compile.sh ... NO_PUBKEY ... erorrs

[ag123]

While doing the build, I initially ran into various NO_PUBKEY ... error messages accessing security.ubuntu.com, archive.ubuntu.com repositories. e.g.

[🔨]   3.570 W: http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
[🔨]   3.570 W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
[🔨]   3.570 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
[🔨]   3.570 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy-updates/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
[🔨]   3.570 W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/jammy-backports/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
[🔨]   3.570 W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C

 

it turns out the reply in this post resolves the issue

https://askubuntu.com/questions/13065/how-do-i-fix-the-gpg-error-no-pubkey
 

Quote

 

Execute the following commands in terminal

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys PUBKEY

 

where PUBKEY is your missing public key for repository,. Then update

 

sudo apt-get update

 

 

 

 

Those using a system installed from the most recent Ubuntu DVD images probably wouldn't hit the issue.
But that if you are using an older distribution or that you are trying a build from a distribution other than Ubuntu, this may fix the issue and help 'jump the hoop'.

 

 

Edited November 21, 2023 by ag123

[ag123]

there is a different problem

https://keyserver.ubuntu.com/pks/lookup?search=871920D1991BC93C&fingerprint=on&op=index

Type bits/keyID            cr. time   exp time   key expir

pub (4)rsa4096/f6ecb3762474eda9d21b7022871920d1991bc93c 2018-09-17T15:01:46Z

uid Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>
sig  sig  871920d1991bc93c 2018-09-17T15:01:46Z ____________________ ____________________ [selfsig]
sig  sig  0bfb847f3f272f5b 2018-09-17T15:12:03Z ____________________ ____________________ 0bfb847f3f272f5b
sig  sig  7de50a8278ddc1f0 2021-12-06T22:39:23Z ____________________ ____________________ 7de50a8278ddc1f0

 

the public key used to sign the files is apparently expired. This is strange as then all the apt-get install commands will fail.

edit:

nope doesn't seem so

https://8gwifi.org/pgpdump.jsp

Key ID: 871920d1991bc93c
   Algorithm: RSA_GENERAL
   Fingerprint: f6ecb3762474eda9d21b7022871920d1991bc93c
   Encoded: 99020d045b9fc1da011000effc6c72b71fcb7125d8b8cd0cc0aa236c1c9ef35b341b59c4c7e973e95014a485199db92a7570470be770ac64bf09e78bb808cf44b53c028c44fe38ef655a7cc4518458761d925a97199fe025f3f97777c8501b591d910997c07c9bda4c1dffc041076c0be6338b3486e6de4c867a2dc34e382d7b5d104931dade89cf4386ae1fb9228c6a5fba598aae82bf5f41a216948a828c769ec44ba4587cdee897a1d22c596b317b557e1fe28e937d8f766154655e442f2428742c2793e421b9afc4189487b48999f654c7421084d31a0c75df75900636d9e1cf335179bd45a8d2d2564ad2fcf9ec010ccc846d410e6d9539217ae2379b2977df16a3392d74504dea932ec8d46dbaea47ab3f1823bc505ee37d48fa23bb5a2f2826b073bf243e23a4a442d206e95017da889c8bbee7a9c77916a2a2f7b0dd0b865308f34f9f03b193be83b1e2da6a565ce513a4da8d8bbe8df5b74293854b97b010c74bdba873c6c660fe0799bd36c0adc3fe3ac24a46686fe24368e80c9dc8743fdd957f7f75fd993dff48f2db25aba6920a7763377ab793de06ef99424fe637958d36e6a284d115ee595bd5986f634171bbd05577f04d974af3bb1a77ac88a70764d7d920a0ef0139c579305ee43fd9e4c3134bf41e51a7b64b998c6a300d99311d9412c5954ecdd642455697fd61052e929ad80429c39449ad0e2867f39f89f5f22733f6ee8d37c10011010001b4425562756e74752041726368697665204175746f6d61746963205369676e696e67204b657920283230313829203c6674706d6173746572407562756e74752e636f6d3e8902380413010a002205025b9fc1da021b03060b090807030206150802090a0b0416020301021e01021780000a0910871920d1991bc93c2c731000a4b6727c73ff959aa0239602b7f983a5076de38281ce43066d210ae1436565afe36eda19e8b708fb8bc340c62c25d977273976a13c9af8cc94e9a600a2a58f5b868374d809b4168d63de32704f65b9058246685c9effe8207b6d6461b75b07ce9b752d367e4980f03b027af10469ec345a665f58e908946deba1ab60d4713a1f55b0716e1adc90de19b5e2ef9befe71bd9bf722a2973ae8bc11764c6a7c9df60b2abed534b955a2090c6ec35b3886f8a6eeeaa08333840d960dcb1fba75e02ad1c406dce25be885182c578790aac21c74592e558e473cf8f62bc4eaa58e924def068746a9ac6d5157c64a6b2dca48ca67c95d5f00a9f87ccf5bca22f3400a2f0b42d9f4c30cb2b012ff8e40bc2dc810a4928632c59f55f57510a23baffb8e6644a19b40a79de191ff12301b22efc85536b06e999c1f21d040d6fdb6f8b638c502bcab85c2a11700f46fa9bf353d6155bb7119c36591a5d2ec0ec3bcfd3e44011792852a3583cf87c293e2baf98b46a68bc629e90605bf08ec403a529bcf82a03f41d234b752013f4374e9141cb357d4680404b73e831b2e73911851e29192667f9d1444fb3dd02310af38cbb05d638b7e5358dc488bc18f417607b2f044bef11a94a920a8bf7a40172ecd75edbbc51da0af99460dec9569d46326545c6121dc7a0859b77f11bc42335be6d7ab7bf62a2beb8e81c5e7cb5525c2d094ce5ad268f8902330410010a001d162104153f1c9ef1395fbf00352e8d0bfb847f3f272f5b05025b9fc443000a09100bfb847f3f272f5b6e170ffd1a069e820bc29f5e50a650016bce8e45e2404719c0c6968bdb6de92e48006c1600393ecf9938f0c070aa19e25918bcc042c18b73a5a44037a07b04023162e9fb5cce1e65011db64fb33dc4efa01cdfcd45017859063f0c2db7323913ac298299f4cff219eacca55c7807c58d6f93feb7db6d030c0047f94db39392de5a55e27930233bf103a5a7ab48162812fff6b73bb0bfaa59e2439d0124ab567f74d05b8085a4b43b6a7885c595d82360e5fec7544df356de2d50ed44ba0e53422442c14668e39bd28db1f3f76660cd9c5ee721346626758d99e6378b235174773091f8245410315daf4705f78512815196c82a1a1dd0014d10f97bfb8813248bd13f729bddd1341b6873d80f10d141d8048c26090c34836257cd9a94f8d862b6ecf99547b8b40881dfaac3f37acf02ed543828d8f73a157669aa64a34519ad05126ebfe5670c17803acb65d10968466e60441a7fc20b7ddc4d4087e409455b8c405ab3d273d9593c1f7066a099212ead688a5fc9f614562488b7f2516d37df94cdf3c67df7e82f43e03248016ef11793fe543300f44f3512e3a409397b516e333418a0125c6303f4b230083b50169a0b8f23528b7e75675e7b13e4960c6c6d8308b1c8fce22f9e946af2ff79e60959e4bf5aabc6cd9cec02d812ba31552ca5b251a462d0dbd85b787f239d13ce3d0f926f06b60bcfd94a805afcbe891a5e510da38b435c8901330410010a001d1621044b96e0121d08b6fc46eb2b0d7de50a8278ddc1f0050261ae911b000a09107de50a8278ddc1f093ea0800a8f6a80eb10e85c67b31c1625c4966cee868bbc802e3d97f53e8f261a6b6c6f5cebd7f2e3d1db064965d905411ff88911ccfab1af5311f62863e9bdcd70ccbb89dedd7ac3dede352109b3f3c7fbb9c4c899a6596ef7a9951d9c5d547e0cdf031f7e6aa1b1e0d26d595c33e119250fe3443675bd629679e2d321e760014eae0b4d368fad55a8bdbfe8995c9ba802f5989b22992dc98213ec963b3d17bfad7f393b0613abeb1c3dc055aa59a09eac5508c8e165bd6196844cd7be61fdd0b0b8534152018ba6d5d720b4472062fc88e94bc391c2db22b71d811a3ba8491b13fb404b7d52444e66bbddb4fef5e580170e0545a338dc450ffa93b30dcca21f86cfd8f
   Creation Time: Mon Sep 17 15:01:46 UTC 2018
   Bit Strength: 4096
   Has Revocation: false
   Has EncryptionKey: true
   Has MasterKey: true
   UserId: Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>

 

Edited November 21, 2023 by ag123

[ag123]

I tried downloading the keys

https://keyserver.ubuntu.com/pks/lookup?search=871920D1991BC93C&fingerprint=on&op=index

and following this

https://askubuntu.com/questions/1286545/what-commands-exactly-should-replace-the-deprecated-apt-key

Quote

Create a keyring

gpg --no-default-keyring --keyring ./teamviewer_keyring.gpg --import teamviewer.key

This file is still not a valid key that can be added to /etc/apt/trusted.gpg.d/ since it's a keyring, but from the keyring we can extract the key with

gpg --no-default-keyring --keyring ./teamviewer_keyring.gpg --export > ./teamviewer.gpg

This file is the key you want to move to the trusted key folder

sudo mv ./teamviewer.gpg /etc/apt/trusted.gpg.d/

 

 

generated a gpg key file, placed it in /etc/apt/trusted.gpg.d

the keys can be checked using

apt-key list

 

but that it didn't seem to fix the problem when run from a docker container. Apparently, the userid that docker build used to run apt-get update and apt-get install ... , is not root, and there are errors reading the gpg key files. It could be due to an older docker engine that I'm running. The docker client is from Ubuntu jammy 22.04

Edited November 21, 2023 by ag123

[ag123]

keys that promts with NO_PUBKEY errors can be manually retrieved like such

 

use a keyserver e.g.

https://keyserver.ubuntu.com/

key in the PUBKEY and search/retrieve the public key

looks like this

https://keyserver.ubuntu.com/pks/lookup?search=23F3D4EA75716059&fingerprint=on&op=index

you can probably download that (an asc file, clicking on the pub link. That is the public key in an 'armored ascii' format
and perhaps use

https://8gwifi.org/pgpdump.jsp

to dump/verify it again.

the key (the .asc file) can be converted and installed for apt as in the prior comment.

[Gunjan Gupta]

2 hours ago, ag123 said:

It could be due to an older docker engine that I'm running

Yeah, I will suggest to update the system if possible. Opensuse 15.1, 4.12 kernel and docker 19.03 all are quite old. You will have better experience if you can update to latest version of opensuse and docker. You might either need support for rootless containers or run the container with --privileged to make sure all the necessary privileges are there

[ag123]

 

thanks Gunjan Gupta,

yeah, I'd need to upgrade the distribution, has posponed it for a very long time. A trouble is I've got a lot of other stuff installed in the same system, though in different partitions / filesystems.

An upgrade would likely break quite a few stuff, hence I'd need to schedule that.