I want to start shellinabox on centos through a php api.
When the user hits the api, shellinaboxd -p 'portno' command should get executed and shellinabox should start on the particular port number.
But this does not happen, instead this error comes
Error :
Failed to find any available port [on tail -f /var/log/httpd/error_log]
The code below runs correctly on ubuntu but not on centos.
Consider rest all things working fine.
$app->get('/test', function() {
exec('shellinaboxd -p '.$port);
});
Executing:
shellinaboxd -p 'someport' on bash also works fine.
I have php5.5 and apache2 installed on my system.
Error message Failed to find any available port tells you that port is already used.
Try different port.
I have come out with a solution. Centos is SELINUX(Secured linux). So it does not allow any logging action from a process, like php api(in my case, whose user is apache) in its default mode that is "enforcing".
So change the SELINUX mode as:
'SELINUX=disabled' in /etc/selinux/config
and reboot.
It has one more mode i.e. permissive.
Read more about it here: https://wiki.centos.org/HowTos/SELinux
Related
After upgrading Docker to 4.6.0 on OSX 12.3 I've had a bit of an odd issue when I stop the xdebug listening client in PHPStorm, it seems that subsequent requests always times out because docker is reporting that host.docker.internal has port 9003 open when it's actually closed so the app always waits for the xdebug client.
I installed nmap on my webapp php container and host to test. If I run "nmap -p 9003 localhost" with the debug client running on my host I can see it open, after turning it off in PHPstorm the same scan shows that it's closed however running "nmap -p 9003 host.docker.internal" inside the container reports that it's still open. If I open other services on my host too it seems that ports start showing as open on the docker internal network however never report as closed after shutting them down on the host.
I upgraded to Docker 4.6.1 but the problem still persists.
Any advice would be appreciated.
This has been fixed in Docker 4.8.1
https://docs.docker.com/desktop/mac/release-notes/
UPDATE: Downgrading to Docker 4.5.0 resolved the issue.
This doesn't solve the problem, just helps to avoid restarting Docker while we are waiting for the fix.
Make changes in xdebug.ini:
xdebug.start_with_request=trigger
xdebug.idekey=VSCODE
This tells XDebug to connect to debugger only if "trigger" is present in the HTTP request.
Now, install Chrome extension Xdebug helper, it's old but still works. Open extensions settings (chrome-extension://eadndfjplgieldjbigjakmdgkmoaaaoc/options.html) and set IDE key to "Other" "VSCODE".
Now, when you want to debug, you enable debugging in VSCode and also enable debugging in Chrome using that extension:
When you are done debugging - choose "Disable" in the extension, and PHP won't try to connect to your debugger, even if the port is still open. How it works - extension just sends cookie XDEBUG_SESSION=VSCODE with each request, and XDebug connects to the debugger only when this cookie is present.
P.S. You can replace VSCODE with IDE key that your IDE uses, or just any string.
I created a Weblogic generic container for version 12.1.3 based on the official Docker images from Oracle at https://github.com/oracle/docker-images/tree/master/OracleWebLogic/dockerfiles
Command: buildDockerImage.sh -g -s -v 12.1.3
This creates the image oracle/weblogic:12.1.3-generic
Using a modified version of sample dockerfile for 1213-domain, I built the Weblogic container.
Note: changed the base image to be generic, instead of developer
docker build -t 1213-domain --build-arg ADMIN_PASSWORD="admin123" -f myDockerfile .
Pushed the built image to Amazon ECR and ran the container using the AWS ECS. Configured the port mappings as 0:7001, set memory soft limit as 1024, nothing else changed in default ECS settings. I have an application load balancer in the front, which receives traffic at 443 port and forwards to the containers. In the browser I get a login page for Weblogic, when I enter username as weblogic and password as admin123, I get the error:
Authentication Denied
Interestingly when I go to the container and connect to the weblogic using WLST, it works fine.
[ec2-user#ip-10-99-103-141 ~]$ docker exec -it 458 bash
[oracle#4580238db23f mydomain]$ /u01/oracle/oracle_common/common/bin/wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...
Jython scans all the jar files it can find at first startup. Depending on the system, this process may take a few minutes to complete, and WLST may not return a prompt right away.
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> connect("weblogic","admin123","t3://localhost:7001")
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server "AdminServer" that belongs to domain "mydomain".
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/mydomain/serverConfig>
Any hints on what can be going wrong?
Very interesting indeed. :) .. You are sure there is no special characters or so when you entering the username and password. Try typing the same if you are coping.
Also as backup, since you are able to login to WLST you can try two option.
Resetting the current password of weblogic or try adding new username and password.
below link will help
http://middlewarebuzz.blogspot.com/2013/06/weblogic-password-reset.html
or
http://middlewaremagic.com/weblogic/?p=4962
I want to run an old .NET application in a docker windows server container (https://hub.docker.com/r/microsoft/windowsservercore/).
Everything would be easy if this application didn't require an UI. Its UI does a lot of stuff and this stuff cannot be done through command line or other API.
Basically, the perfect thing would be to reach this running container through RDP.
From my understanding, it is nothing more than a service (TermService) running on a certain TCP port (3389 being the default one).
But it seems that TermService is not running in microsoft/windowsservercore containers.
I found an article showing how to activate it : https://withinrafael.com/2018/03/09/using-remote-desktop-services-in-containers/
Basically, I kept the same Dockerfile, just changing some credentials.
#escape=`
FROM microsoft/windowsservercore:1709_KB4074588
RUN net user /add jerome
RUN net user jerome aDifficultPassword
RUN net localgroup "Remote Desktop Users" jerome /add
RUN net localgroup "Administrators" jerome /add
RUN cmd /k reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v TemporaryALiC /t REG_DWORD /d 1
I launch the container with this command :
docker run -it -p3389:3389 myimage powershell
When I connect to the container and type some powershell commands to list running services, I can see that TermService is well running. This is the command I use to list services.
Get-Service
When I list opened TCP ports, I can see that 3389 is listened. This is the command I use to show opened ports.
netstat -an
When I try to connect to the container through my remote desktop client, things seems OK at start.
It asks me for host.
Then for a username and password.
If I type wrong credentials, it says me "Wrong credentials", so there is well a communication with the server.
If I type good credentials, nothing happens. No error message at all, but no display screen too...
I don't really know if logs are generated somewhere or not.
I would be OK if instead of RDS, something like TigerVNC was working. I have never tried this tool before but it seems that it could do the job.
How would you do to control a GUI application running in a windows container?
You can find logs for RDP client in event viewer : "Application and Services Logs"\Microsoft\Windows\TerminalServices-ClientActiveXCore. Here's what is says for me :
The client has established a multi-transport connection to the server.
RDPClient_SSL: An error was encountered when transitioning from TsSslStateDisconnected to TsSslStateDisconnected in response to TsSslEventInvalidState (error code 0x8000FFFF).
RDP ClientActiveX has been disconnected (Reason= 2)
reason 2 is session closed by client.
My paranoia tells me that microsoft went back and patched the image to prevent people from using RDP with docker, but who knows, maybe we're just missing something obvious.
Here is my whole scenario.
I have a RHEL 7.1 vmware image, with the corporate proxy properly configured, accessing stuff over http or https works properly.
Installed docker-engine, and added the HTTP_PROXY setting to /etc/systemd/system/docker.service.d/http-proxy.conf. I can verify the proxy setting is picked up by executing:
sudo systemctl show docker --property Environment
which will print:
Environment=HTTP_PROXY=http://proxy.mycompany.com:myport/ with real values of course.
Pulling and running docker images works correctly this way.
The goal is to work with the binary distribution of openshift-origin. I downloaded the binaries, and started setting up things as per the walkthrough page on github:
https://github.com/openshift/origin/blob/master/examples/sample-app/README.md
Starting openshift seems to work as I can:
* login via the openshift cli
* create a new project
* even access the web console
But when I try to create an app in the project (also via the cli):
oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-hello-world.git
It fails:
error: can't look up Docker image "centos/ruby-22-centos7": Internal error occurred: Get https://registry-1.docker.io/v2/: dial tcp 52.71.246.213:443: connection refused
I can access (without authentication though) this endpoint via the browser on the VM or via WGET.
Hence I believe DOCKER fails to pick up the proxy settings. After some searching I also fear if there are IPTABLES settings missing. Referring to:
https://docs.docker.com/v1.7/articles/networking/
But I don't know if I should fiddle with the IPTABLES settings, should not Docker figure that out itself?
Check your HTTPS_PROXY environment property.
everyone,
I followed instructions on highcharts export server. And my test environment is Ubuntu Server, tomcat 7.x, java 1.7.x, the latest highcharts export server code cloned by git. No problem occurred during mvn install and mvn clean package. And soem settings of my app-convert.properties is
port=8080 # the same port with my tomcat
exec = /home/{my user name}/phantomjs-1.9.1-linux-x86_64/bin/phantomjs
And from the logs of Tomcat, I can see that phantomjs is started and listening on port 8080. Also when I access http://{myservername}:8080/highchars-export-web/, it's loaded correctly, even when I click 'Generate Image' button, it gave me a file named 'Charts.png'. However, the image's size is 1kb, not the one as getting from http://export.highcharts.com/demo. I don't know what I am missing. I need you guys help on this.
Best wishes,
Arthur
Pick a different port other than the one your tomcat (or other service) is listening on. That port you set in the app.properties files is for the phatomjs service to listen on.