I'm fuzzing php inside docker container. Before fuzzing process start, it download and build php from source, then run fuzzing job. I'm using -d to run container in background.
sudo docker run --name=fuzzphp -d -v ~/crashfile:/fuzzer/script/fuzzing/ --privileged --cap-add=SYS_PTRACE fuzzphp /bin/bash -c "./tool/autophp.sh"
Here is the autophp.sh script doing build and run php.
./script/build/buildphp.sh
./script/fuzzing/runphp.sh
Here is my Dockerfile
FROM ubuntu:16.04
#install required package
RUN mkdir -p /fuzzer
WORKDIR /fuzzer
COPY . /fuzzer
ENV PATH "/fuzzer/clang+llvm/bin:$PATH"
ENV LD_LIBRARY_PATH "/fuzzer/clang+llvm/lib:$LD_LIBRARY_PATH"
RUN ["chmod" "777" "-R" "script/"]
RUN tool/install_fuzzer.sh
The problem is after I run autophp.sh by checking sudo docker logs fuzzphp only build script success, and runphp.sh return an error
chmod: cannot access '/script/fuzzing/buildphp.sh': No such file or directory
./tool/autophp.sh: line 5: ./script/fuzzing/runphp.sh: No such file or directory
I can confirm /script/fuzzing/runphp.sh file is exist on host but I don't have idea only buildphp is executed, but not runphp. What's wrong here?
Related
As it stands, my Dockerfile works as written below, but currently I have to run the two commented lines in order to pull, compile, and deploy my application to the server. I tried creating a shell script to run those commands using ADD and ENTRYPOINT, but when I run (using the docker commands below) the shell script runs and then the container exits.
What/How do I modify (I'm assuming, the docker run command) to fix this?
Is there an easier way to import libraries than the multiple URLS for RPM? I tried using YUM, but I wasn't sure how to set up my repo for installing anything.
Dockerfile
FROM registry.access.redhat.com/jboss-eap-7/eap71-openshift
USER root
RUN rpm -i [the URLS of the 40 libraries I need for SVN]
ADD subversion_installer_1.14.1.sh /home/svn_installer.sh
RUN yes | /home/svn_installer.sh
USER jboss
ARG REPO_USER
ARG REPO_PW
ARG REPO_URL
ENV REPO_USER=$REPO_USER
ENV REPO_PW=$REPO_PW
ENV REPO_URL=$REPO_URL
#RUN svn export --username="$REPO_USER" --password="$REPO_PW" "$REPO_URL" /usr/svn/myapp
#RUN /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64/bin/jar -cvf $JBOSS_HOME/standalone/deployments/myapp.war /usr/svn/myapp
Docker commands
docker build . -t myapp:latest
docker run -d -p 8080:8080 -p 9990:9990 --env-file=svnvars.cfg myapp:latest
Found out what I was doing wrong. I was trying to use
/opt/eap/bin/standalone.sh
as the last command in my entrypoint script.
I discovered this was wrong by calling
docker images inspect myapp:latest
where I found
"Cmd": [
"/opt/eap/bin/openshift-launch.sh"
],
I was calling the wrong command. So I fixed this by replacing the command in my shell script and changing my ENTRYPOINT to CMD.
Here are the corrected files:
Dockerfile
FROM registry.access.redhat.com/jboss-eap-7/eap71-openshift
USER root
RUN rpm -i [too many libraries]
ADD subversion_installer_1.14.1.sh /home/svn_installer.sh
ADD svnvars.cfg /var/svn/svnvars.cfg
RUN yes | /home/svn_installer.sh
USER jboss
ARG REPO_USER
ARG REPO_PW
ARG REPO_URL
ENV REPO_USER=$REPO_USER
ENV REPO_PW=$REPO_PW
ENV REPO_URL=$REPO_URL
ADD entrypoint.sh /home/entrypoint.sh
CMD /home/entrypoint.sh
entrypoint.sh
#!/bin/bash
svn export --username="$REPO_USER" --password="$REPO_PW" "$REPO_URL" /usr/svn/myapp
cd /usr/svn/myapp
ant war
/opt/eap/bin/openshift-launch.sh
I am trying to run Jmeter in Docker. I got Dockerfile and Entrypoint has entrypoint.sh as well added.
ARG JMETER_VERSION="5.2.1"
RUN mkdir /jmeter
WORKDIR /jmeter
RUN apt-get update \
&& apt-get install wget -y \
&& apt-get install openjdk-8-jdk -y \
&& wget https://archive.apache.org/dist/jmeter/binaries/apache-jmeter-5.2.1.tgz \
&& tar -xzf apache-jmeter-5.2.1.tgz \
&& rm apache-jmeter-5.2.1.tgz
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64
RUN export JAVA_HOME
RUN echo $JAVA_HOME
ENV JMETER jmeter/apache-jmeter-5.2.1/bin
ENV PATH $PATH:$JMETER_BIN
RUN export JMETER
RUN echo $JMETER
WORKDIR /jmeter/apache-jmeter-5.2.1
COPY users.jmx /jmeter/apache-jmeter-5.2.1
COPY entrypoint.sh /jmeter/apache-jmeter-5.2.1
RUN ["chmod", "+x", "entrypoint.sh"]
ENTRYPOINT ["./entrypoint.sh"]
entrypoint.sh
#!/bin/bash
# Inspired from https://github.com/hhcordero/docker-jmeter-client
# Basically runs jmeter, assuming the PATH is set to point to JMeter bin-dir (see Dockerfile)
#
# This script expects the standdard JMeter command parameters.
#
set -e
freeMem=`awk '/MemFree/ { print int($2/1024) }' /proc/meminfo`
s=$(($freeMem/10*8))
x=$(($freeMem/10*8))
n=$(($freeMem/10*2))
export JVM_ARGS="-Xmn${n}m -Xms${s}m -Xmx${x}m"
echo "START Running Jmeter on `date`"
echo "JVM_ARGS=${JVM_ARGS}"
echo "jmeter args=$#"
# Keep entrypoint simple: we must pass the standard JMeter arguments
bin/jmeter.sh $#
echo "END Running Jmeter on `date`"
Now when I try to run container without jmeter arguments, container starts and asks for jmeter arguments
docker run sar/test12
I get error as An error occurred:
No X11 DISPLAY variable was set, but this program performed an operation which requires it.
But when i run jmeter container with arguments
docker run -v /home/jmeter/unbuntjmeter/:/jmeter/apache-jmeter-5.2.1 sar/test12 -n -t ./users.jmx
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: "./entrypoint.sh": permission denied": unknown.
Solutions
For the X11 issue, you can try setting -e DISPLAY=$DISPLAY in your docker run, you may need to perform some other steps to get it working properly depending on how your host is setup. But trying to get the GUI working here seems like overkill. To fix your problem when you pass through the command arguments, you can either:
Add execute permissions to the entrypoint.sh file on your host by running chmod +x /home/jmeter/unbuntjmeter/entrypoint.sh.
Or
Don't mount /home/jmeter/unbuntjmeter/ into the container by removing the -v argument from your docker run command.
Problem
When you run this command docker run -v /home/jmeter/unbuntjmeter/:/jmeter/apache-jmeter-5.2.1 sar/test12 -n -t ./users.jmx, you are mounting the directory /home/jmeter/unbuntjmeter/ from your host machine onto /jmeter/apache-jmeter-5.2.1 in your docker container.
That means your /jmeter/apache-jmeter-5.2.1/entrypoint.sh script in the container is being overwritten by the one in that directory on your host (if there is one, which there does seem to be). This file on your host machine doesn't have the proper permissions to be executed in your container (presumably it just needs +x because you are running this in your build: RUN ["chmod", "+x", "entrypoint.sh"]).
How do I execute an executable twice in a docker container?
For instance I need to run my application twice, the first time to initialize some stuff, and the second time to listen to a given port defined in an environment variables.
The commands from a shell would be something like this:
[j3d#gonzo test]$ kontrol -initial
[j3d#gongo test]$ kontrol
started... listening on port 6000...
Here below is my Dockerfile:
FROM golang:1.8.3 as builder
RUN go get -u github.com/golang/dep/cmd/dep
RUN go get -d github.com/koding/kite
WORKDIR ${GOPATH}/src/github.com/koding/kite
RUN ${GOPATH}/bin/dep ensure
RUN go install ./kontrol/kontrol
RUN mv ${GOPATH}/bin/kontrol /tmp
FROM busybox
ENV APP_HOME /opt/robotrader
RUN mkdir -p ${APP_HOME}
WORKDIR ${APP_HOME}
COPY --from=builder /tmp/kontrol .
ENTRYPOINT ["./kontrol", "-initial"]
CMD ["./kontrol"]
The container builds successfully... but when I start it I always get the following error message:
kontrol | standard_init_linux.go:190: exec user process caused "no such file or directory"
Any help would be really appreciated.
EDIT
Thanks to zero298 who helped me to figure out the issue, here below is a working Dockerfile:
FROM golang:1.8.3 as builder
RUN go get -u github.com/golang/dep/cmd/dep
RUN go get -d github.com/koding/kite
WORKDIR ${GOPATH}/src/github.com/koding/kite
RUN ${GOPATH}/bin/dep ensure
RUN CGO_ENABLED=0 go install ./kontrol/kontrol
RUN mv ${GOPATH}/bin/kontrol /tmp
FROM busybox
ENV APP_HOME /opt/robotrader
RUN mkdir -p ${APP_HOME}
WORKDIR ${APP_HOME}
COPY --from=builder /tmp/kontrol .
ENTRYPOINT ["./kontrol", "-initial"]
CMD ["./kontrol"]
The go application should be built with CGO_ENABLED=0 - see this post for more info.
I think you are running into a different issue than you think you are. Running your Dockerfile and then executing:
docker build -t j3d .
docker run -it --rm --name j3d-test --entrypoint sh j3d
Allows me to run my own commands from within the container.
Using ls lists out the PWD contents:
-rwxr-xr-x 1 root root 16.8M Jun 21 19:20 kontrol
Everything seems normal. However, trying to run that myself generates the following error:
sh: ./kontrol: not found
To me, this is likely similar to: Linux executable fails with “File not found” even though the file is there and in PATH.
In fact, if you instead:
Copy the compiled kontrol executable out of your builder image
Run the ubuntu container mounting the directory with the copied kontrol executable docker run -it --rm -v $PWD:/mnt/go ubuntu sh
Try to run kontrol
You will get the "correct" error which stipulates you haven't setup your keys correctly:
2018/06/21 19:56:57 cannot read public key file: open : no such file or directory
Your path forward is probably to figure out why you can't cross-compile
Create a script that runs it twice:
E.g in "startup.sh"
#!/bin/bash
# Run kontrol twice
./kontrol -initial
./kontrol
Then replace the last two lines in your Dockerfile with:
COPY startup.sh .
CMD ["./startup.sh"]
If kontrol terminates when you run it with the init flag, then you shuold just use
RUN /opt/robotrader/kontrol -init
CMD ["./kontrol"]
If it doesn't terminate, you'll have to find another way to architect your appp.
I am building Scigraph database on my local machine and trying to move this entire folder to docker and run it, when I run the shell script on my local machine it runs without error when I add the same folder inside docker and try to run it fails
Am I doing this right way, here's my DOckerfile
FROM goyalzz/ubuntu-java-8-maven-docker-image
ADD ./SciGraph /usr/share/SciGraph
WORKDIR /usr/share/SciGraph/SciGraph-services
RUN pwd
EXPOSE 9000
CMD ['./run.sh']
when I try to run it I'm getting this error
docker run -p9005:9000 test
/bin/sh: 1: [./run.sh]: not found
if I run it using below command it works
docker run -p9005:9000 test -c "cd /usr/share/SciGraph/SciGraph-services && sh run.sh"
as I already marked the directory as WORKDIR and running the script inside docker using CMD it throws error
For scigraph as provided in their ReadMe, you can to run mvn install before you run their services. You can set your shell to bash and use a docker compose to run the docker image as shown below
Dockerfile
FROM goyalzz/ubuntu-java-8-maven-docker-image
ADD ./SciGraph /usr/share/SciGraph
SHELL ["/bin/bash", "-c"]
WORKDIR /usr/share/SciGraph
RUN mvn -DskipTests -DskipITs -Dlicense.skip=true install
RUN cd /usr/share/SciGraph/SciGraph-services && chmod a+x run.sh
EXPOSE 9000
build the scigraph docker image by running
docker build . -t scigraph_test
docker-compose.yml
version: '2'
services:
scigraph-server:
image: scigraph_test
working_dir: /usr/share/SciGraph/SciGraph-services
command: bash run.sh
ports:
- 9000:9000
give / after SciGraph-services and change it to "sh run.sh" ................ and look into run.sh file permissions also
It is likely that your run.sh doesn't have the #!/bin/bash header, so it cannot be executed only by running ./run.sh. Nevertheless, always prefer to run scripts as /bin/bash foo.sh or /bin/sh foo.sh when in docker, especially because you don't know what changes files have been sourced in images downloaded from public repositories.
So, your CMD statement would be:
CMD /bin/bash -c "/bin/bash run.sh"
You have to add the shell and the executable to the CMD array ...
CMD ["/bin/sh", "./run.sh"]
I'm trying to dockerize cassandra by following below steps.
Docker file ->
FROM oraclelinux:7.3
COPY apache-cassandra-2.2.8-bin.tar.gz /opt
RUN cd /opt && tar -xvzf apache-cassandra-2.2.8-bin.tar.gz
RUN cd /opt && ln -s apache-cassandra-2.2.8 cassandra
RUN cd /opt/cassandra && mkdir data && mkdir commitlog && mkdir saved_caches
COPY cassandra.yaml /opt/cassandra/conf
COPY cassandra-topology.properties /opt/cassandra/conf
RUN chmod +x /opt/cassandra/bin/cassandra
ENV CASSANDRA_CONFIG /opt/cassandra/conf
ENV CASSANDRA_HOME /opt/cassandra
RUN /opt/cassandra/bin/cassandra
ENTRYPOINT ["/opt/cassandra/bin/cassandra"]
EXPOSE 7000 7001 7199 9160
When I build cassandra docker using
docker build -t my_cassandra .
throws below error message
Step 19/21 : RUN /opt/cassandra/bin/cassandra
---> Running in 36bd332c523a
cat: /etc/ld.so.conf.d/*.conf: No such file or directory
When I build cassandra docker using
docker run -it my_cassandra bin/bash
it throws same error message
cat: /etc/ld.so.conf.d/*.conf: No such file or directory
If I remove the ENTRYPOINT line or hash it out, docker builds and runs fine but cassandra doesn't run as part of docker run command. I have to logon to the container and manually start with ./cassandra
Is there a way I could start cassandra as part of docker run command here?
From your example above, it doesn't look like ENTRYPOINT is the problem here. You should not run Cassandra as part of the Docker build.
Step 19/21 : RUN /opt/cassandra/bin/cassandra
---> Running in 36bd332c523a
cat: /etc/ld.so.conf.d/*.conf: No such file or directory
Remove RUN /opt/cassandra/bin/cassandra.
Take a look at the official Cassandra Docker Image on Docker Hub.
link: Official Dockerfile
link: Docker Hub - Cassandra
It boils down to the upstream image you use. /opt/cassandra/bin/cassandra seems to be a shell script which executes which ldconfig at some point. If which is missing from your image, you will see such error