Saturday, September 27, 2014

Deleting a Docker container

If you are finished with a container, you can delete it using the docker rm command.

You must stop it first using the docker stop command or docker kill command.

Deleting a container
# docker rm ba1d58bfb1dc

Deleting a running container
# docker rm –f ba1d58bfb1dc

Deleting all containers
There is currently no command to delete all containers but you can combine docker ps –a and docker ps –q to delete all containers.

# docker rm $(docker ps -a -q)

ps –a list all the containers
ps -q list the ids of all containers

Friday, September 26, 2014

Attaching to docker container

You launched your Docker container with
sudo docker –run –I –t –name grey_cat centos /bin/bash

This creates the container name “grey_cat” from base image “centos” and ran the bash shell inside it, the container’s is presented.

Once you are done with the container you type “exit” which stop the container and get back to you host shell.
So what happened to container? The container still exists; we can show a list of current containers using the docker ps -a command

To start the stopped container
sudo docker start grey_cat

This start the container with the same options when it was launched with docker run command.

To attach to the interactive session we can use attach command
sudo docker attach grey_cat

You might need to Enter to get the command prompt.

Docker Installation Script

It’s easy to install Docker using your distro package management system for example in Centos, Redhat, Fedora using yum and, in Ubuntu, Debian using apt-get.
There is also a simple curl script available to help with installing Docker.
- Make sure curl is install, if not first install it.
- Now install Docker from installation script
$ curl -sSL | sudo sh
- To verify that everything has worked as expected:
$ sudo docker run -i -t ubuntu /bin/bash
This should download the Ubuntu image, and then start bash in a container.

Thursday, September 25, 2014

Linux Bash Vulnerability CVE-2014-6271 ("Shellshock")

There is apparently a vulnerability in bash
Vulnerability has been found where variables that control the environment of the Linux system can be sent to the Bash application and when the Bash application starts, the content of the variable will be executed. This vulnerability allows a hacker to inject malicious code that the Bash application will run without validation. In a worst case scenario, this can allow the hacker to gain control of the system.

The bug lies in Bash's handling of environment variables: when assigning a function to a variable, trailing code in the function definition will be executed, leaving the door wide open for code-injection attacks. The vulnerability is exploitable remotely if code can be smuggled into environment variables sent over the network – and it's surprisingly easy to do so.

Systems Affected

Linux (all OS versions containing Bash GNU 4.3 or earlier)
Mac OSX (v10.9.5 and earlier) NOTE: Not confirmed yet but suspected
Freebsd running bash version <= 4.3

Test if your servers is vulnerable:
Execute the following code on bash shell

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test

If you get the output “vulnerable” then your system is affected.

Installing update

Most of the distros already patched bash and released an update, install the update using your distro package management system.  A GNU Bashpatch is also available for experienced users and administrators to implement.

I am running couple of latest Ubuntu (Trusty) virtual machines, and when I checked they already released bash updates (4.3-7ubuntu1.1)
sudo apt-get update        # Fetches the list of available updates
sudo apt-get dist-upgrade  # Installs updates

Test after installing update
# env x='() { :;}; echo vulnerable' bash -c "echo this is "
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

Bravo the system is now patched and no more worries about bash shellshock :)