I have an issue with OpenSSL, I am using the following command to install the latest version of OpenSSL in my Base Docker Image of Azure ML Deployment as the older version has some critical security vulnerability. However, the final image still has the older versions of OPENSSL, it could either be that or AzureML is installing the packages by itself, can anyone tell me how to get past this issue? or delete older versions of OpenSSL?
FROM ubuntu:18.04
# Install dependencies:
RUN apt-get update && apt-get -y install openssl
To install OpenSSL based on the required version, we need to install PERL first, then go with the OpenSSL installation based on the version required.
# Install PERL before going with Open SSL
RUN apt-get update \
&& apt-get install -y ca-certificates wget bash \
&& apt-get -qy install perl
Remove the current existing version of OpenSSL
RUN apt-get -y remove openssl
Run the installation through TAR Command
RUN apt-get -qy install gcc
RUN apt-get -q update && apt-get -qy install wget make \
&& wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz\
&& tar -xzvf openssl-1.1.1o.tar.gz \
&& cd openssl-1.1.1o \
&& ./config \
&& make install
Based on the TAR file and the version, it will install the updated version of OpenSSL.
We can’t directly install using apt-get command.
Related
I just don't get it right ... I'm trying to create a docker-container with vagrant installed to lint my Vagrantfiles in a Gitlab CI pipeline. But all I get ist this result:
$ cd src/main/kube-cluster && vagrant validate
==> vagrant: A new version of Vagrant is available: 2.2.16 (installed version: 2.2.6)!
==> vagrant: To upgrade visit: https://www.vagrantup.com/downloads.html
No usable default provider could be found for your system.
Vagrant relies on interactions with 3rd party systems, known as
"providers", to provide Vagrant with resources to run development
environments. Examples are VirtualBox, VMware, Hyper-V.
The easiest solution to this message is to install VirtualBox, which
is available for free on all major platforms.
If you believe you already have a provider available, make sure it
is properly installed and configured. You can see more details about
why a particular provider isn't working by forcing usage with
`vagrant up --provider=PROVIDER`, which should give you a more specific
error message for that particular provider.
For full pipeline, see https://gitlab.com/sommerfeld.sebastian/v-kube-cluster/-/pipelines/304344599
My Dockerfile is rather simple
FROM ubuntu:focal
LABEL maintainer="sommerfeld.sebastian#gmail.com"
# Avoid beeing stuck at tzdata
ENV TZ="Europe/Berlin"
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN apt-get update \
&& apt-get install -y --no-install-recommends virtualbox=6.1.6-dfsg-1 virtualbox-qt=6.1.6-dfsg-1 virtualbox-dkms=6.1.6-dfsg-1 \
&& vboxmanage --version \
&& apt-get install -y --no-install-recommends ca-certificates=20210119~20.04.1 \
&& apt-get install -y --no-install-recommends curl=7.68.0-1ubuntu2.5 \
&& apt-get install -y --no-install-recommends libcurl4=7.68.0-1ubuntu2.5 \
&& curl -O https://releases.hashicorp.com/vagrant/2.2.6/vagrant_2.2.6_x86_64.deb \
&& apt-get install -y --no-install-recommends ./vagrant_2.2.6_x86_64.deb \
&& vagrant --version \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
But anyway I try, I always get the abouve result from my pipeline. Anyone got an idea on how I can fix my Image?
Alternatively I'm also open to another way to lint my Vagrantfiles.
I have this very simple Dockerfile:
FROM ubuntu:21.04
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get upgrade -y \
&& apt-get install -y curl doxygen git build-essential python3-dev python3-venv python3-setuptools clang clang-tidy clang-format cppcheck clazy \
&& apt-get install -y npm nodejs cmake ninja-build qtbase5-dev qtdeclarative5-dev \
&& apt-get install -y icecc qtlocation5-dev qtpositioning5-dev libqt5websockets5-dev qtwebengine5-dev libqt5webchannel5-dev qtbase5-private-dev \
&& apt-get install -y libdw-dev \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
...
This builds totally fine in ArchLinux with Docker 20.10.5 but generates the following error in Ubuntu with Docker 19.03.8:
Setting up hunspell-en-us (1:2019.10.06-1) ...
Error: update-dictcommon-hunspell not present or executable. Missing dependency on dictionaries-common?
dpkg: error processing package hunspell-en-us (--configure):
installed hunspell-en-us package post-installation script subprocess returned error exit status 1
and many other errors as a consequence of this one.
My question is: aren't docker builds expected to be reproducible in any environment? Both builds are using the same base image and, therefore, I assume they are also using the same package repositories when building on Ubuntu and ArchLinux. What's the reason for working in ArchLinux and failing on Ubuntu?
I was trying many ways in order to install Erlang 17.3 on Ubuntu 18. So far I came up with this solution you can read below:
For installation Erlang 17.3 on Ubuntu 18 you should do the following things:
Enter in the console next command:
Download the tar file:
wget http://erlang.org/download/otp_src_17.3.tar.gz
Extract the tar file in directory where you download the otp_src_17.3.tar.gz:
cd '/home/yaroslav/otp_src_17.3'
tar -zxf otp_src_17.3.tar.gz
set export ERL_TOP your 'pwd' path:
export ERL_TOP=pwd
Basic dependencies:
sudo apt-get install autoconf libncurses-dev build-essential
Other applications dependencies
sudo apt-get install m4
sudo apt-get install unixodbc-dev
sudo apt-get install libssl-dev
sudo apt-get -y install libssh-dev
sudo apt-get install libwxgtk3.0-dev libglu-dev
sudo apt-get install fop xsltproc
sudo apt-get install g++
sudo apt-get install default-jdk
sudo apt-get install xsltproc fop
Or all dependencies in one line:
apt-get -y install build-essential autoconf m4 libncurses5-dev libwxgtk3.0-dev libgl1-mesa-
dev libglu1-mesa-dev libpng-dev libssh-dev unixodbc-dev xsltproc fop g++ default-jdk
install openssl version 1.0.2 for Ubuntu 18 (different version SSL is not compatible):
curl https://www.openssl.org/source/openssl-1.0.2l.tar.gz | tar xz && cd openssl-1.0.2l &&
sudo ./config && sudo make && sudo make install
Configure and build:
./configure --with-ssl='/home/yaroslav/otp_src_17.3/openssl-1.0.2l'
sudo make
sudo make install
For installing older versions of Erlang and working with several at the same time I would recommend using kerl
If you need more fancy features you could also head for asdf which has a Erlang plugin (which runs kerl under the hood)
I'm trying to install tesseract-ocr version 4.1.1 on my docker image, but I get not found version although I already installed it on my local machine. Then I tried to add it's repo so I can fix the error but I got another error E: The repository 'http://ppa.launchpad.net/alex-p/tesseract-ocr/ubuntu focal Release' does not have a Release file.
Here is the set of commands I use inside the Dockerfile to create the docker image to install tesseract
RUN file="$(apt-get update && \
apt-get install -y apt-utils && \
apt-get install -y curl && \
apt-get update && \
apt-get install -y software-properties-common && \
apt-get update && \
add-apt-repository ppa:alex-p/tesseract-ocr -y && \ # the error here
apt-get update && \
apt install tesseract-ocr=4.1.1-1ppa1~xenial1 -y)" && echo $file # the version I need
I've done many search but I still cannot install it. How can I fix this error or I use another way of installing tesseract 4.1.1 !?
My base image is python 3.7.6
Note: I can't use the tesseract docker image to avoid any version errors with the rest of my modules
I have following docker file, I want to specifically install a rpm file that is available on my disk as I am building docker instance. My invocation of rpm install looks like this. Command
RUN rpm -i chrpath-0.13-14.el7.x86_64.rpm fails.
Is there a way to install rpm file available locally to new Docker instance?
FROM centos:latest
RUN yum -y install yum-utils
RUN yum -y install python-setuptools
RUN easy_install supervisor
RUN mkdir -p /var/log/supervisor
RUN yum -y install which
RUN yum -y install git
# Basic build dependencies.
RUN yum -y install autoconf build-essential unzip zip
# Gold linker is much faster than standard linker.
RUN yum -y install binutils
# Developer tools.
RUN yum -y install bash-completion curl emacs git man-db python-dev python-pip vim tar
RUN yum -y install gcc gcc-c++ kernel-devel make
RUN yum -y install swig
RUN yum -y install wget
RUN yum -y install python-devel
RUN yum -y install ntp
RUN rpm -i chrpath-0.13-14.el7.x86_64.rpm
Put this line before your rpm -i command:
ADD /host/abs/path/to/chrpath-0.13-14.el7.x86_64.rpm /chrpath-0.13-14.el7.x86_64.rpm
Then you'll be able to do
RUN rpm -i chrpath-0.13-14.el7.x86_64.rpm
As and addendum to what others have written here, rather than using:
RUN rpm -i xyz.rpm
You might be better off doing this:
RUN yum install -y xyz.rpm
The latter has the advantages that (a) it checks the signature, (b) downloads any dependencies, and (c) makes sure YUM knows about the package. This last bit is less important than the other two, but it's still worthwhile.
Suppose you have your Dockerfile available at /opt/myproject/. Then first you have to put rpm inside /opt/myproject and then add
Add /xyz.rpm /xyz.rpm
RUN rpm -i xyz.rpm