def crawl(self, container_id=None, avoid_setns=False, root_dir='/', **kwargs): logger.debug('Crawling packages for container %s' % container_id) inspect = exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) if avoid_setns: rootfs_dir = get_docker_container_rootfs_path(container_id) return crawl_packages(root_dir=join_abs_paths( rootfs_dir, root_dir), reload_needed=True) else: # in all other cases, including wrong mode set try: return run_as_another_namespace(pid, ALL_NAMESPACES, crawl_packages, None, root_dir, 0, False) except CrawlError: # Retry the crawl avoiding the setns() syscall. This is # needed for PPC where we can not jump into the container and # run its apt or rpm commands. rootfs_dir = get_docker_container_rootfs_path(container_id) return crawl_packages(root_dir=join_abs_paths( rootfs_dir, root_dir), reload_needed=True)
def crawl(self, container_id=None, avoid_setns=False, root_dir='/', exclude_dirs=[ '/boot', '/dev', '/proc', '/sys', '/mnt', '/tmp', '/var/cache', '/usr/share/man', '/usr/share/doc', '/usr/share/mime' ], **kwargs): inspect = dockerutils.exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) logger.debug('Crawling file for container %s' % container_id) if avoid_setns: rootfs_dir = dockerutils.get_docker_container_rootfs_path( container_id) exclude_dirs = [ misc.join_abs_paths(rootfs_dir, d) for d in exclude_dirs ] return crawl_files(root_dir=misc.join_abs_paths( rootfs_dir, root_dir), exclude_dirs=exclude_dirs, root_dir_alias=root_dir) else: # in all other cases, including wrong mode set return run_as_another_namespace(pid, ['mnt'], crawl_files, root_dir, exclude_dirs, None)
def crawl(self, container_id, avoid_setns=False, **kwargs): inspect = dockerutils.exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) logger.debug('Crawling OS for container %s' % container_id) if avoid_setns: mp = dockerutils.get_docker_container_rootfs_path(container_id) return crawl_os_mountpoint(mp) else: # in all other cases, including wrong mode set return run_as_another_namespace(pid, ALL_NAMESPACES, crawl_os)
def crawl(self, container_id=None, avoid_setns=False, root_dir='/', exclude_dirs=[ '/dev', '/proc', '/mnt', '/tmp', '/var/cache', '/usr/share/man', '/usr/share/doc', '/usr/share/mime' ], known_config_files=[ '/etc/passwd', '/etc/group', '/etc/hosts', '/etc/hostname', '/etc/mtab', '/etc/fstab', '/etc/aliases', '/etc/ssh/ssh_config', '/etc/ssh/sshd_config', '/etc/sudoers' ], discover_config_files=False, **kwargs): inspect = dockerutils.exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) logger.debug('Crawling config for container %s' % container_id) if avoid_setns: rootfs_dir = dockerutils.get_docker_container_rootfs_path( container_id) exclude_dirs = [ misc.join_abs_paths(rootfs_dir, d) for d in exclude_dirs ] return crawl_config_files( root_dir=misc.join_abs_paths(rootfs_dir, root_dir), exclude_dirs=exclude_dirs, root_dir_alias=root_dir, known_config_files=known_config_files, discover_config_files=discover_config_files) else: # in all other cases, including wrong mode set return run_as_another_namespace(pid, ['mnt'], crawl_config_files, root_dir, exclude_dirs, None, known_config_files, discover_config_files)
def test_get_container_rootfs(self): root = get_docker_container_rootfs_path(self.container['Id']) print root assert root.startswith('/var/lib/docker')
def test_get_rootfs_vfs_v1_10_failure(self, *args): dockerutils.driver = 'vfs' dockerutils.server_version = '1.10.0' with self.assertRaises(DockerutilsException): dockerutils.get_docker_container_rootfs_path('abcde')
def test_get_rootfs_vfs_v1_10(self, *args): dockerutils.driver = 'vfs' dockerutils.server_version = '1.10.0' assert dockerutils.get_docker_container_rootfs_path( 'abcde') == '/var/lib/docker/vfs/dir/vol1/id/rootfs-a-b-c'
def test_get_rootfs_aufs_v1_8(self, *args): dockerutils.driver = 'aufs' dockerutils.server_version = '1.8.0' assert dockerutils.get_docker_container_rootfs_path( 'abcde') == '/var/lib/docker/aufs/mnt/abcde'
def test_get_rootfs_btrfs_v1_10_failure(self, mock_open, mock_client): dockerutils.driver = 'btrfs' dockerutils.server_version = '1.10.0' with self.assertRaises(DockerutilsException): dockerutils.get_docker_container_rootfs_path('abcde')
def test_get_rootfs_btrfs_v1_10(self, mock_open, mock_client): dockerutils.driver = 'btrfs' dockerutils.server_version = '1.10.0' assert dockerutils.get_docker_container_rootfs_path( 'id') == '/var/lib/docker/btrfs/subvolumes/vol1/id/rootfs-a-b-c'
def test_get_rootfs_btrfs_v1_8(self, mock_client, mock_list): dockerutils.driver = 'btrfs' dockerutils.server_version = '1.8.0' assert dockerutils.get_docker_container_rootfs_path( 'abcde') == '/var/lib/docker/sub1/abcde'
def test_get_rootfs_devicemapper_failure(self, mock_open, mock_client): dockerutils.driver = 'devicemapper' with self.assertRaises(DockerutilsException): dockerutils.get_docker_container_rootfs_path('id')
def test_get_rootfs_devicemapper(self, mock_open, mock_client): dockerutils.driver = 'devicemapper' assert dockerutils.get_docker_container_rootfs_path( 'id') == ("/var/lib/docker/devicemapper/mnt/" "65fe676c24fe1faea1f06e222cc3811cc" "9b651c381702ca4f787ffe562a5e39b/rootfs")