From 7585a9164b8afb6b6e3b7cff3ba18e987deeefa7 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 10 Apr 2023 07:50:07 +0200 Subject: [PATCH 1/5] Feat(#755): initial test setup to get podman --- Dockerfile_webdesktop | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/Dockerfile_webdesktop b/Dockerfile_webdesktop index 88d4a0afa..f67a19a85 100644 --- a/Dockerfile_webdesktop +++ b/Dockerfile_webdesktop @@ -1,4 +1,5 @@ -FROM lscr.io/linuxserver/webtop:4.16-r0-ls72 +# FROM lscr.io/linuxserver/webtop:4.16-r0-ls72 +FROM linuxserver/webtop:alpine-icewm-version-b14a106e LABEL NAME="OWASP WrongSecrets Web Desktop" MAINTAINER="Jeroen Willemsen" RUN \ @@ -9,7 +10,7 @@ RUN \ RUN \ echo "**** install packages ****" && \ - apk add --no-cache shadow keepassxc radare2 aws-cli geany git && \ + apk add --no-cache shadow keepassxc radare2 aws-cli geany git podman openrc && \ echo "**** adding abc user to root for Docker ****" && \ usermod -aG root abc && \ touch /var/run/docker.sock && \ @@ -17,6 +18,16 @@ RUN \ echo "**** cleanup ****" && \ rm -rf /tmp/* +RUN \ + echo "***config podman***" && \ + rc-update add cgroups + +RUN \ +# modprobe tun && \ + echo tun >>/etc/modules &&\ + sudo echo abc:100000:65536 >/etc/subuid &&\ + sudo echo abc:100000:65536 >/etc/subgid + WORKDIR /config/Desktop COPY src/main/resources/executables/*linux* /config/Desktop/wrongsecrets/ From 7e94df45937f893e1b448f0059b06df77d506e1e Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 10 Apr 2023 11:08:59 +0200 Subject: [PATCH 2/5] Feat(#755): initial almost working podman container with much newer alpine setup --- Dockerfile_webdesktop | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile_webdesktop b/Dockerfile_webdesktop index f67a19a85..999a5e982 100644 --- a/Dockerfile_webdesktop +++ b/Dockerfile_webdesktop @@ -1,5 +1,5 @@ # FROM lscr.io/linuxserver/webtop:4.16-r0-ls72 -FROM linuxserver/webtop:alpine-icewm-version-b14a106e +FROM linuxserver/webtop:alpine-kde-version-c211f7df LABEL NAME="OWASP WrongSecrets Web Desktop" MAINTAINER="Jeroen Willemsen" RUN \ @@ -37,4 +37,5 @@ COPY wrongsecret-desktop-resources/welcome.md /var/tmp/wrongsecrets/ RUN sudo chown abc /var/tmp/wrongsecrets -COPY wrongsecret-desktop-resources/startwm.sh /defaults/startwm.sh + +RUN echo "sudo cp -r /var/tmp/wrongsecrets /config/Desktop/wrongsecrets && sudo cp -r /var/tmp/wrongsecrets/welcome.md /config/Desktop" >> /defaults/startwm.sh From 19d3aa5a0325aa91a2de1e3a5ae5a8ea8f9ace42 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 10 Apr 2023 17:26:40 +0200 Subject: [PATCH 3/5] feat(#755): no more podman as it requieres privileges --- Dockerfile_webdesktop | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/Dockerfile_webdesktop b/Dockerfile_webdesktop index 999a5e982..5d9f2bd39 100644 --- a/Dockerfile_webdesktop +++ b/Dockerfile_webdesktop @@ -1,5 +1,4 @@ -# FROM lscr.io/linuxserver/webtop:4.16-r0-ls72 -FROM linuxserver/webtop:alpine-kde-version-c211f7df +FROM linuxserver/webtop:latest LABEL NAME="OWASP WrongSecrets Web Desktop" MAINTAINER="Jeroen Willemsen" RUN \ @@ -10,7 +9,7 @@ RUN \ RUN \ echo "**** install packages ****" && \ - apk add --no-cache shadow keepassxc radare2 aws-cli geany git podman openrc && \ + apk add --no-cache shadow keepassxc radare2 aws-cli geany git && \ echo "**** adding abc user to root for Docker ****" && \ usermod -aG root abc && \ touch /var/run/docker.sock && \ @@ -18,16 +17,6 @@ RUN \ echo "**** cleanup ****" && \ rm -rf /tmp/* -RUN \ - echo "***config podman***" && \ - rc-update add cgroups - -RUN \ -# modprobe tun && \ - echo tun >>/etc/modules &&\ - sudo echo abc:100000:65536 >/etc/subuid &&\ - sudo echo abc:100000:65536 >/etc/subgid - WORKDIR /config/Desktop COPY src/main/resources/executables/*linux* /config/Desktop/wrongsecrets/ @@ -35,7 +24,6 @@ COPY src/test/resources/alibabacreds.kdbx /var/tmp/helpers/ COPY src/test/resources/alibabacreds.kdbx /var/tmp/wrongsecrets/ COPY wrongsecret-desktop-resources/welcome.md /var/tmp/wrongsecrets/ -RUN sudo chown abc /var/tmp/wrongsecrets +RUN echo -e "sudo chown abc /config/Desktop && cp -r /var/tmp/wrongsecrets /var/tmp/wrongsecrets/welcome.md /config/Desktop/\n$(cat /defaults/startwm.sh)" > /defaults/startwm.sh -RUN echo "sudo cp -r /var/tmp/wrongsecrets /config/Desktop/wrongsecrets && sudo cp -r /var/tmp/wrongsecrets/welcome.md /config/Desktop" >> /defaults/startwm.sh From 63aaf5e15cbdc8545855b624f01606377ab0e893 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci-lite[bot]" <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Date: Mon, 10 Apr 2023 15:28:15 +0000 Subject: [PATCH 4/5] [pre-commit.ci lite] apply automatic fixes --- Dockerfile_webdesktop | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile_webdesktop b/Dockerfile_webdesktop index 5d9f2bd39..55640c1d4 100644 --- a/Dockerfile_webdesktop +++ b/Dockerfile_webdesktop @@ -26,4 +26,3 @@ COPY wrongsecret-desktop-resources/welcome.md /var/tmp/wrongsecrets/ RUN echo -e "sudo chown abc /config/Desktop && cp -r /var/tmp/wrongsecrets /var/tmp/wrongsecrets/welcome.md /config/Desktop/\n$(cat /defaults/startwm.sh)" > /defaults/startwm.sh - From 5d2d1dad418a8e331f6d56b0d3bea37130ed0611 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Tue, 11 Apr 2023 06:49:07 +0200 Subject: [PATCH 5/5] Initial testing with new virtual desktop --- Dockerfile_webdesktopk8s | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Dockerfile_webdesktopk8s b/Dockerfile_webdesktopk8s index dd30af9d2..594668b60 100644 --- a/Dockerfile_webdesktopk8s +++ b/Dockerfile_webdesktopk8s @@ -1,4 +1,4 @@ -FROM lscr.io/linuxserver/webtop:4.16-r0-ls72 +FROM linuxserver/webtop:latest LABEL NAME="OWASP WrongSecrets Web Desktop" MAINTAINER="Jeroen Willemsen" RUN \ @@ -31,6 +31,4 @@ COPY src/test/resources/alibabacreds.kdbx /var/tmp/wrongsecrets/ COPY wrongsecret-desktop-resources/welcome.md /var/tmp/wrongsecrets/ -RUN sudo chown abc /var/tmp/wrongsecrets - -COPY wrongsecret-desktop-resources/startwm.sh /defaults/startwm.sh +RUN echo -e "sudo chown abc /config/Desktop && cp -r /var/tmp/wrongsecrets /var/tmp/wrongsecrets/welcome.md /config/Desktop/\n$(cat /defaults/startwm.sh)" > /defaults/startwm.sh