strace reveals that the escaping I used may cause a problem compared to the shell form (shell form vs exec form see https://docs.docker.com/engine/reference/builder/ )
exec form with [/* 3 vars */] - breaks / makes trouble
ENTRYPOINT ["strace", "hugo", "server", "--watch=true", "--bind=0.0.0.0", "--source=\"/src\"", "--destination=\"/output\""]
execve("hugo", ["hugo", "server", "--watch=true", "--bind=0.0.0.0", "--source=\"/src\"", "--destination=\"/output\""], [/* 3 vars */]) = 0
shell form with [/* 4 vars */] - works fine
ENTRYPOINT strace hugo server --watch=true --bind=0.0.0.0 --source=""/src"" --destination=""/output""
execve("hugo", ["hugo", "server", "--watch=true", "--bind=0.0.0.0", "--source=/src", "--destination=/output"], [/* 4 vars */]) = 0"
Dockerfile:
(used ubuntu as i wasn't able to run strace with alpine:latest.)
# escape=\
# first line can be removed and doesn't change the behavior of the described issue
FROM ubuntu:latest
RUN apt-get update && apt-get install hugo strace
RUN hugo new site src
WORKDIR /src
ENTRYPOINT ["strace", "hugo", "server", "--watch=true", "--bind=0.0.0.0", "--source=\"/src\"", "--destination=\"/output\""]
EXPOSE 1313
Command to run and save output:
sudo docker run --security-opt seccomp:unconfined docker-hugo &> docker-hugo.strace
(see https://github.com/moby/moby/issues/20064#issuecomment-291095117 for info regarding --security-opt )
Overview of possible scenarios:
+------------------+-------------------------------------------+------------------------+---------------------------------------------------+
| | No Entrypoint | Entrypoint (JSON-form) | Entrypoint (shell-form) |
+------------------+-------------------------------------------+------------------------+---------------------------------------------------+
| No CMD | HostConfig.Config.cmd=/bin/bash is called | breaks | ok |
| | (assumption as of docker inspect) | | |
+------------------+-------------------------------------------+------------------------+---------------------------------------------------+
| CMD (JSON-form) | breaks | breaks | breaks |
| | | | (other issue; not handled here |
+------------------+-------------------------------------------+------------------------+---------------------------------------------------+
| CMD (shell-form) | ok | ok | Breaks [seems to work as designed] |
| | | | (both are called with a shell concatinated) |
| | | | Example: /bin/sh -c <ENTRYPOINT> /bin/sh -c <CMD> |
+------------------+-------------------------------------------+------------------------+---------------------------------------------------+
So my question: Am I escaping the JSON Array not correctly?
Related
I am building a docker container for compiling a mix of rust, carbon and c.
Everything seems to work until running main.carbon and call the function of my rust library. Although the import seems valid. I think that is an issue by Rust code.
This is my Dockerfile:
#
# -------- ---------- -----
# | rust | | carbon | | C |
# -------- ---------- -----
# | | |
# | | |
FROM rust as rust
WORKDIR /usr/src/myapp
COPY ./src/lib/ .
RUN cargo build --verbose --release --all-targets --manifest-path /usr/src/myapp/Cargo.toml
# | |
# install carbon | |
# ------| |
# | | |
FROM linuxbrew/brew as brew
RUN brew update
RUN brew install python#3.9
RUN brew install bazelisk
RUN brew install llvm
# | |
# | |
# | |
# | |
FROM brew as carbon
RUN git clone https://github.com/carbon-language/carbon-lang carbon
WORKDIR /home/linuxbrew/carbon
COPY --from=rust /usr/src/myapp/target/release/librust_file_listener.so /home/linuxbrew/carbon/explorer/
SHELL ["/bin/bash", "-c"]
RUN mv -v /home/linuxbrew/carbon/explorer/BUILD /home/linuxbrew/carbon/explorer/ BUILD-old
RUN touch ./explorer/BUILD
RUN echo $(pwd)
RUN sed -n '1,17p' ./explorer/BUILD-old >> ./explorer/BUILD
RUN echo ' srcs = ["main.cpp", "librust_file_listener.so"],' >> ./explorer/BUILD
RUN sed -n '19,$p' ./explorer/BUILD-old >> ./explorer/BUILD
RUN cp ./explorer/librust_file_listener.so .
RUN bazel build --verbose_failures //explorer
COPY ./src/main.carbon .
COPY ./src/file-listener.h .
RUN bazel run //explorer -- ./main.carbon
This is my error message:
/root/.cache/bazel/_bazel_root/c2431547aff5b972703b3babc3d841cc/execroot/carbon/bazel-out/k8-fastbuild/bin/explorer/explorer:
error while loading shared libraries: libstd-69edc9ac8de4d39c.so:
cannot open shared object file: No such file or directory
Searching for this error message: the only result was this question by laurent. May be corresponding!?
FYI I am on x86_64, not on ARM.
How can I retrieve just the 'position' value from the 'SHOW MASTER STATUS' query expression in MariaDB(running in docker container) from outside the docker container ?
Something like, I have the following :-
+-------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+-------------------+----------+--------------+------------------+
| master-bin.000003 | 375 | | |
+-------------------+----------+--------------+------------------+
and need to get only value of position using bash script ?
Please help as soon as possible.
When MariaDB running inside docker container and want to retrieve File and Position Value from "SHOW MASTER STATUS" in MariaDB/MySQL from outside the docker container, use the following command in bash :-
for File
docker exec -it <mariadb_container_name> bash -c "mysql -u<username> -p<password> -Ne 'show master status' | awk '{print $1}' | cut -f1"
for Position
docker exec -it <mariadb_container_name> bash -c "mysql -u<username> -p<password> -Ne 'show master status' | awk '{print $2}' | cut -f2"
I have successfully jailbreaked my Hue Bridge 2.1 and now have Root Access over SSH to it.
But I don't know how I can Install a Packet Manager (like opkg) on it.
It looks like wget is installed, but nothing else really. Also SCP works.
I have tried everything, but nothing seems to work. (See console). (Full console dump here)
login as: root
root#192.168.1.69's password:
BusyBox v1.23.2 (2018-10-25 16:12:28 UTC) built-in shell (ash)
_ _ _ _ ______ ____ _ _ ___ __ __
| | | | | | | ____| | _ \ (_) | | |__ \ \ \ / /
| |__| | | | | |__ | |_) |_ __ _ __| | __ _ ___ ) | \ V /
| __ | | | | __| | _ <| '__| |/ _` |/ _` |/ _ \ / / > <
| | | | |__| | |____ | |_) | | | | (_| | (_| | __/ / /_ _ / . \
|_| |_|\____/|______| |____/|_| |_|\__,_|\__, |\___| |____(_)_/ \_\
__/ |
|___/
----------------------------------------------------------------------
Version: 1810251352
----------------------------------------------------------------------
root#Wohnzimmer:~# busybox --install opkg
--install: applet not found
root#Wohnzimmer:~# opkg
-ash: opkg: not found
root#Wohnzimmer:~# wget
BusyBox v1.23.2 (2018-10-25 16:12:28 UTC) multi-call binary.
Usage: wget [-c|--continue] [-s|--spider] [-q|--quiet] [-O|--output-document FILE]
[--header 'header: value'] [-Y|--proxy on/off] [-P DIR]
[-U|--user-agent AGENT] URL...
Retrieve files via HTTP or FTP
-s Spider mode - only check file existence
-c Continue retrieval of aborted transfer
-q Quiet
-P DIR Save to DIR (default .)
-O FILE Save to FILE ('-' for stdout)
-U STR Use STR for User-Agent header
-Y Use proxy ('on' or 'off')
You can't just install the packet manager using busybox --install opkg orsudo apt-get install <any-package>.
This below error message clearly says the opkg packet is not found, you need to build the source, and add that in your target.
root#Wohnzimmer:~# busybox --install opkg
--install: applet not found
It's Busybox system for that you need to download the packet manager archive against the target what they are using, for example: if it is ARM then compile using ARM toolchain in your host system then move the compiled binary to the target. After moving the compiled utility you can place the binary in /sbin dir of the root fs.
After Creating Docker Image from Redhat Fuse 7, I went inside container bin folder and executed ./clinet command.
Fuse client instance loaded
karaf#3e06e92ec257:/opt/karaf/bin$ ./client
Logging in as admin
____ _ _ _ _ _____
| _ \ ___ __| | | | | | __ _| |_ | ___| _ ___ ___
| |_) / _ \/ _` | | |_| |/ _` | __| | |_ | | | / __|/ _ \
| _ < __/ (_| | | _ | (_| | |_ | _|| |_| \__ \ __/
|_| \_\___|\__,_| |_| |_|\__,_|\__| |_| \__,_|___/___|
Red Hat Fuse (7.0.0.fuse-000191-redhat-1)
http://www.redhat.com/products/jbossenterprisemiddleware/fuse/
Hit '<tab>' for a list of available commands
and '[cmd] --help' for help on a specific command.
Open a browser to http://localhost:8181/hawtio to access the management console
Hit '<ctrl-d>' or 'shutdown' to shutdown Red Hat Fuse.
admin#root()>
but any key pressed, it returned below error and instance closed
admin#root()> Error executing command: / by zero
Sample Dockerfile and commands
docker run --name fuse -d -p 1099:1099 -p 8101:8101 -p 44444:44444 redhat-fuse-v1
docker exec -it fuse /opt/karaf/bin/client
docker logs -f fuse
FROM openjdk:8-slim
MAINTAINER Jayashankar C <jshankarc1#gmail.com>
ENV KARAF_USER karaf
ENV KARAF_UID 8181
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64
ENV JAVA_MAX_MEM 256m
ENV KARAF_EXEC exec
COPY fuse-karaf-7.0.0.fuse-000191-redhat-1.zip /tmp/fuse-karaf.zip
COPY org.ops4j.pax.url.mvn.cfg /tmp
COPY users.properties /tmp
RUN groupadd -r $KARAF_USER --gid=$KARAF_UID && useradd -rm -g $KARAF_USER --uid=$KARAF_UID $KARAF_USER
RUN mkdir -p /opt/karaf \
&& unzip -o /tmp/fuse-karaf.zip -d /opt/karaf \
&& mv /opt/karaf/fuse-karaf-7.0.0.fuse-000191-redhat-1/* /opt/karaf > /dev/null 2>&1 \
&& ls /opt/karaf -ltr \
&& rm /tmp/fuse-karaf.zip \
&& cp -f /tmp/org.ops4j.pax.url.mvn.cfg opt/karaf/etc \
&& cp -f /tmp/users.properties opt/karaf/etc \
&& cat /opt/karaf/etc/org.ops4j.pax.url.mvn.cfg \
&& mkdir -p /opt/karaf/data /opt/karaf/data/log \
&& chown -R $KARAF_USER.$KARAF_USER /opt/karaf \
&& chmod 700 /opt/karaf/data
EXPOSE 1099 8101 44444
USER $KARAF_USER
CMD ["/opt/karaf/bin/karaf", "run"]
Error log
2018-05-31 18:14:21,757 | ERROR | h console user admin | o.a.k.s.s.ShellUtil | 143 - org.apache.karaf.shell.core - 4.2.0.fuse-000237-redhat-1 | Exception caught while executing command
java.lang.ArithmeticException: / by zero
at org.aesh.readline.Buffer.printInsertedData(Buffer.java:570) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Buffer.insert(Buffer.java:227) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.AeshConsoleBuffer.writeChar(AeshConsoleBuffer.java:128) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Readline$AeshInputProcessor.parse(Readline.java:262) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Readline$AeshInputProcessor.access$100(Readline.java:174) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Readline.readInput(Readline.java:95) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Readline.access$1000(Readline.java:57) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.aesh.readline.Readline$AeshInputProcessor.lambda$start$1(Readline.java:333) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.jline.reader.impl.TerminalConnection.openBlocking(TerminalConnection.java:152) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.jline.reader.impl.LineReaderImpl.readInput(LineReaderImpl.java:137) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.jline.reader.impl.LineReaderImpl.readLine(LineReaderImpl.java:275) ~[141:org.apache.karaf.shell.aesh-jline:4.2.0.fuse-000237-redhat-1]
at org.apache.karaf.shell.impl.console.ConsoleSessionImpl.readCommand(ConsoleSessionImpl.java:436) [143:org.apache.karaf.shell.core:4.2.0.fuse-000237-redhat-1]
at org.apache.karaf.shell.impl.console.ConsoleSessionImpl.run(ConsoleSessionImpl.java:394) [143:org.apache.karaf.shell.core:4.2.0.fuse-000237-redhat-1]
at java.lang.Thread.run(Thread.java:748) [?:?]
If you look a bit earlier in the log, you'll find the following event:
852 [sshd-SshClient[3a82f6ef]-nio2-thread-3] DEBUG org.apache.sshd.client.channel.ChannelShell - doOpenPty(ChannelShell[id=0, recipient=0]-ClientSessionImpl[karaf#localhost/127.0.0.1:8101]) Send SSH_MSG_CHANNEL_REQUEST env: {TERM=null, LC_CTYPE=en.UTF-8}
The problem is the TERM=null environment variable which causes the NullPointerException.
You need to run the following command instead:
docker exec -it -e TERM=${TERM} fuse /opt/karaf/bin/client
On older docker versions, you can run the following:
docker exec -it fuse bash -c "export TERM=${TERM} /opt/karaf/bin/client"
With docker 1.7.1, foxx-manager update gets error 500 when downloading master.zip from central repository. However, no error was occurred with docker 1.6.1.
Did anyone encounter this problem?
How can I specify https_proxy for arangosh? foxx-manager update fails inside corporate proxy environment.
I've tried these settings:
export https_proxy=http://xx.xx.xx.xx:port
export https_proxy=xx.xx.xx.xx:port
export HTTPS_PROXY=http://xx.xx.xx.xx:port
export HTTPS_PROXY=xx.xx.xx.xx:port
... and all failed.
Below is my session log:
[t.suwa#devstudy ~]$ docker run -d arangodb
e3175d53cd1fc288201bfeebaaf95084c1409c4299ce1b39369d131bf2964d0a
Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
[t.suwa#devstudy ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e3175d53cd1f arangodb "/usr/sbin/arangod" 11 seconds ago Up 9 seconds 8529/tcp backstabbing_albattani
[t.suwa#devstudy ~]$ docker exec -it e3175d53cd1f /bin/bash
root#8155996d26ff:/# arangosh
_
__ _ _ __ __ _ _ __ __ _ ___ ___| |__
/ _` | '__/ _` | '_ \ / _` |/ _ \/ __| '_ \
| (_| | | | (_| | | | | (_| | (_) \__ \ | | |
\__,_|_| \__,_|_| |_|\__, |\___/|___/_| |_|
|___/
Welcome to arangosh 2.6.7 [linux]. Copyright (c) ArangoDB GmbH
Using Google V8 4.1.0.27 JavaScript engine, READLINE 6.3, ICU 54.1
Pretty printing values.
Connected to ArangoDB 'tcp://127.0.0.1:8529' version: 2.6.7 [standalone], database: '_system', username: 'root'
Type 'tutorial' for a tutorial or 'help' to see common examples
arangosh [_system]> fm.update()
JavaScript exception in file '/usr/share/arangodb/js/common/modules/org/arangodb/foxx/store.js' at 410,11: [ArangoError 1752: application download failed: Github download from 'https://github.com/arangodb/foxx-apps/archive/master.zip' failed with error code 500]
! throw err;
! ^
stacktrace: Error
at exports.throwDownloadError (/usr/share/arangodb/js/common/modules/org/arangodb-common.js:448:9)
at Object.update (/usr/share/arangodb/js/common/modules/org/arangodb/foxx/store.js:392:7)
at <shell command>:1:4
If your environment is behind proxy, please add these in Dockerfile.
ENV https_proxy=http://xx.xx.xx.xx:port
ENV https_proxy=xx.xx.xx.xx:port
ENV HTTPS_PROXY=http://xx.xx.xx.xx:port
ENV HTTPS_PROXY=xx.xx.xx.xx:port
ADD .gitconfig /.gitconfig
Local file .gitconfig should have proxy setting as well:
[http]
proxy = http://xx.xx.xx.xx:port
[https]
proxy = http://xx.xx.xx.xx:port
Suspose you install and run the applicaiton with root in container, if not, copy .gitconfig to that user's home directory.
Build the image with proxy, then you should be fine to download the package within container.