] Bug? Bookworm - Container Template debian-12-standard_12.0-1amd64.tar.zst

papatikka

Member
Jun 26, 2023
31
0
6
Hello,

Code:
pveversion --verbose
proxmox-ve: 8.0.1 (running kernel: 6.2.16-3-pve)
pve-manager: 8.0.3 (running version: 8.0.3/bbf3993334bfa916)
pve-kernel-6.2: 8.0.2
pve-kernel-5.15: 7.4-4
pve-kernel-6.2.16-3-pve: 6.2.16-3
pve-kernel-5.15.108-1-pve: 5.15.108-1
pve-kernel-5.15.102-1-pve: 5.15.102-1
ceph-fuse: 16.2.11+ds-2
corosync: 3.1.7-pve3
criu: 3.17.1-2
glusterfs-client: 10.3-5
ifupdown2: 3.2.0-1+pmx3
ksm-control-daemon: 1.4-1
libjs-extjs: 7.0.0-3
libknet1: 1.25-pve1
libproxmox-acme-perl: 1.4.6
libproxmox-backup-qemu0: 1.4.0
libproxmox-rs-perl: 0.3.0
libpve-access-control: 8.0.3
libpve-apiclient-perl: 3.3.1
libpve-common-perl: 8.0.5
libpve-guest-common-perl: 5.0.3
libpve-http-server-perl: 5.0.3
libpve-rs-perl: 0.8.3
libpve-storage-perl: 8.0.2
libspice-server1: 0.15.1-1
lvm2: 2.03.16-2
lxc-pve: 5.0.2-4
lxcfs: 5.0.3-pve3
novnc-pve: 1.4.0-2
proxmox-backup-client: 3.0.1-1
proxmox-backup-file-restore: 3.0.1-1
proxmox-kernel-helper: 8.0.2
proxmox-mail-forward: 0.2.0
proxmox-mini-journalreader: 1.4.0
proxmox-widget-toolkit: 4.0.5
pve-cluster: 8.0.1
pve-container: 5.0.4
pve-docs: 8.0.4
pve-edk2-firmware: 3.20230228-4
pve-firewall: 5.0.2
pve-firmware: 3.7-1
pve-ha-manager: 4.0.2
pve-i18n: 3.0.4
pve-qemu-kvm: 8.0.2-3
pve-xtermjs: 4.16.0-3
qemu-server: 8.0.6
smartmontools: 7.3-pve1
spiceterm: 3.3.0
swtpm: 0.8.0+pve1
vncterm: 1.8.0
zfsutils-linux: 2.1.12-pve1

when creating CT with following standard template

debian-12-standard_12.0-1amd64.tar.zst​

found in Proxmox VE 8.0.3 you can't run apt update or anything with apt because it says
Code:
Hit:1 http://deb.debian.org/debian bookworm InRelease
Hit:2 http://security.debian.org bookworm-security InRelease
Hit:3 http://deb.debian.org/debian bookworm-updates InRelease
Get:4 http://download.proxmox.com/debian/pve bookworm InRelease [2768 B]
Err:4 http://download.proxmox.com/debian/pve bookworm InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1140AF8F639E0C39
Reading package lists... Done
W: GPG error: http://download.proxmox.com/debian/pve bookworm InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1140AF8F639E0C39
E: The repository 'http://download.proxmox.com/debian/pve bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

No public key available, never encountered this issue before with running apt update. I encountered this problem for first time today.

When i google on this, all leads to incorrect way of solving this problem. It seems this problem occured before only when trying to install Proxmox VE INSIDE A DEBIAN HOST. That is not what I am doing.

And yes, I have added to /etc/apt/sources.list
Code:
deb http://deb.debian.org/debian bookworm main contrib

deb http://deb.debian.org/debian bookworm-updates main contrib

# Proxmox VE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription

deb http://security.debian.org bookworm-security main contrib


https://forum.proxmox.com/threads/wrong-gpg-key.103100/
Is the public key actually readable by apt? As apt may not use root to access it:

Code:
stat /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
stat: cannot statx '/etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg': No such file or directory

There is only one user and it's root.

There seems to be only archives in said path /etc/apt/trusted.gpg.d

Code:
/etc/apt/trusted.gpg.d# ls
debian-archive-bookworm-automatic.asc           debian-archive-bullseye-stable.asc
debian-archive-bookworm-security-automatic.asc  debian-archive-buster-automatic.asc
debian-archive-bookworm-stable.asc              debian-archive-buster-security-automatic.asc
debian-archive-bullseye-automatic.asc           debian-archive-buster-stable.asc
debian-archive-bullseye-security-automatic.asc

curl --silent http://download.proxmox.com/debian/pmg/dists/bookworm/InRelease
Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Architectures: amd64
Changelogs: https://metadata.cdn.proxmox.com/download/changelogs/pmg/dists/bookworm/@CHANGEPATH@.changelog
Codename: bookworm
Components: pmg-no-subscription pmgtest
Date: Thu, 29 Jun 2023 08:40:29 +0000
Label: Proxmox Mailgateway Debian Repository
Origin: Proxmox
Suite: stable
MD5Sum:
 e74474096fe86a468cfaaa45a7f75645            84950 pmg-no-subscription/binary-amd64/Packages
 d84b8f42f2a714ffc5262a9095cc667c            27897 pmg-no-subscription/binary-amd64/Packages.gz
 0bbb9c9b8a6dad220e1a889d3a5b000a            83918 pmgtest/binary-amd64/Packages
 39332566fb36b0da3abb08ba35dbe8a4            27855 pmgtest/binary-amd64/Packages.gz
SHA256:
 f1ffb3521e54de31b115da72d234f936e93d310f73e612d93db7051c18a41a7a            84950 pmg-no-subscription/binary-amd64/Packages
 41bd550849b51d62c7f61307abec8180dabaaeed0e4339346847961656b1ab27            27897 pmg-no-subscription/binary-amd64/Packages.gz
 9786cc132d152f0519b7056e00ab67906f38a56543bc3e93cb0f148262fe16f4            83918 pmgtest/binary-amd64/Packages
 2dbebaeca1f52882eed12e74370b3445b786ad9cbf2c13d2cfcacec1000d6ca8            27855 pmgtest/binary-amd64/Packages.gz
SHA512:
 b1fdd275707a899daf6c487cb27293a32e06de6899627bfe020bb870e375b7dbe645c5b7701fe5b2ccf1eb8e1d5242a552d760b9cce0cda43a49cd68966d6db3            84950 pmg-no-subscription/binary-amd64/Packages
 934c93572794d58f86c59c528390cd4c2db8b5c18c601dedd834e33a0f3411f98247abd4dd118914adfe606304ea05cfcc989ee77be2017634fd2fca7bd1c503            27897 pmg-no-subscription/binary-amd64/Packages.gz
 d48abbfd5287ab39a1f09e8cd445dee6cd435d89b1796e149414a21f3679eda03908ceac8b7b7826e3c1081f2fee3c69541e21afefb038c0fa6e5d97ce325228            83918 pmgtest/binary-amd64/Packages
 b328181ad44b201fdf3626cde2a859865ec492db6e1bfff538a8f1a209b0d5540d94f5552c15c5e20e0db966c444bf07546f2c8289a3731bfefbf452b237da2e            27855 pmgtest/binary-amd64/Packages.gz
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE9OE2xnzc5Brm3m/IEUCvj2OeDDkFAmSdQ4EACgkQEUCvj2Oe
DDlguQ/8CezDZGaTw+rX7JFvzuXfi6+6+YuOpcTmLm1WnAJvddIiMkPjXMzMlKWu
tvcjBPfldj1qeHNUMUcCqS77pHwaib6/ofXifpW3MDCvYaM42YT/DDOddFWeDpns
a5lIxx5UT6EPtxJ55FBWIjTkCnW/dca5/IlkAAmcLYkC9nJKU2nzv4/c2Fr5f9r3
po/IkRtbbfj1DWy+rpDunp3P+l1Jn0GZhxn0SuvBBRYQEkwXgxSQvC6u5wLq2PNr
MlfpLvKaALKpBme2qM+4M6obKKHjRocUn9nrfzzHpDgKz2XkXrMGabWT3gnUbAJK
UL8y0j4xx5qemDEOY+1P6aItX1sou7+aHBipOCa8O2jchwbWd0B1rlRUI920+a4m
kbqRsdLQd1hkIY/D6qDFAKr9BloX/C9XgA/k8/SQKtHOKibOhoKoJRKr0WiA5JWU
oQh87BriKSX4JuoKFIJIfvxBnIVs1FwZXg/qFM64NaJjXXkZLX/Hf+vP9Y81ET8W
n9Y+wRbzm33nPU4dwglb0W51n/QjQzj/LM/3ndl7or+6bW6U2fvcEE/DqKNT7kGd
6G4MbvD1laJqCXVKV0xzOyJQfWlHkQbfQuv2ywmrnQCw0yMKsyZypO7HjEcpzeTw
lg6QEDuPRx9ASizHqbMQHe4pe0JhSsigBxC3AiYWvJwir2uLidg=
=R36J
-----END PGP SIGNATURE-----

seems to be ok! Checking with sq tool

Code:
sq verify --signer-cert /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
Error: Failed to load certs from file "/etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg"

Caused by:
    0: Reading "/etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg": No such file or directory (os error 2)
    1: No such file or directory (os error 2)

Code:
cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

How do I proceed from here?
 
Last edited:
Solution:

Type in following command in your container terminal
Code:
wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
 
the Debian template does not contain an APT repo entry for the PVE repository.. if you add the PVE repository (why? in a container?) then you also need to provide the matching key..
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!