Rooba
/
cowrie
mirror of https://github.com/cowrie/cowrie.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cowrie/Dockerfile

43 lines
1.3 KiB
Docker
Raw Normal View History

Full docker support (#830) * Full docker support Currently Docker images are build by a second git repository. Changes to installation or starting cowrie would need to be done on both. Merging this into one repository prevents that those will be forgotten and makes it easier to understand why changes happen. The dockerfile is a different one then the one from the docker-cowrie repository. I chose to use a python2-alpine linux. In the end this image has 55% smaller image size than the Debian image. The build process is split into to parts. The first image has everything installed to compile the python modules. The second one has only things installed which are needed to run the daemon. There is no need to install python-virtualenv because we are using docker. We don't need that much layers. Twisted can drop his privileges when starting the daemon when `--uid` and `--gid` is passed. This works only with numerical id. The user nobody is used for this. This is on Docker a good idea since there should be only one service with this user running. In other systems there might be several services using this daemon which is not a good choise. When building a new Docker image for cowrie Docker multistage build images are created running flake8 and unittests to ensure that all future releases are stable and matching our code guidelines. Bonus effect is when using this as a git pre-push-hook a developer doesn't need to wait for travis to fail on an error. Based on the current project structure we need a lot of `COPY` instructions inside the dockerfile which has negative sideeffects. - bloading the dockerfile up - longer buildtimes - more layers are created - more diskspace is used We should find a way to reduce this. Best way for doing this is keeping the static files like `honeyfs` and `share` right next to the source code. * Removing UID 0 check Cowrie checked on startup if it was started with root privileges. This conflicts with the option to let cowrie drop his privileges on startup using the twisted option `--uid` and `--gid`. I tested it a day ago without removing the code block and it run through but now it is for some reasons blocking. My feeling is that the code for droping privileges is also asynchron and sometimes the check is faster then the dropping of the privileges. But I might be wrong here. The solution is to remove the hole check. Considering that the check is there for preventing new users to shoot their feet we fixed this problem on different levels. New users should the docker images which are far easier to control and deploy then everything else because we take care. If a user wants to deploy it from scratch onto their serves there is a install instruction with detailed steps. This steps includes creating a special system user for cowrie and starting it with this user. * Fix missing directory, simplify path I missed to create the TTY log path. That's now fixed. Also the path for the trial command has been simplified. * Revert "Removing UID 0 check" This reverts commit f76329cd798744d10a0f52281e5a3588955d2531. * Introducint ENV var COWRIE_DOCKER The variable is used inside the docker image to let cowrie know that it is running inside docker and don't need to perform the "running as root" check. Inside the docker image cowrie is started with the `--uid` and `--gid` option and will drop to a different user then root. * Restructured Dockerfile, Added cowrie user The image is now builded with a user and group for running in the later image cowrie. Also the build steps are re-aranged to save build time. We assume that static files like `honeyfs` and `share` are less frequently updated and can be build into the base image where every other images is based on. * Renamed directory src -> cowrie The name cowrie should be more self-explaining then src. * Update cowrie_plugin.py
2018-08-06 08:27:32 +00:00
FROM python:2-alpine3.8 as python-base
MAINTAINER Florian Pelgrim <florian.pelgrim@craneworks.de>
RUN apk add --no-cache libffi && \
addgroup -S cowrie && \
adduser -S -s /bin/bash -G cowrie -D -H -h /cowrie cowrie && \
Small config changes (#845) * Adding /etc/cowrie/cowrie.cfg to possible configurations We want also to look for /etc/cowrie/cowrie.cfg as a possible configuration. * Write ssh host keys into /var/lib/cowrie Dynamical data should be written into /var/lib/cowrie. I know that OpenSSH is doing this but we are not OpenSSH and we should have only stuff written below /var. So /var/log/cowrie and /var/lib/cowrie. * Moving log and dl below var/, cleanup old folders This helps keeping the writes of the daemon in one place and makes it easier later when building a cowrie package. Old paths have been removed from the repository to keep it clean. * Fixing wrong log path Path should be var/log/cowrie not var/log * Fixing json output The json output was not configured to use the default log path. This has been fixed now. * Change order of config reads According to @micheloosterhof there is an order of precedence here.
2018-08-24 23:02:56 +00:00
mkdir -p /cowrie/var/lib/cowrie/downloads && \
Fixing tty log path (#861) Log paths had still some different paths inside the Dockerfile and the cowrie configuration. This is now fixed and the Docker image fully functional.
2018-08-26 18:07:40 +00:00
mkdir -p /cowrie/var/lib/cowrie/tty && \
mkdir -p /cowrie/var/log/cowrie/ && \
Full docker support (#830) * Full docker support Currently Docker images are build by a second git repository. Changes to installation or starting cowrie would need to be done on both. Merging this into one repository prevents that those will be forgotten and makes it easier to understand why changes happen. The dockerfile is a different one then the one from the docker-cowrie repository. I chose to use a python2-alpine linux. In the end this image has 55% smaller image size than the Debian image. The build process is split into to parts. The first image has everything installed to compile the python modules. The second one has only things installed which are needed to run the daemon. There is no need to install python-virtualenv because we are using docker. We don't need that much layers. Twisted can drop his privileges when starting the daemon when `--uid` and `--gid` is passed. This works only with numerical id. The user nobody is used for this. This is on Docker a good idea since there should be only one service with this user running. In other systems there might be several services using this daemon which is not a good choise. When building a new Docker image for cowrie Docker multistage build images are created running flake8 and unittests to ensure that all future releases are stable and matching our code guidelines. Bonus effect is when using this as a git pre-push-hook a developer doesn't need to wait for travis to fail on an error. Based on the current project structure we need a lot of `COPY` instructions inside the dockerfile which has negative sideeffects. - bloading the dockerfile up - longer buildtimes - more layers are created - more diskspace is used We should find a way to reduce this. Best way for doing this is keeping the static files like `honeyfs` and `share` right next to the source code. * Removing UID 0 check Cowrie checked on startup if it was started with root privileges. This conflicts with the option to let cowrie drop his privileges on startup using the twisted option `--uid` and `--gid`. I tested it a day ago without removing the code block and it run through but now it is for some reasons blocking. My feeling is that the code for droping privileges is also asynchron and sometimes the check is faster then the dropping of the privileges. But I might be wrong here. The solution is to remove the hole check. Considering that the check is there for preventing new users to shoot their feet we fixed this problem on different levels. New users should the docker images which are far easier to control and deploy then everything else because we take care. If a user wants to deploy it from scratch onto their serves there is a install instruction with detailed steps. This steps includes creating a special system user for cowrie and starting it with this user. * Fix missing directory, simplify path I missed to create the TTY log path. That's now fixed. Also the path for the trial command has been simplified. * Revert "Removing UID 0 check" This reverts commit f76329cd798744d10a0f52281e5a3588955d2531. * Introducint ENV var COWRIE_DOCKER The variable is used inside the docker image to let cowrie know that it is running inside docker and don't need to perform the "running as root" check. Inside the docker image cowrie is started with the `--uid` and `--gid` option and will drop to a different user then root. * Restructured Dockerfile, Added cowrie user The image is now builded with a user and group for running in the later image cowrie. Also the build steps are re-aranged to save build time. We assume that static files like `honeyfs` and `share` are less frequently updated and can be build into the base image where every other images is based on. * Renamed directory src -> cowrie The name cowrie should be more self-explaining then src. * Update cowrie_plugin.py
2018-08-06 08:27:32 +00:00
chown -R cowrie:cowrie /cowrie && \
chmod -R 775 /cowrie
COPY requirements.txt .
COPY data /cowrie/data
COPY honeyfs /cowrie/honeyfs
COPY share /cowrie/share
COPY etc /cowrie/etc
FROM python-base as builder
RUN apk add --no-cache gcc musl-dev python-dev libffi-dev libressl-dev && \
pip wheel --wheel-dir=/root/wheelhouse -r requirements.txt
FROM python-base as post-builder
COPY --from=builder /root/wheelhouse /root/wheelhouse
RUN pip install -r requirements.txt --no-index --find-links=/root/wheelhouse && \
rm -rf /root/wheelhouse
COPY src /cowrie
FROM post-builder as linter
Flake8 fixes (#857) * Adding flake8-import-order to linters We need some kind of linter to enforce the code style. Doing this by hand is error prone and no one will really watch for it. I decieded to use the default style since it's from my point of view the best to read and more strictes version. * Enforcing imports order on bin/ * Enforcing imports order on src/twisted/ * Enforcing imports order on setup.py * Enforcing imports order on src/cowrie/commands * Enforcing imports order on src/cowrie/core * Enforcing imports order on src/cowrie/dblog * Enforcing imports order on src/cowrie/insults * Enforcing imports order on src/cowrie/output * Enforcing imports order on src/cowrie/proxy * Enforcing imports order on src/cowrie/python * Enforcing imports order on src/cowrie/shell * Enforcing imports order on src/cowrie/ssh * Enforcing imports order on src/cowrie/telnet * Enforcing imports order on src/cowrie/test * Reformat file, improved readability * flake8 E5,E701 src/cowrie/commands/base.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/base.py src/cowrie/commands/base.py:47:121: E501 line too long (180 > 120 characters) src/cowrie/commands/base.py:48:121: E501 line too long (182 > 120 characters) src/cowrie/commands/base.py:49:121: E501 line too long (149 > 120 characters) src/cowrie/commands/base.py:50:121: E501 line too long (175 > 120 characters) src/cowrie/commands/base.py:52:121: E501 line too long (127 > 120 characters) src/cowrie/commands/base.py:54:121: E501 line too long (185 > 120 characters) src/cowrie/commands/base.py:56:121: E501 line too long (130 > 120 characters) src/cowrie/commands/base.py:57:121: E501 line too long (122 > 120 characters) src/cowrie/commands/base.py:59:121: E501 line too long (188 > 120 characters) src/cowrie/commands/base.py:60:121: E501 line too long (188 > 120 characters) src/cowrie/commands/base.py:61:121: E501 line too long (145 > 120 characters) src/cowrie/commands/base.py:63:121: E501 line too long (142 > 120 characters) src/cowrie/commands/base.py:64:121: E501 line too long (152 > 120 characters) src/cowrie/commands/base.py:66:121: E501 line too long (128 > 120 characters) src/cowrie/commands/base.py:67:121: E501 line too long (123 > 120 characters) src/cowrie/commands/base.py:72:121: E501 line too long (130 > 120 characters) src/cowrie/commands/base.py:74:121: E501 line too long (125 > 120 characters) src/cowrie/commands/base.py:75:121: E501 line too long (140 > 120 characters) src/cowrie/commands/base.py:76:121: E501 line too long (133 > 120 characters) src/cowrie/commands/base.py:78:121: E501 line too long (124 > 120 characters) src/cowrie/commands/base.py:79:121: E501 line too long (122 > 120 characters) src/cowrie/commands/base.py:80:121: E501 line too long (129 > 120 characters) src/cowrie/commands/base.py:81:121: E501 line too long (150 > 120 characters) src/cowrie/commands/base.py:83:121: E501 line too long (129 > 120 characters) src/cowrie/commands/base.py:544:68: E502 the backslash is redundant between brackets src/cowrie/commands/base.py:553:68: E502 the backslash is redundant between brackets src/cowrie/commands/base.py:582:66: E502 the backslash is redundant between brackets src/cowrie/commands/base.py:696:78: E502 the backslash is redundant between brackets 24 E501 line too long (180 > 120 characters) 4 E502 the backslash is redundant between brackets 28 * Reformat code, improved readability * flake8 E5, E701 src/cowrie/commands/curl.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/curl.py src/cowrie/commands/curl.py:413:106: E502 the backslash is redundant between brackets 1 E502 the backslash is redundant between brackets 1 * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/commands/fs.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/fs.py src/cowrie/commands/fs.py:438:74: E502 the backslash is redundant between brackets src/cowrie/commands/fs.py:465:67: E502 the backslash is redundant between brackets 2 E502 the backslash is redundant between brackets 2 * flake8 E5, E701 src/cowrie/commands/gcc.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/gcc.py src/cowrie/commands/gcc.py:167:121: E501 line too long (635 > 120 characters) 1 E501 line too long (635 > 120 characters) 1 * flake8 E5, E701 src/cowrie/commands/ifconfig.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/ifconfig.py src/cowrie/commands/ifconfig.py:11:121: E501 line too long (145 > 120 characters) src/cowrie/commands/ifconfig.py:13:121: E501 line too long (138 > 120 characters) 2 E501 line too long (145 > 120 characters) 2 * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/commands/netstat.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/netstat.py src/cowrie/commands/netstat.py:21:121: E501 line too long (126 > 120 characters) 1 E501 line too long (126 > 120 characters) 1 * flake8 E5, E701 src/cowrie/commands/ping.py flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/ping.py src/cowrie/commands/ping.py:81:74: E502 the backslash is redundant between brackets 1 E502 the backslash is redundant between brackets 1 * Reformat code, improved readability * flake8 E5, E701 src/cowrie/commands/ssh.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/ssh.py src/cowrie/commands/ssh.py:79:87: E502 the backslash is redundant between brackets src/cowrie/commands/ssh.py:99:81: E502 the backslash is redundant between brackets 2 E502 the backslash is redundant between brackets 2 * flake8 E5, E701 src/cowrie/commands/sudo.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/sudo.py src/cowrie/commands/sudo.py:14:121: E501 line too long (133 > 120 characters) src/cowrie/commands/sudo.py:15:121: E501 line too long (166 > 120 characters) src/cowrie/commands/sudo.py:16:121: E501 line too long (122 > 120 characters) src/cowrie/commands/sudo.py:24:121: E501 line too long (133 > 120 characters) src/cowrie/commands/sudo.py:25:121: E501 line too long (166 > 120 characters) src/cowrie/commands/sudo.py:26:121: E501 line too long (122 > 120 characters) 6 E501 line too long (133 > 120 characters) 6 * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/commands/wget.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/wget.py src/cowrie/commands/wget.py:50:19: E701 multiple statements on one line (colon) src/cowrie/commands/wget.py:264:69: E502 the backslash is redundant between brackets 1 E502 the backslash is redundant between brackets 1 E701 multiple statements on one line (colon) 2 * flake8 E5, E701 src/cowrie/commands/yum.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/commands/yum.py src/cowrie/commands/yum.py:8:1: F401 'datetime.datetime' imported but unused src/cowrie/commands/yum.py:223:121: E501 line too long (193 > 120 characters) src/cowrie/commands/yum.py:228:121: E501 line too long (193 > 120 characters) src/cowrie/commands/yum.py:237:121: E501 line too long (193 > 120 characters) 3 E501 line too long (193 > 120 characters) 1 F401 'datetime.datetime' imported but unused 4 * flake8 E5, E701 src/cowrie/core/cef.py flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/core src/cowrie/core/cef.py:53:121: E501 line too long (122 > 120 characters) 1 E501 line too long (122 > 120 characters) 1 * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/output/hpfeeds.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/output/hpfeeds.py src/cowrie/output/hpfeeds.py:61:26: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:80:29: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:147:22: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:166:22: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:173:26: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:180:30: E701 multiple statements on one line (colon) src/cowrie/output/hpfeeds.py:186:34: E701 multiple statements on one line (colon) 7 E701 multiple statements on one line (colon) 7 * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/output/sqlite.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/output/sqlite.py src/cowrie/output/sqlite.py:73:62: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:74:60: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:82:62: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:83:60: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:91:41: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:92:67: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:100:41: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:101:67: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:109:62: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:116:45: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:117:75: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:125:45: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:126:75: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:134:41: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:135:65: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:143:67: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:149:69: E502 the backslash is redundant between brackets src/cowrie/output/sqlite.py:165:57: E502 the backslash is redundant between brackets 18 E502 the backslash is redundant between brackets 18 * flake8 E5, E701 src/cowrie/output/mysql.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/output/mysql.py src/cowrie/output/mysql.py:108:77: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:109:71: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:115:75: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:116:73: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:122:75: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:127:54: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:128:80: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:133:54: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:134:80: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:139:58: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:140:88: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:147:58: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:148:88: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:154:58: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:155:88: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:161:54: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:162:78: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:169:68: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:175:70: E502 the backslash is redundant between brackets src/cowrie/output/mysql.py:191:73: E502 the backslash is redundant between brackets 20 E502 the backslash is redundant between brackets 20 * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * flake8 E5, E701 src/cowrie/shell/shlex.py Before flake8 --count --select=E1,E2,E3,E5,E701,E901,E999,F401,F821,F822,F823 --max-line-length=120 --statistics src/cowrie/shell src/cowrie/shell/protocol.py:37:121: E501 line too long (144 > 120 characters) src/cowrie/shell/shlex.py:111:51: E502 the backslash is redundant between brackets 1 E501 line too long (144 > 120 characters) 1 E502 the backslash is redundant between brackets 2 * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Reformat code, improved readability * Update linters to check for E5 and E701 * Update travis file to the current state - Removed every checker we do not use. That means twistedchecker and pytest. - Updated the flake8 command to match our current clean state - Removed unused old code * Fix format typo of cowrie.direct-tcpip.data log event * Update travis to match the current state Travis checks now every fixed flake8 error. Also I removed unused code from it to keep it clean. * Removed vim file markers We don't want to have editor specific code in our source files. Fix your IDE but don't do it in the code. * src/cowrie/test/test_echo.py removed trailing whitespace * src/cowrie/commands/yum.py removed trailing whitespace * src/cowrie/commands/netstat.py removed trailing whitespace * Checking for flake8 W291, W293 * flake8 F811 ./src/cowrie/commands/scp.py I made sure to delete only the oldest version of the code. Before flake8 --count --select=F811 --application-import-names cowrie --max-line-length=120 --statistics . ./src/cowrie/commands/scp.py:209:5: F811 redefinition of unused 'handle_CTRL_D' from line 192 1 F811 redefinition of unused 'handle_CTRL_D' from line 192 1 * Update flake8 checks * Fix flake8 E722, F841 src/cowrie/commands/wget.py * Fix flake8 E722 src/cowrie/commands/ping.py * Fix flake8 E722,F841 src/cowrie/commands/nc.py * Fix flake8 E722, E741, F841 src/cowrie/commands/base.py * Flake8 E731 src/cowrie/commands/base.py I removed all lambda functions and replaced them with proper code. That means straight function calls or not calling anything because it's not needed. * Fix flake8 E722, F841 src/cowrie/commands/scp.py * Fix flake8 E722, F841 src/cowrie/commands/ssh.py * Fix flake8 E712 src/cowrie/commands/iptables.py * Fix flake8 E741 src/cowrie/commands/adduser.py * Fix flake8 F841 src/cowrie/commands/tftp.py * Fix flake8 E722 in all files * Fix flake8 E711 bin/createdynamicprocess.py * Fix flake8 E712, E713 src/cowrie/core/dblog.py * Fix flake8 E712, E713 src/cowrie/shell/avatar.py * Fix flake8 E712 src/cowrie/shell/fs.py * Fix flake8 E712, E741 src/cowrie/commands/ls.py * Fix flake8 E712, E713 src/cowrie/dblog/xmpp.py * Fix flake8 E731, F841 src/cowrie/commands/gcc.py * Fix flake8 F841 src/cowrie/insults/insults.py * Fix flake8 F841 src/cowrie/telnet/session.py * Fix flake8 F841 src/cowrie/commands/fs.py * Fix flake8 E741,F841 src/cowrie/commands/last.py * Fix flake8 E741 src/cowrie/commands/netstat.py * Fix flake8 F841 src/cowrie/commands/free.py * Fix flake8 F841 src/cowrie/commands/sudo.py * Fix flake8 F841 src/cowrie/commands/curl.py * Fix flake8 F841 src/cowrie/commands/base64.py * Fix flake8 F841 src/cowrie/commands/service.py * Fix flake8 F841 src/cowrie/ssh/factory.py * Fix flake8 F841 src/cowrie/ssh/transport.py * Fix flake8 F841 src/cowrie/output/csirtg.py * Fix flake8 F841 src/cowrie/output/kafka.py * Fix flake8 F841 src/cowrie/output/mongodb.py * Fix flake8 F741 src/cowrie/output/hpfeeds.py * Fix flake8 F741 src/cowrie/output/hpfeeds.py * Fix flake8 F841 src/proxy/session.py * Fix flake8 F841 src/cowrie/core/utils.py * Update travis and Dockerfile for flake8 checks
2018-08-18 11:52:45 +00:00
RUN pip install flake8 flake8-import-order && \
flake8 --count --application-import-names cowrie --max-line-length=120 --statistics /cowrie
Full docker support (#830) * Full docker support Currently Docker images are build by a second git repository. Changes to installation or starting cowrie would need to be done on both. Merging this into one repository prevents that those will be forgotten and makes it easier to understand why changes happen. The dockerfile is a different one then the one from the docker-cowrie repository. I chose to use a python2-alpine linux. In the end this image has 55% smaller image size than the Debian image. The build process is split into to parts. The first image has everything installed to compile the python modules. The second one has only things installed which are needed to run the daemon. There is no need to install python-virtualenv because we are using docker. We don't need that much layers. Twisted can drop his privileges when starting the daemon when `--uid` and `--gid` is passed. This works only with numerical id. The user nobody is used for this. This is on Docker a good idea since there should be only one service with this user running. In other systems there might be several services using this daemon which is not a good choise. When building a new Docker image for cowrie Docker multistage build images are created running flake8 and unittests to ensure that all future releases are stable and matching our code guidelines. Bonus effect is when using this as a git pre-push-hook a developer doesn't need to wait for travis to fail on an error. Based on the current project structure we need a lot of `COPY` instructions inside the dockerfile which has negative sideeffects. - bloading the dockerfile up - longer buildtimes - more layers are created - more diskspace is used We should find a way to reduce this. Best way for doing this is keeping the static files like `honeyfs` and `share` right next to the source code. * Removing UID 0 check Cowrie checked on startup if it was started with root privileges. This conflicts with the option to let cowrie drop his privileges on startup using the twisted option `--uid` and `--gid`. I tested it a day ago without removing the code block and it run through but now it is for some reasons blocking. My feeling is that the code for droping privileges is also asynchron and sometimes the check is faster then the dropping of the privileges. But I might be wrong here. The solution is to remove the hole check. Considering that the check is there for preventing new users to shoot their feet we fixed this problem on different levels. New users should the docker images which are far easier to control and deploy then everything else because we take care. If a user wants to deploy it from scratch onto their serves there is a install instruction with detailed steps. This steps includes creating a special system user for cowrie and starting it with this user. * Fix missing directory, simplify path I missed to create the TTY log path. That's now fixed. Also the path for the trial command has been simplified. * Revert "Removing UID 0 check" This reverts commit f76329cd798744d10a0f52281e5a3588955d2531. * Introducint ENV var COWRIE_DOCKER The variable is used inside the docker image to let cowrie know that it is running inside docker and don't need to perform the "running as root" check. Inside the docker image cowrie is started with the `--uid` and `--gid` option and will drop to a different user then root. * Restructured Dockerfile, Added cowrie user The image is now builded with a user and group for running in the later image cowrie. Also the build steps are re-aranged to save build time. We assume that static files like `honeyfs` and `share` are less frequently updated and can be build into the base image where every other images is based on. * Renamed directory src -> cowrie The name cowrie should be more self-explaining then src. * Update cowrie_plugin.py
2018-08-06 08:27:32 +00:00
FROM post-builder as unittest
ENV PYTHONPATH=/cowrie
WORKDIR /cowrie
RUN trial cowrie
FROM post-builder
ENV PYTHONPATH=/cowrie
WORKDIR /cowrie
EXPOSE 2222/tcp
EXPOSE 2223/tcp
USER cowrie
CMD /usr/local/bin/python /usr/local/bin/twistd --umask 0022 --nodaemon --pidfile= -l - cowrie