Hello,
I had a few issues with building a bookworm container using the
debian:bookworm image (problems with repository signatures and lzma
decompression errors) on a buster docker host.
The buster and bullseye containers seem to work like a charm though.
So I went the bullseye -> upgrade to bookworm path with the Dockerfile
below. I apply a work-around in the Dockerfile ("fixing" the error with the
cleaning of the apt archives in /etc/apt/apt.conf.d/docker-clean), and
it fixed the repository GPG errors (it seems the /etc/apt/sources.list
in the debian:bookworm has direct key references that do not exist/do
not contain the correct keys).
But, the apparently last problem I can't seem to fix is the following:
dpkg-deb (subprocess): decompressing archive
'/var/cache/apt/archives/util-linux_2.38.1-5+b1_amd64.deb' (size=1176996)
member 'control.tar': lzma error: Cannot allocate memory
tar: This does not look like a tar archive
tar: Exiting with failure status due to previous errors
dpkg-deb: error: tar subprocess returned error exit status 2
dpkg: error processing archive
/var/cache/apt/archives/util-linux_2.38.1-5+b1_amd64.deb (--unpack): dpkg-deb
--control subprocess returned error exit status 2
dpkg-deb (subprocess): decompressing archive
'/var/cache/apt/archives/util-linux-extra_2.38.1-5+b1_amd64.deb' (size=110520)
member 'control.tar': lzma error: Cannot allocate memory
tar: This does not look like a tar archive
This is reproducible, this is not a transient error.
It seems as if libzma does not have enough RAM to do the decompression
here. I found notably an issue with 32 bit address space, but this is
amd64.
Also, the container has no specific limits (it is not better with
docker build -m 100g), and free reports:
total used free shared buff/cache available
Mem: 4024628 940056 208924 16012 3152384 3084572
Swap: 7811068 55552 7755516
So, is this some libzma config somewhere, or maybe a missing / changed
syscall which makes libzma thinks it does not have enough memory?
If I try to decompress, manually, with ar, then xz the above util-linux
downloaded deb, on a buster and bullseye container and there is no
issue, which seems to exclude a problem with cgroup limitations that I
didn't see.
Do you have maybe any idea (except upgrading the host to bullseye or
bookworm)?
Thank you.
FROM debian:bullseye
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get -y dist-upgrade \
&& sed -i 's/bullseye/bookworm/g' /etc/apt/sources.list \
&& rm -f /etc/apt/apt.conf.d/docker-clean \
&& apt-get update && apt-get -y upgrade \
&& echo update/upgrade done \
&& apt-get --purge -y autoremove \
&& echo purge done \
&& apt-get -y install procps \
&& free \
&& apt-get -y -u dist-upgrade \
&& echo dist-upgrade done \
&& apt-get install -y openssh-server rsyslog debian-goodies sudo vim
wget \
&& echo install done \
&& apt-get clean \
&& echo clean done
# disable klogd
RUN sed -i 's/^\(module.load="imklog"\)/#\1/' /etc/rsyslog.conf
# remove the privake key, will be generated by ds-admin ssh-base
# post-conf
# so that it is different for each VM
RUN rm /etc/ssh/ssh_host_*
COPY rc.local /etc/rc.local
RUN chmod 755 /etc/rc.local
# documentation
EXPOSE 22/tcp
CMD /etc/rc.local && tail -f /dev/null
