def _preprocess(self, _):
self._docker_root_directory = GetDockerPath(
self.parent_evidence.mount_path)
# Mounting the container's filesystem
self._container_fs_path = docker.PreprocessMountDockerFS(
self._docker_root_directory, self.container_id)
self.mount_path = self._container_fs_path
self.local_path = self.mount_path
def _preprocess(self, _, required_states):
if EvidenceState.DOCKER_MOUNTED in required_states:
self._docker_root_directory = GetDockerPath(
self.parent_evidence.mount_path)
# Mounting the container's filesystem
self._container_fs_path = docker.PreprocessMountDockerFS(
self._docker_root_directory, self.container_id)
self.mount_path = self._container_fs_path
self.local_path = self.mount_path
self.state[EvidenceState.DOCKER_MOUNTED] = True
def GetContainers(self, evidence):
"""Lists the containers from an input Evidence.
We use subprocess to run the DockerExplorer script, instead of using the
Python module, because we need to make sure all DockerExplorer code runs
as root.
Args:
evidence (Evidence): the input Evidence.
Returns:
a list(dict) containing information about the containers found.
Raises:
TurbiniaException: when the docker-explorer tool cannot be found or failed
to run.
"""
config.LoadConfig()
docker_dir = GetDockerPath(evidence.mount_path)
containers_info = None
# TODO(rgayon): use docker-explorer exposed constant when
# https://github.com/google/docker-explorer/issues/80 is in.
de_binary = utils.get_exe_path('de.py')
if not de_binary:
raise TurbiniaException('Cannot find de.py in path')
# Check if docker folder exists
if not path.exists(docker_dir):
log.info('docker_dir does not exist')
return containers_info
docker_explorer_command = ['sudo', de_binary]
if config.DEBUG_TASKS or self.task_config.get('debug_tasks'):
docker_explorer_command.append('-d')
docker_explorer_command.extend(
['-r', docker_dir, 'list', 'all_containers'])
log.info('Running {0:s}'.format(' '.join(docker_explorer_command)))
try:
json_string = subprocess.check_output(
docker_explorer_command).decode('utf-8')
containers_info = json.loads(json_string)
except json.JSONDecodeError as e:
raise TurbiniaException(
'Error decoding JSON output from de.py: {0!s} {1!s}'.format(
e, json_string))
except subprocess.CalledProcessError as e:
raise TurbiniaException('de.py returned an error: {0!s}'.format(e))
return containers_info
def _preprocess(self, _, required_states):
# Checking for either ATTACHED or MOUNTED since artefact extraction only
# requires ATTACHED, but a docker container can't be attached.
if (EvidenceState.ATTACHED in required_states or
EvidenceState.MOUNTED in required_states):
self._docker_root_directory = GetDockerPath(
self.parent_evidence.mount_path)
# Mounting the container's filesystem
self._container_fs_path = docker.PreprocessMountDockerFS(
self._docker_root_directory, self.container_id)
self.mount_path = self._container_fs_path
self.local_path = self.mount_path
self.state[EvidenceState.MOUNTED] = True
def GetContainers(self, evidence):
"""Lists the containers from an input Evidence.
We use subprocess to run the DockerExplorer script, instead of using the
Python module, because we need to make sure all DockerExplorer code runs
as root.
Args:
evidence (Evidence): the input Evidence.
Returns:
a list(dict) containing information about the containers found.
Raises:
TurbiniaException: when the docker-explorer tool failed to run.
"""
docker_dir = GetDockerPath(evidence.mount_path)
containers_info = None
# TODO(rgayon): use docker-explorer exposed constant when
# https://github.com/google/docker-explorer/issues/80 is in.
docker_explorer_command = [
'sudo', 'de.py', '-r', docker_dir, 'list', 'all_containers'
]
log.info('Running {0:s}'.format(' '.join(docker_explorer_command)))
try:
json_string = subprocess.check_output(
docker_explorer_command).decode('utf-8')
except json.JSONDecodeError as e:
raise TurbiniaException(
'Error decoding JSON output from de.py: {0!s}'.format(e))
except subprocess.CalledProcessError as e:
raise TurbiniaException('de.py returned an error: {0!s}'.format(e))
containers_info = json.loads(json_string)
return containers_info
