alpinelinux / docker-alpine Goto Github PK

Official Alpine Linux Docker image. Win at minimalism!

License: MIT License

Dockerfile 1.64% Lua 57.62% Shell 40.74%

docker-alpine's Introduction

docker-alpine

The official Docker image for Alpine Linux. The image is only 5MB and has access to a package repository that is much more featureful than other BusyBox based images.

Why

Docker images today are big. Usually much larger than they need to be. There are a lot of ways to make them smaller, but the Docker populace still jumps to the ubuntu base image for most projects. The size savings over ubuntu and other bases are huge:

REPOSITORY  TAG     IMAGE ID      CREATED      SIZE
alpine      latest  961769676411  4 weeks ago  5.58MB
ubuntu      latest  2ca708c1c9cc  2 days ago   64.2MB
debian      latest  c2c03a296d23  9 days ago   114MB
centos      latest  67fa590cfc1c  4 weeks ago  202MB

There are images such as progrium/busybox which get us close to a minimal container and package system, but these particular BusyBox builds piggyback on the OpenWRT package index, which is often lacking and not tailored towards generic everyday applications. Alpine Linux has a much more featureful and up to date Package Index:

$ docker run progrium/busybox opkg-install nodejs
Unknown package 'nodejs'.
Collected errors:
 * opkg_install_cmd: Cannot install package nodejs.

$ docker run alpine apk add --no-cache nodejs
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
(1/7) Installing ca-certificates (20190108-r0)
(2/7) Installing c-ares (1.15.0-r0)
(3/7) Installing libgcc (8.3.0-r0)
(4/7) Installing http-parser (2.8.1-r0)
(5/7) Installing libstdc++ (8.3.0-r0)
(6/7) Installing libuv (1.23.2-r0)
(7/7) Installing nodejs (10.14.2-r0)
Executing busybox-1.29.3-r10.trigger
Executing ca-certificates-20190108-r0.trigger
OK: 31 MiB in 21 packages

This makes Alpine Linux a great image base for utilities, as well as production applications. Read more about Alpine Linux here and it will become obvious how its mantra fits in right at home with Docker images.

Note	All of the example outputs above were last generated/updated on May 3rd 2019.

Usage

Stop doing this:

FROM ubuntu:22.04
RUN apt-get update -q \
  && DEBIAN_FRONTEND=noninteractive apt-get install -qy mysql-client \
  && apt-get clean \
  && rm -rf /var/lib/apt
ENTRYPOINT ["mysql"]

This took 28 seconds to build and yields a 169 MB image. Start doing this:

FROM alpine:3.16
RUN apk add --no-cache mysql-client
ENTRYPOINT ["mysql"]

Only 4 seconds to build and results in a 41 MB image!

docker-alpine's People

Stargazers

Watchers

Forkers

kinglionoo satyadeep k8s-canux myhololens kirillrocks hobbit19 murillomelo binkie3272286456799352 atrawog marcelavidal21 timyinshi shadhasan priyadarshi-yoti sharpspring webyyh dockerqube kenwrites landsrover gitgirish2 kobemtl agf46 bxnyintuc dreamwuhi gathuku wangjianze xiaodongloong wanghuaiqing2010 git04112019 deepaa5858 magnologan lucazamm sfernase jlmc-miranda schokokex udkyo skeitr anup5512 szrtgreg youxiu543 merklepro daringanitch alexalouit lnxd jiapei100 ouaazizdriss furqanpr quanghuynguyen freight-trust msgpo rahaman849 sunilbakale dbhullar dsoldo likemaq voa2000 zacburns zburnstravis korpx-z alderocas scottwedge l769829723 performance-media lovesbaige1005 mudflat tubbz-alt fuyuezhen sarahbx codysk jayukie ds2 pavantatikonda sbv1307 ikke zxing0214 jjn11 omar-ey elfloftpigeons sansglennj doytsujin laashub-soa piyapsri guidiego tianon loesterfranco huxiaopeng-stack classicvalues sasecio rashminarasimhaswamy swsio luislaso xero-jung rafnizp-zz theneutron terry-basin jgowdy alexrogalskiy estivenpolancorizek dopos ddl-gstroup jeffreyse

docker-alpine's Issues

Facing issue while running prebuild binaries in alpine docker container

Hi,
I'm trying to run simple hello.c binary which is built in my machine and created docker image for it using alpine as base image

Code compilation

gcc hello.c -o hello

DOCKER FILE

FROM alpine:3.4
RUN apk add --update gcc libc-dev
COPY hello /usr/bin/

DOCKER CONTAINER

1. docker build . -t helloworld:1
2. docker run --rm -it helloworld:1
3. /bin/sh: hello: not found

can anyone help me out to resolve this issue

Is it possible to install SystemTap?

Hello,

We want to build some packages with dtrace enabled, is it possible to install SystemTap
which can be installed in RHEL with the following command.

yum install systemtap-sdt-devel

Strange behaviour with multi-CPU support

I'm seeing some strange behaviour when leveraging multi-CPU support with Docker on Mac OS. I'm running Docker v2.0.0.3 and Mac OS 10.14.4. I'm trying to create an ARMv7 container to use as a remote runner/debugger for CLion (which works via SSH).

When I just stick with the Alpine root account, I can SSH into the container. When I try and create a non-root user and SSH in, as soon as I connect the container crashes. If I use the x86_64 Alpine image I can SSH in as a non-root user. Any idea what the cause of this could be?

Dockerfile - ARM32v7, non-root user

# From ARM base image
FROM arm32v7/alpine:3.9

# Install SSH and generate SSH keys
RUN apk update && apk add --no-cache \
  openssh && \
  ssh-keygen -A 

# Add group, add user and set password
RUN addgroup -S -g 1000 developer && \
    adduser -S -u 1000 -h /home/developer -s /bin/sh developer developer && \
    echo "developer:developer" | chpasswd

# Expose SSH port
EXPOSE 22

# Start SSH server
CMD /usr/sbin/sshd -D -d

I build and run the container and then in another terminal try and SSH in and it crashes the container with an error from QEMU. Full log at the bottom of this post.

docker build -t clion-runner:0
docker run -p 2222:22 clion-runner:0
...
qemu: uncaught target signal 4 (Illegal instruction) - core dumped

Dockerfile - ARM32v7, root user - I can SSH into the container without issues.

# From ARM base image
FROM arm32v7/alpine:3.9

# Install SSH and generate SSH keys
RUN apk update && apk add --no-cache \
  openssh && \
  ssh-keygen -A

RUN sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config && \
    echo "root:root" | chpasswd

# Expose SSH port
EXPOSE 22

# Start SSH server
CMD /usr/sbin/sshd -D -d

Dockerfile - x86_64, non-root user - I can SSH into the container without issues.

# From ARM base image
FROM alpine:3.9

# Install SSH and generate SSH keys
RUN apk update && apk add --no-cache \
  openssh && \
  ssh-keygen -A 

# Add group, add user and set password
RUN addgroup -S -g 1000 developer && \
    adduser -S -u 1000 -h /home/developer -s /bin/sh developer developer && \
    echo "developer:developer" | chpasswd

# Expose SSH port
EXPOSE 22

# Start SSH server
CMD /usr/sbin/sshd -D -d

Full debug output for the scenario with ARM32v7, non-root user:

debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 172.17.0.1 port 53968 on 172.17.0.2 port 22
debug1: Client protocol version 2.0; client software version OpenSSH_7.9
debug1: match: OpenSSH_7.9 pat OpenSSH* compat 0x04000000
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: permanently_set_uid: 22/22 [preauth]
debug1: ssh_sandbox_child: prctl(PR_SET_SECCOMP): Bad address [preauth]
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: rekey after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user developer service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user developer service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: userauth_pubkey: test pkalg rsa-sha2-512 pkblob RSA SHA256:btGuVt86sQbv1HwMQs6PXniKUSeG9iLmmW0Ua1wgIpI [preauth]
debug1: temporarily_use_uid: 1000/65533 (e=0/0)
debug1: trying public key file /home/developer/.ssh/authorized_keys
debug1: Could not open authorized keys '/home/developer/.ssh/authorized_keys': No such file or directory
debug1: restore_uid: 0/0
Failed publickey for developer from 172.17.0.1 port 53968 ssh2: RSA SHA256:btGuVt86sQbv1HwMQs6PXniKUSeG9iLmmW0Ua1wgIpI
debug1: userauth-request for user developer service ssh-connection method publickey [preauth]
debug1: attempt 2 failures 1 [preauth]
debug1: userauth_pubkey: test pkalg ssh-ed25519 pkblob ED25519 SHA256:Tk32d0B2iH0UlW2OzDkKRug8EuYSLPvz8VhZdI2qC/E [preauth]
debug1: temporarily_use_uid: 1000/65533 (e=0/0)
debug1: trying public key file /home/developer/.ssh/authorized_keys
debug1: Could not open authorized keys '/home/developer/.ssh/authorized_keys': No such file or directory
debug1: restore_uid: 0/0
Failed publickey for developer from 172.17.0.1 port 53968 ssh2: ED25519 SHA256:Tk32d0B2iH0UlW2OzDkKRug8EuYSLPvz8VhZdI2qC/E
debug1: userauth-request for user developer service ssh-connection method keyboard-interactive [preauth]
debug1: attempt 3 failures 2 [preauth]
debug1: keyboard-interactive devs  [preauth]
debug1: auth2_challenge: user=developer devs= [preauth]
debug1: kbdint_alloc: devices '' [preauth]
debug1: userauth-request for user developer service ssh-connection method password [preauth]
debug1: attempt 4 failures 3 [preauth]
Accepted password for developer from 172.17.0.1 port 53968 ssh2
debug1: monitor_child_preauth: developer has been authenticated by privileged process
debug1: monitor_read_log: child log fd closed
User child is on pid 11
debug1: permanently_set_uid: 1000/65533
debug1: rekey after 134217728 blocks
debug1: rekey after 134217728 blocks
debug1: ssh_packet_set_postauth: called
debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype [email protected] want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_new: session 0
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
mm_request_receive: read: Connection reset by peer
debug1: do_cleanup
debug1: session_pty_cleanup2: session 0 release /dev/pts/0

alpine:latest has CVE-2019-1563,CVE-2019-1549,CVE-2019-1547 for libssl1.1 and libcrypto1.1

Vulnerable Packages Found
=========================

Vulnerability ID   Policy Status   Affected Packages         How to Resolve
CVE-2019-1547      Active          libssl1.1, libcrypto1.1   Upgrade 2 packages. Re-run command with --extended to view.
CVE-2019-1549      Active          libssl1.1, libcrypto1.1   Upgrade 2 packages. Re-run command with --extended to view.
CVE-2019-1563      Active          libssl1.1, libcrypto1.1   Upgrade 2 packages. Re-run command with --extended to view.

extended view for resolution

   Vendor Security Notice IDs   Official Notice
   ALPINE-CVE-2019-1547

   Affected Packages   Policy Status   How to Resolve                         Security Notice
   libssl1.1           Active          Upgrade libssl1.1 to >= 1.1.1d-r1      ALPINE-CVE-2019-1547
   libcrypto1.1        Active          Upgrade libcrypto1.1 to >= 1.1.1d-r1   ALPINE-CVE-2019-1547

   Vendor Security Notice IDs   Official Notice
   ALPINE-CVE-2019-1549

   Affected Packages   Policy Status   How to Resolve                         Security Notice
   libssl1.1           Active          Upgrade libssl1.1 to >= 1.1.1d-r1      ALPINE-CVE-2019-1549
   libcrypto1.1        Active          Upgrade libcrypto1.1 to >= 1.1.1d-r1   ALPINE-CVE-2019-1549

  Vendor Security Notice IDs   Official Notice
   ALPINE-CVE-2019-1563

   Affected Packages   Policy Status   How to Resolve                         Security Notice
   libssl1.1           Active          Upgrade libssl1.1 to >= 1.1.1d-r1      ALPINE-CVE-2019-1563
   libcrypto1.1        Active          Upgrade libcrypto1.1 to >= 1.1.1d-r1   ALPINE-CVE-2019-1563

The output from GNU Core Utilities dd is different in apline and ubuntu

Dear all,

For convenience, I test the following command all in docker.

In Ubuntu 18.04.1 LTS, the dd command output three lines.

dd if=/dev/zero of=/tmp/out bs=512 count=10
10+0 records in
10+0 records out
5120 bytes (5.1 kB, 5.0 KiB) copied, 6.6846e-05 s, 76.6 MB/s

While in apline 3.9.0, the dd command output only two lines.

dd if=/dev/zero of=/tmp/out bs=512 count=10
10+0 records in
10+0 records out

Any idea about it?

Thank you.

Any way to tune configuration for time_wait issue ?

Many time_wait tcp connections in running docker.

i can't set net.ipv4.tcp_tw_reuse by sysctl utils.

sysctl net.ipv4.tcp_tw_reuse
sysctl: error: 'net.ipv4.tcp_tw_reuse' is an unknown key.

any document can help it ?

Exit code 139 / armv6

hey guys,
i've a problem with newer images, since 3.9 i've get the message "exit code 139" and the docker image doesn't start.
It were sadly if the was no more support for armv6, ver. 3.6-3.8 works fine

Cannot build dependency OpenSSL 1.0.1k

package=openssl
$(package)_version=1.0.1k
$(package)_download_path=https://www.openssl.org/source
$(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c
$(package)_patches=0001-Add-OpenSSL-termios-fix-for-musl-libc.patch

define $(package)_set_vars
$(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
$(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl
$(package)_config_opts+=no-camellia
$(package)_config_opts+=no-capieng
$(package)_config_opts+=no-cast
$(package)_config_opts+=no-comp
$(package)_config_opts+=no-dso
$(package)_config_opts+=no-dtls1
$(package)_config_opts+=no-ec_nistp_64_gcc_128
$(package)_config_opts+=no-gost
$(package)_config_opts+=no-gmp
$(package)_config_opts+=no-heartbeats
$(package)_config_opts+=no-idea
$(package)_config_opts+=no-jpake
$(package)_config_opts+=no-krb5
$(package)_config_opts+=no-libunbound
$(package)_config_opts+=no-md2
$(package)_config_opts+=no-mdc2
$(package)_config_opts+=no-rc4
$(package)_config_opts+=no-rc5
$(package)_config_opts+=no-rdrand
$(package)_config_opts+=no-rfc3779
$(package)_config_opts+=no-rsax
$(package)_config_opts+=no-sctp
$(package)_config_opts+=no-seed
$(package)_config_opts+=no-sha0
$(package)_config_opts+=no-shared
$(package)_config_opts+=no-ssl-trace
$(package)_config_opts+=no-ssl2
$(package)_config_opts+=no-ssl3
$(package)_config_opts+=no-static_engine
$(package)_config_opts+=no-store
$(package)_config_opts+=no-unit-test
$(package)_config_opts+=no-weak-ssl-ciphers
$(package)_config_opts+=no-whirlpool
$(package)_config_opts+=no-zlib
$(package)_config_opts+=no-zlib-dynamic
$(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags)
$(package)_config_opts_linux=-fPIC -Wa,--noexecstack
$(package)_config_opts_x86_64_linux=linux-x86_64
$(package)_config_opts_i686_linux=linux-generic32
$(package)_config_opts_arm_linux=linux-generic32
$(package)_config_opts_armv7l_linux=linux-generic32
$(package)_config_opts_aarch64_linux=linux-generic64
$(package)_config_opts_mipsel_linux=linux-generic32
$(package)_config_opts_mips_linux=linux-generic32
$(package)_config_opts_powerpc_linux=linux-generic32
$(package)_config_opts_riscv32_linux=linux-generic32
$(package)_config_opts_riscv64_linux=linux-generic64
$(package)_config_opts_x86_64_darwin=darwin64-x86_64-cc
$(package)_config_opts_x86_64_mingw32=mingw64
$(package)_config_opts_i686_mingw32=mingw
$(package)_config_opts_android=-fPIC
$(package)_config_opts_aarch64_android=linux-generic64
$(package)_config_opts_x86_64_android=linux-generic64
$(package)_config_opts_armv7a_android=linux-generic32
$(package)_config_opts_i686_android=linux-generic32
endef

define $(package)_preprocess_cmds
  patch -p1 < $($(package)_patch_dir)/0001-Add-OpenSSL-termios-fix-for-musl-libc.patch && \
  sed -i.old "/define DATE/d" util/mkbuildinf.pl && \
  sed -i.old "s|engines apps test|engines|" Makefile.org
endef

define $(package)_config_cmds
  ./Configure $($(package)_config_opts)
endef

define $(package)_build_cmds
  $(MAKE) -j1 build_crypto libcrypto.pc libssl.pc openssl.pc
endef

define $(package)_stage_cmds
  $(MAKE) INSTALL_PREFIX=$($(package)_staging_dir) -j1 install_sw
endef

define $(package)_postprocess_cmds
  rm -rf share bin etc
endef

Exits with error:

making all in crypto/ui...
make[3]: Entering directory '/bitcoin-0.18.1/depends/work/build/x86_64-linux-gnu/openssl/1.0.1k-09e1f79fa2c/crypto/ui'
gcc -m64 -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include  -DOPENSSL_THREADS -D_REENTRANT -pipe -O2 -I/bitcoin-0.18.1/depends/x86_64-linux-gnu/include -fPIC -Wa,--noexecstack -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM   -c -o ui_err.o ui_err.c
gcc -m64 -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include  -DOPENSSL_THREADS -D_REENTRANT -pipe -O2 -I/bitcoin-0.18.1/depends/x86_64-linux-gnu/include -fPIC -Wa,--noexecstack -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM   -c -o ui_lib.o ui_lib.c
...
-DGHASH_ASM   -c -o ui_openssl.o ui_openssl.c
ui_openssl.c:232:11: fatal error: termio.h: No such file or directory
 # include <termio.h>
           ^~~~~~~~~~
compilation terminated.

Looking for termio:

depends/work/build/x86_64-linux-gnu/openssl/1.0.1k-09e1f79fa2c/crypto/ui # grep termio *
ui_openssl.c: * are on a POSIX system and have sigaction and termios. */
ui_openssl.c:# include <termios.h>
ui_openssl.c:# define TTY_STRUCT        struct termios
ui_openssl.c:# include <termio.h>
ui_openssl.c:# define TTY_STRUCT

Looking in the package list for termio.h its in the dev86 package. Tried the following:

linking termio.h to /usr/include
linking /usr/termios.h to /usr/termio.h

Result:

ui_openssl.c: In function 'noecho_console':
ui_openssl.c:534:38: error: invalid application of 'sizeof' to incomplete type 'struct termio'
  memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
                                      ^
ui_openssl.c:535:9: error: invalid use of undefined type 'struct termio'
  tty_new.TTY_FLAGS &= ~ECHO;
         ^
ui_openssl.c: In function 'echo_console':
ui_openssl.c:556:38: error: invalid application of 'sizeof' to incomplete type 'struct termio'
  memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
                                      ^
ui_openssl.c:557:9: error: invalid use of undefined type 'struct termio'
  tty_new.TTY_FLAGS |= ECHO;
         ^
ui_openssl.c: At top level:
ui_openssl.c:300:19: error: storage size of 'tty_orig' isn't known
 static TTY_STRUCT tty_orig,tty_new;
                   ^~~~~~~~
ui_openssl.c:300:28: error: storage size of 'tty_new' isn't known
 static TTY_STRUCT tty_orig,tty_new;
                            ^~~~~~~

Exchanging the dependency to 1.1.1d (which compiles) isn't possible cause there are other dependencies like QT and then QT fails and I cannot upgrade that right now.

`edge` is older than `3.10`

Please bump the edge tag to at least 3.10.

Alpine mirrors is down

fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz: temporary error (try again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz: temporary error (try again later)
ERROR: unsatisfiable constraints:
  tzdata (missing):
    required by: world[tzdata]
The command '/bin/sh -c apk add --no-cache tzdata' returned a non-zero code: 1

All mirrors down.

Provide /etc/nsswitch.conf

I have come across programs that throw errors for the lack of /etc/nsswitch.conf. My current work-around is to touch /etc/nsswitch.conf. However, it would be great if an /etc/nsswitch.conf could be defined and shipped with alpine image by default.

For reference: influxdata/influxdata-docker#77 gliderlabs/docker-alpine#367

Timezone & time different from host

Hello,

I'm using an alpine image for a cronjob in a k8s cluster. In my case, my timezone is GMT/UTC +2. when I run date in the alpine, it shows me GMT/UTC. My host is an Ubuntu and it shows me the correct time and timezone.

How can I fix this? I also tried to add TZ=CET date but it still shows me GMT time. I cannot force the script to run date -d "2 hours" because my timezone has summer time and winter time.

Thanks,

PS: Can it be a kubernetes bug?

where could get image for loogson(mips64)?

where could get image for loogson(mips64)?
I want to build image run on loogson linux,but I couldn't find the release for loogson(mips64) linux.

alpine:latest has CVE-2019-14697

Vulnerable Packages Found
=========================

Vulnerability ID   Policy Status   Affected Packages   How to Resolve
CVE-2019-14697     Active          musl                Upgrade musl to >= 1.1.22-r3

backtrace_symbols_fd: symbol / backtrace: symbol not found / error while loading shared libraries: libz.so.1

Internet searched quite a bit, tried a lot of things including previous issues in this repo, some progress, but no working program yet.

Trying to build a minimal image. Works with debian:stretch, but size is x10 versus alpine.
(All via Dockerfile build)

Initially:

Command not found

/fr24feed_amd64 # ldd fr24feed
        /lib64/ld-linux-x86-64.so.2 (0x7f7495169000)
        libz.so.1 => /lib/libz.so.1 (0x7f7494f52000)
        libpthread.so.0 => /lib64/ld-linux-x86-64.so.2 (0x7f7495169000)
Error loading shared library libstdc++.so.6: No such file or directory (needed by fr24feed)
        libm.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7f7495169000)
Error loading shared library libgcc_s.so.1: No such file or directory (needed by fr24feed)
        libc.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7f7495169000)
Error relocating fr24feed: _ZNSs6appendEPKcm: symbol not found
Error relocating fr24feed: _ZNKSs16find_last_not_ofEPKcmm: symbol not found
Error relocating fr24feed: _ZSt20__throw_length_errorPKc: symbol not found
Error relocating fr24feed: _ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RSbIS4_S5_T1_ES4_: symbol not found
Error relocating fr24feed: _ZNSolsEi: symbol not found
Error relocating fr24feed: backtrace: symbol not found
Error relocating fr24feed: _ZSt16__throw_bad_castv: symbol not found
Error relocating fr24feed: _ZNSo9_M_insertIlEERSoT_: symbol not found
Error relocating fr24feed: _ZSt24__throw_out_of_range_fmtPKcz: symbol not found
Error relocating fr24feed: _ZNSs9_M_mutateEmmm: symbol not found
Error relocating fr24feed: _ZNKSs6substrEmm: symbol not found
Error relocating fr24feed: _ZNSt8ios_baseC2Ev: symbol not found
Error relocating fr24feed: __cxa_guard_acquire: symbol not found
Error relocating fr24feed: _ZNSsC1EPKcmRKSaIcE: symbol not found
Error relocating fr24feed: _ZNSs6assignEPKc: symbol not found
Error relocating fr24feed: _Znam: symbol not found
Error relocating fr24feed: _ZdlPv: symbol not found
Error relocating fr24feed: _ZNSs7reserveEm: symbol not found
Error relocating fr24feed: _ZNKSt5ctypeIcE13_M_widen_initEv: symbol not found
Error relocating fr24feed: __cxa_rethrow: symbol not found
Error relocating fr24feed: __cxa_throw_bad_array_new_length: symbol not found
Error relocating fr24feed: _ZNSt6chrono3_V212system_clock3nowEv: symbol not found
Error relocating fr24feed: _ZNKSs12find_last_ofEPKcmm: symbol not found
Error relocating fr24feed: _ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base: symbol not found
Error relocating fr24feed: _ZNSs4_Rep9_S_createEmmRKSaIcE: symbol not found
Error relocating fr24feed: _ZNSsC1ERKSs: symbol not found
Error relocating fr24feed: _ZNSt13runtime_errorC1ERKSs: symbol not found
Error relocating fr24feed: _ZNSt13basic_filebufIcSt11char_traitsIcEE4openEPKcSt13_Ios_Openmode: symbol not found
Error relocating fr24feed: _ZNSsD1Ev: symbol not found
Error relocating fr24feed: _ZNKSs17find_first_not_ofEPKcmm: symbol not found
Error relocating fr24feed: _ZNSs4_Rep10_M_destroyERKSaIcE: symbol not found
Error relocating fr24feed: _ZNKSs13find_first_ofEPKcmm: symbol not found
Error relocating fr24feed: __cxa_guard_release: symbol not found
Error relocating fr24feed: _ZNSs6insertEmPKcm: symbol not found
Error relocating fr24feed: _ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base: symbol not found
Error relocating fr24feed: _ZNKSs4findEcm: symbol not found
Error relocating fr24feed: _ZNKSs7compareEPKc: symbol not found
Error relocating fr24feed: _ZNSsC1EPKcRKSaIcE: symbol not found
Error relocating fr24feed: _ZNSt14basic_ifstreamIcSt11char_traitsIcEED1Ev: symbol not found
Error relocating fr24feed: _ZNKSs4findEPKcmm: symbol not found
Error relocating fr24feed: _ZNSs2atEm: symbol not found
Error relocating fr24feed: _ZNSt6localeC1Ev: symbol not found
Error relocating fr24feed: _ZNSo9_M_insertIbEERSoT_: symbol not found
Error relocating fr24feed: _ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_l: symbol not found
Error relocating fr24feed: _ZNSt19basic_istringstreamIcSt11char_traitsIcESaIcEED1Ev: symbol not found
Error relocating fr24feed: _ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E: symbol not found
Error relocating fr24feed: _ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_: symbol not found
Error relocating fr24feed: _ZNSt8ios_baseD2Ev: symbol not found
Error relocating fr24feed: _ZNSt19basic_ostringstreamIcSt11char_traitsIcESaIcEED1Ev: symbol not found
Error relocating fr24feed: _ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_: symbol not found
Error relocating fr24feed: _ZNSt12__basic_fileIcED1Ev: symbol not found
Error relocating fr24feed: __cxa_allocate_exception: symbol not found
Error relocating fr24feed: _ZNSs6assignEPKcm: symbol not found
Error relocating fr24feed: __cxa_free_exception: symbol not found
Error relocating fr24feed: _ZNSt15basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcmm: symbol not found
Error relocating fr24feed: _ZNSs5eraseEmm: symbol not found
Error relocating fr24feed: _ZNSs6assignERKSs: symbol not found
Error relocating fr24feed: _ZSt19__throw_logic_errorPKc: symbol not found
Error relocating fr24feed: _ZNSt13runtime_errorD1Ev: symbol not found
Error relocating fr24feed: _ZdaPv: symbol not found
Error relocating fr24feed: _ZNSs6appendEPKc: symbol not found
Error relocating fr24feed: _ZNSs5eraseEN9__gnu_cxx17__normal_iteratorIPcSsEES2_: symbol not found
Error relocating fr24feed: _ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate: symbol not found
Error relocating fr24feed: __cxa_throw: symbol not found
Error relocating fr24feed: backtrace_symbols_fd: symbol not found
Error relocating fr24feed: _ZNKSt15basic_stringbufIcSt11char_traitsIcESaIcEE3strEv: symbol not found
Error relocating fr24feed: _ZNSt13basic_filebufIcSt11char_traitsIcEEC1Ev: symbol not found
Error relocating fr24feed: _ZNSo9_M_insertImEERSoT_: symbol not found
Error relocating fr24feed: _ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base: symbol not found
Error relocating fr24feed: _ZNSo9_M_insertIdEERSoT_: symbol not found
Error relocating fr24feed: __cxa_end_catch: symbol not found
Error relocating fr24feed: _ZNKSs7compareEmmRKSs: symbol not found
Error relocating fr24feed: _ZNKSs7compareEmmPKc: symbol not found
Error relocating fr24feed: _ZNSt13basic_filebufIcSt11char_traitsIcEED1Ev: symbol not found
Error relocating fr24feed: __cxa_guard_abort: symbol not found
Error relocating fr24feed: __cxa_begin_catch: symbol not found
Error relocating fr24feed: _ZNSt6chrono3_V212steady_clock3nowEv: symbol not found
Error relocating fr24feed: __gxx_personality_v0: symbol not found
Error relocating fr24feed: _ZNSt19basic_ostringstreamIcSt11char_traitsIcESaIcEEC1ESt13_Ios_Openmode: symbol not found
Error relocating fr24feed: _Znwm: symbol not found
Error relocating fr24feed: _ZNSsC1ERKSsmm: symbol not found
Error relocating fr24feed: _Unwind_Resume: symbol not found
Error relocating fr24feed: _ZNSt6localeD1Ev: symbol not found
Error relocating fr24feed: _ZNKSt12__basic_fileIcE7is_openEv: symbol not found
Error relocating fr24feed: _ZNSs12_M_leak_hardEv: symbol not found
Error relocating fr24feed: _ZNSs4swapERSs: symbol not found
Error relocating fr24feed: _ZNSs6appendERKSs: symbol not found
Error relocating fr24feed: _ZNSt13basic_filebufIcSt11char_traitsIcEE5closeEv: symbol not found
Error relocating fr24feed: _ZTVSt15basic_stringbufIcSt11char_traitsIcESaIcEE: symbol not found
Error relocating fr24feed: _ZTVSt9basic_iosIcSt11char_traitsIcEE: symbol not found
Error relocating fr24feed: _ZTVSt19basic_ostringstreamIcSt11char_traitsIcESaIcEE: symbol not found
Error relocating fr24feed: _ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE: symbol not found
Error relocating fr24feed: _ZTVSt13basic_filebufIcSt11char_traitsIcEE: symbol not found
Error relocating fr24feed: _ZTTSt19basic_ostringstreamIcSt11char_traitsIcESaIcEE: symbol not found
Error relocating fr24feed: _ZTVSt14basic_ifstreamIcSt11char_traitsIcEE: symbol not found
Error relocating fr24feed: _ZTVN10__cxxabiv117__class_type_infoE: symbol not found
Error relocating fr24feed: _ZTISt13runtime_error: symbol not found
Error relocating fr24feed: _ZTIPKc: symbol not found
Error relocating fr24feed: _ZTIi: symbol not found
Error relocating fr24feed: _ZTVN10__cxxabiv120__si_class_type_infoE: symbol not found
Error relocating fr24feed: _ZTTSt14basic_ifstreamIcSt11char_traitsIcEE: symbol not found
Error relocating fr24feed: _ZTVN10__cxxabiv121__vmi_class_type_infoE: symbol not found
Error relocating fr24feed: _ZTVSt15basic_streambufIcSt11char_traitsIcEE: symbol not found
Error relocating fr24feed: _ZNSs4_Rep20_S_empty_rep_storageE: symbol not found
Error relocating fr24feed: _ZTVSt19basic_istringstreamIcSt11char_traitsIcESaIcEE: symbol not found

After getting libgcc libstdc++ (apk add libgcc libstdc++ )

/fr24feed_amd64 # ldd ./fr24feed
        /lib64/ld-linux-x86-64.so.2 (0x7ff8351a8000)
        libz.so.1 => /lib/libz.so.1 (0x7ff834f91000)
        libpthread.so.0 => /lib64/ld-linux-x86-64.so.2 (0x7ff8351a8000)
        libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x7ff834c3f000)
        libm.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7ff8351a8000)
        libgcc_s.so.1 => /usr/lib/libgcc_s.so.1 (0x7ff834a2d000)
        libc.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7ff8351a8000)
Error relocating ./fr24feed: backtrace: symbol not found
Error relocating ./fr24feed: backtrace_symbols_fd: symbol not found

After:

wget --no-check-certificate "https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.29-r0/glibc-2.29-r0.apk" && \
apk add --allow-untrusted glibc-2.29-r0.apk && \

Result:

/fr24feed_amd64 # ./fr24feed
./fr24feed: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory
/fr24feed_amd64 #

Also tried: libbsd libbsd-dev zlib1g.

Just not gonna work due to the pre-compiling (source not available) or still something left to try?

alpine:edge cant install packages

Actually image alpine:edge can run apk update or apk add.

`/ # apk update

fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/edge/main: No such file or directory
WARNING: Ignoring APKINDEX.066df28d.tar.gz: No such file or directory
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/edge/community: No such file or directory
WARNING: Ignoring APKINDEX.b53994b4.tar.gz: No such file or directory
2 errors; 14 distinct packages available

/ # apk add --no-cache curl

fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz: No such file or directory
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz: No such file or directory
ERROR: unsatisfiable constraints:
curl (missing):
required by: world[curl]`

can't config ssh service when i use alpine:3.9

i want to config ssh service in alpine:3.9, for login by ssh without password.
but i meet some truble in this tag "alpine:3.9" or "alpine". ( the tag ''alpine:3.8" works well)

my test stebs ：

docker run --name="al3.9-ssh-t1" -it alpine:3.9 sh
apk add --no-cache openssh-client openssh-server
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
/usr/sbin/sshd -D &
ps -ef | grep ssh
ssh-keygen -t rsa -b 4096 -C "[email protected]"
cd ~/.ssh
cat id_rsa.pub >> authorized_keys

then， when i try to ssh 127.0.0.1 , always ask me the password：

~/.ssh # ssh 127.0.0.1
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:VgBeTqsWDKi8QbudOkdZ6wBX1eogDmM0V62+XEhKI4g.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
[email protected]: Permission denied (publickey,password,keyboard-interactive).
~/.ssh

when i try debug mode,the log like:

/ # /usr/sbin/sshd -D &
/ # ssh -vvvT 127.0.0.1
OpenSSH_7.9p1, OpenSSL 1.1.1a  20 Nov 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 127.0.0.1 is address
debug2: ssh_connect_direct
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9
debug1: match: OpenSSH_7.9 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 127.0.0.1:22 as 'root'
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 127.0.0.1
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:VgBeTqsWDKi8QbudOkdZ6wBX1eogDmM0V62+XEhKI4g
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 127.0.0.1
debug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:PWX88PtnRu4vl1rd8j1Zub2drlSfRI+Ax0Csiq1MsAQ
debug1: Will attempt key: /root/.ssh/id_dsa 
debug1: Will attempt key: /root/.ssh/id_ecdsa 
debug1: Will attempt key: /root/.ssh/id_ed25519 
debug1: Will attempt key: /root/.ssh/id_xmss 
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:PWX88PtnRu4vl1rd8j1Zub2drlSfRI+Ax0Csiq1MsAQ
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /root/.ssh/id_xmss
debug3: no such identity: /root/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: 
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[email protected]'s password: 
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
[email protected]'s password: 
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
[email protected]'s password: 
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey,password,keyboard-interactive).
/ #

this tag "alpine:3.9" has this issue . when i use the tag ''alpine:3.8" , "ssh 127.0.0.1" works well，without ask me for password;
any one can help me ?
thanks a lot!

MUSL resolver requires trailing dot when looking up resolv search domain

With alpine:3.9.4 in my /etc/resolv.conf among other things I have this included:

nameserver 1.1.1.1
search mydomain.com
options ndots:5

If I try ping mydomain.com it doesn't resolve.
If I add a trailing dot (e.g make it a FQDN) ping works fine. So I can: ping mydomain.com.

CVE-2019-12450

CVE-2019-12450 seems to be not patched in Alpine.

ERROR: No matching distribution found for gunicorn3

I am trying to run my Django application with alpine image. (python3 alpine image)

I need gunicorn3 to run my Django Application.

I added following line to add gunicorn3

RUN apk update && apk add py3-gunicorn

but i am getting "No matching distribution found for gunicorn3" when i am running my application with following cmd

CMD ["gunicorn3", "--bind", ":8000", "myapplication.wsgi"]

gdal can't load libproj, but libproj is present

The current version of GDAL is unable to load libproj.so. It looks (based on other tests) like some kind of ABI incompatibility.

Steps to reproduce:

git clone https://github.com/senderle/gdaltest
cd gdaltest
docker build -t gdaltest .
docker run -it gdaltest

And to verify that libproj.so is present and has the expected name (according to the error message):

docker run -it gdaltest ls /usr/lib/libproj.so

When I tried to build postgis from source, I found that the configure script had similar problems; it found the correct header file but "could not find" libproj. In fact, it did find libproj, but the test failed because of what looked like an ABI incompatibility.

I should add that I am not 100% sure I am reporting this in the right place! Let me know.

Trouble with gpg in alpine containers

Hi there, I experiance some trouble with gpg in the alpine container.

$ docker pull alpine:latest
$ docker run -it --rm --entrypoint /bin/sh alpine:latest
/ # apk update
/ # apk add --no-cache --virtual .build-deps gnupg
/ # export GNUPGHOME=$(mktemp -d)
/ # gpg --version
gpg (GnuPG) 2.2.16
libgcrypt 1.8.4
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /tmp/tmp.aKGoKl
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
/ # gpg -v --openpgp --keyserver hkps://keys.openpgp.org --recv-keys BBAB5DF0A0D6672989CF1869E82B2FB314E9906E
gpg: keybox '/tmp/tmp.aKGoKl/pubring.kbx' created
gpg: no running Dirmngr - starting '/usr/bin/dirmngr'
gpg: waiting for the dirmngr to come up ... (5s)
gpg: connection to dirmngr established
gpg: keyserver receive failed: General error

This is issue is reproducable. Having some timout issues as well with other keyservers.
The exact recv-keys command works very well on my host machine (ubuntu 18.04.2 LTS)

Is there a reliable trusted keyserver for alpine that is known to be working and ideality not using sks?

Docker Alpine 3.9.3 for ARMv7 is missing on Dockerhub

I think something went wrong with the Docker image release of Alpine 3.9.3.
It shows up on the readme page, but the actual tag is missing.

See 3.9.3 listed in the readme on https://hub.docker.com/r/arm32v7/alpine/:

Missing in tags:

Last build:

Latest docker image 3.9.4 has CVE-2019-5747 vulnerabilities

Hi,
current latest image has CVE-2019-5747 vulnerabilities, Any plan to release re-mediated version of image.

Thanks

Failed to open temporary file /etc/ssl/certs/bundleXXXXXX for ca bundle

I try to run update-ca-certificates which fails with the errors

Failed to open temporary file /etc/ssl/certs/bundleXXXXXX for ca bundle

here my Dockerfile

# Original from https://github.com/ellerbrock/docker-collection/blob/master/dockerfiles/alpine-bash-curl-ssl/Dockerfile

FROM alpine:3.9.3

LABEL my.company.maintainer="Adrian Wyssmann" \
      my.company.version="0.0.1"

# Optional Configuration Parameter
ARG SERVICE_USER
ARG SERVICE_HOME

# Default Settings
ENV SERVICE_USER ${SERVICE_USER:-download}
ENV SERVICE_HOME ${SERVICE_HOME:-/home/${SERVICE_USER}}

# configure http proxy to use apt
ENV http_proxy "http://webproxy.intra:8080"
ENV https_proxy "http://webproxy.intra:8080"
ENV no_proxy "*.intra,ci-tools.intra,scm.intra"

RUN adduser -h ${SERVICE_HOME} -s /sbin/nologin -u 1000 -D ${SERVICE_USER}
RUN apk update
RUN apk add --no-cache \
    curl \
    bash \
    git \
    dumb-init \
    openssl \
    ca-certificates

USER    root
WORKDIR ${SERVICE_HOME}
VOLUME  ${SERVICE_HOME}

ENTRYPOINT [ "/usr/bin/dumb-init", "--" ]
CMD [ "curl", "--help" ]

Space character before #

FROM openjdk:8-jdk-alpine

ADD test.txt /srv/test.txt

The test.txt like
qwerasdf!@#$

After start the container, check the test.txt
qwerasdf!@ #$

Unable to apk add or apk update with default repositories

Hello,I'm trying to build containers with dind in Gitlab-CI on k8s.

Problem is that the container can be blocked when it is calling apk command such as apk add <any packet> or apk update .

It's not happening all the time but once in two generally and only with Alpine ( No problem at all with Debian )

This behavior occurs in any project, with any dockerfile and even with the simplest file as possible with just aapk updatecommand in the dockerfile.

Here is the output of a blocked build job :

Step 8/18 : RUN apk update --verbose
 ---> Running in c92605754e8c
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz

Nothing will happens until jobs got killed at the job timeout.Another example :

Step 8/18 : RUN apk update --verbose
 ---> Running in c92605754e8c
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
v3.10.2-18-g578c97338a [http://dl-cdn.alpinelinux.org/alpine/v3.10/main]
v3.10.2-7-g312cad7bde [http://dl-cdn.alpinelinux.org/alpine/v3.10/community]
OK: 10339 distinct packages available
Removing intermediate container c92605754e8c
 ---> 68a10fedd184
Step 9/18 : RUN apk add --verbose --update alpine-sdk git
 ---> Running in 81675b71cf07
(1/38) Upgrading musl (1.1.22-r2 -> 1.1.22-r3)

I tried to run manually apk commands in interactive shell, on a blocked container and the apk command works always successfully.

I also made a strace on the processes which are blocked and nothing happens. same thing with tcpdump.

The apk --verbose don't show anything.

I already investigated on the network side and every curl,ping or dig or whatever succeed.

The only workaround i found consists to replace the default repository ( dl-cdn.alpinelinux.org ) by another such as uk.alpinelinux.or and then, call apk commands.

It's always working like this.I would like to know if i'm the only one who have this issue and if there is a more convenient fix instead of this workaround ?

Thanks for your help.

ERROR: gcc-8.3.0-r0: IO ERROR

I am getting this error

ERROR: Failed to create usr/libexec/gcc/x86_64-alpine-linux-musl/8.3.0/lto-wrapper: I/O error

When l run :

RUN apk add build-base
RUN apk --no-cache add postgresql-dev
RUN pip install psycopg2

Alpine still has libssh2 vulnerability: CVE-2019-13115

Alpine 3.10, 3.9 main repo's have an out of date version of libssh2 (1.8.2-r0). The risk for CVE-2019-13115 is mitigated in libssh2 1.9.0. Can this be pushed into the Main repositories for 3.10 / 3.9?

Reference:
https://pkgs.alpinelinux.org/packages?name=libssh2&branch=v3.10&repo=main
https://pkgs.alpinelinux.org/packages?name=libssh2&branch=v3.9&repo=main
https://nvd.nist.gov/vuln/detail/CVE-2019-13115

how to install openrc in docker-alpine?

i want to install openrc in docker-alpine and run frpc as service.

/run/openrc # rc-service frpc start
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/blkio/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/cpu/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/cpuacct/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/cpuset/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/devices/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/freezer/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/hugetlb/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/memory/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/net_cls/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/net_prio/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/perf_event/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/pids/tasks: Read-only file system
/lib/rc/sh/openrc-run.sh: line 101: can't create /sys/fs/cgroup/systemd/tasks: Read-only file system
 * You are attempting to run an openrc service on a
 * system which openrc did not boot.
 * You may be inside a chroot or you may have used
 * another initialization system to boot this system.
 * In this situation, you will get unpredictable results!
 * If you really want to do this, issue the following command:
 * touch /run/openrc/softlevel
 * ERROR: networking failed to start
 * ERROR: cannot start frpc as networking would not start

frpc service:

#!/sbin/openrc-run
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

pidfile="/run/frpc.pid"
configfile="/etc/frp/frpc.ini"
command="/usr/bin/frpc"
command_opts=" -c $configfile"

depend() {
    need net
    need localmount
}

start() {
    ebegin "Starting frpc"
    start-stop-daemon --start --background \
    --exec $command \
    -- $command_opts \
    --make-pidfile --pidfile $pidfile
    eend $?
}

stop() {
    ebegin "Stopping frpc"
    start-stop-daemon --stop \
    --exec $command \
    --pidfile $pidfile
    eend $?
}

reload() {
    ebegin "Reloading frpc"
    start-stop-daemon --exec $command \
    --pidfile $pidfile \
    -s 1
    eend $?
}

alpine repo has a hacked image?

Hi, my machine keeps pulling down an image from the alpine repo that just pings 8.8.8.8 non-stop.

alpine 4d90542f0623 3 weeks ago 5.58MB

A container is started from it which is always called happy_wu.something
66d91cdce98b alpine:latest "ping 8.8.8.8" About a minute ago Up About a minute happy_wu.1.srxl75sc4s4m6jewkb7cr6tnn

After I rm -f the container, it returns again. Is it possible to pull the image from another repo and then make it look like it came from alpine?

How do I find out what is triggering this 'docker run --name happy_wu.something'?

I have stopped docker service. Does anyone know how to find out what is triggering this image to run as happy_wu.something?

how to change the dns server in /etc/resolv.conf

it says the file is generated by systemd-resolved, but I cannot find it, how to overwrite the default dns setting? if I edit the /etc/resolve.conf and commit the changes, the changes will be overwriten to the default value after the container restarted, thanks.

fetch-latest-releases.lua

COPY failed: stat /var/lib/docker/tmp/docker-builder977914625/fetch-latest-releases.lua: no such file or directory

License compliance when distributing software using Alpine Linux as base image

Hi,

we are currently investigating ways to ship our software as Docker images. There are mainly two challenges:

we want to give our customers a full overview of what is inside our Docker images
we want to be fully license compliant and not run into a variety of legal pitfalls. In particular, we need to have the complete source code of all open-source software.
Using Alpine Linux as base image would be our preferred solution, and the apk tool lists a mere 14 packages installed for which we would need the source and the build instructions (like the APKBUILD files).

Alas, when looking at the Dockerfile I found that the base image is built by simply unpacking a tar.gz file with the root file system into the image, but I couldn't find any info on how this tar.gz's contents were created and what aside from those 14 packages (plus the APK package manager itself, I assume) was put into it.
Is there any info on that topic, or maybe a build script that creates the tar.gz file?

Regards
J

File /etc/shadow group is not root

Of the entire filesystem, only /etc/shadow is not owned by root:root, it is owned by root:shadow. Is this intentional?

alpine:3.9

find / ! -user root

find / ! -group root
/etc/shadow

ls -l /etc/shadow
-rw-r-----    1 root     shadow         441 Apr  8 20:30 /etc/shadow

alpine:latest (3.10.2) has CVE-2019-12381 - for Linux Kernel

CVE-2019-12381 - ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.

Add arm32v8 image?

Hi, thanks for maintaining these wonderful base images.

I am using arm32v7 and arm64v8 images, but I also have some devices running armv8l.

Can you point me to the build scripts used to generate and upload base images? I would be happy to help contribute some patches which add arm32v8 support.

Distribution: Where / how to get FOSS licenses and copyleft source code

Hello!

I am planning to distribute some docker images that are based on the alpine image.

Doing so is OK if I show the contained FOSS-licenses and provide the copy-left-source-code in case some reciever requests it, correct?

How can I obtain the license information? Is there an easy way to get it?

If I need to provide the copy-left-source-code, would it be enough to just provide a clone of this git with the corresponding version-branch?

As you guys are distributing it, I could imagine you can tell me how to proceed.

Thanks for your help!

Best regards,

Peer

wget command issue

I tested from alpine:3.2 to alpine:3.10 and also edge.

the problem is wget command does not work propery.

# docker run --rm -it alpine:edge
Unable to find image 'alpine:edge' locally
edge: Pulling from library/alpine
ae4a0e1e8235: Pull complete 
Digest: sha256:77c2c4d3d94753cacc93fbee059ef20b6df1386f98f259e41632ab39d13a0f6a
Status: Downloaded newer image for alpine:edge
/ # export http_proxy=http://proxy:port
/ # export https_proxy=http://proxy:port
/ # wget "https://binaries.sonarsource.com/Distribution/sonar-java-plugin/sonar-java-plugin-5.14.0.18788
.jar" --no-check-certificate
Connecting to proxy:port (proxy:port)
wget: server returned error: HTTP/1.1 400 Bad Request

Find out solution is re-install wget and openssl.

# docker run --rm -it alpine:edge
/ # export HTTP_PROXY=http://proxy:port
/ # export HTTPS_PROXY=http://proxy:port
/ # apk --no-cache add openssl wget
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/2) Installing openssl (1.1.1d-r2)
(2/2) Installing wget (1.20.3-r0)
Executing busybox-1.31.0-r1.trigger
OK: 7 MiB in 16 packages
/ # export http_proxy=http://proxy:port
/ # export https_proxy=http://proxy:port
/ # wget "https://binaries.sonarsource.com/Distribution/sonar-java-plugin/sonar-java-plugin-5.14.0.18788
.jar" --no-check-certificate
--2019-11-14 02:59:42--  https://binaries.sonarsource.com/Distribution/sonar-java-plugin/sonar-java-plugin-5.14.0.18788.jar
Connecting to proxy:port... connected.
Proxy request sent, awaiting response... 200 OK
Length: 8348625 (8.0M) [application/x-java-archive]
Saving to: 'sonar-java-plugin-5.14.0.18788.jar'

.jar                       30%[==========>                           ]   2.46M   209KB/s    eta 29s

I refered Yelp/dumb-init#73

-bash: cannot set terminal process group (-1): Not a tty: Not able to access tty.

I am using alpine as a toolbox for coreos container Linux. I am getting the error whenever I run toolbox.

Error:

mohit.s@ip-10-0-3-72 ~ $ toolbox
Spawning container mohit.s-ethicalmohittoolbox-latest on /var/lib/toolbox/mohit.s-ethicalmohit_toolbox-latest.
Press ^] three times within 1s to kill container.
-bash: cannot set terminal process group (-1): Not a tty
-bash: no job control in this shell

Alpine Version:

alpine:3.10.1

Because of this some of the tools i have added above it are also not working.

ip-10-0-3-72:~# ctop
error: open /dev/tty: no such device or address

Also, if I run a tty shell by pulling docker image and using -it option with docker run command then it's working fine.

Why not just provide a tag like :3 on Docker Hub

https://hub.docker.com/_/alpine only offers tags:

20190508, edge
3.9.4, 3.9, latest
3.8.4, 3.8
3.7.3, 3.7
3.6.5, 3.6

I don't want to use alpine:latest, assuming we all can tell what's wrong with that.

The only other options I have are:

pick something like 3.9: it'll be deleted in a couple of years later and my builds will start breaking.
subscribe to updates of alpine releases (like 3.10): I don't think I have time to track these.

Many other official images provide convenience alias tags with their semver major versions, like golang:1 or python:3. I think alpine should follow suit, unless there's a good reason to not to.

Upgrade to Docker image needed for OpenSSL 1.1.1b-r1 due to CVE-2019-1543

See https://nvd.nist.gov/vuln/detail/CVE-2019-1543

This has already been fixed upstream (alpinelinux/aports@4bb02b0) and is in the v3.9 repo:

$ docker run -it --rm alpine:3.9 apk upgrade
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
(1/4) Upgrading musl (1.1.20-r3 -> 1.1.20-r4)
(2/4) Upgrading libcrypto1.1 (1.1.1a-r1 -> 1.1.1b-r1)
(3/4) Upgrading libssl1.1 (1.1.1a-r1 -> 1.1.1b-r1)
(4/4) Upgrading musl-utils (1.1.20-r3 -> 1.1.20-r4)
Executing busybox-1.29.3-r10.trigger
OK: 6 MiB in 14 packages

WHL Support/ Error with Pandas Datareader

Hello,

First time submitting an issue report here. After reading the documentation, here is the description of the issue request:

Currently I am getting an error when I try to install pandas or pandas_datareader into our docker instance for docker-alpine. The error is listed below. I read online that this could also be caused by alpine not supporting WHL format images. Could we request so that this image of docker-alpine supports the install for pandas/pandas_datareader?

Thank you

Error:
Collecting pandas>=0.19.2 (from pandas_datareader->-r requirements.txt (line 7))
Downloading https://files.pythonhosted.org/packages/b2/4c/b6f966ac91c5670ba4ef0b0b5613b5379e3c7abdfad4e7b89a87d73bae13/pandas-0.24.2.tar.gz (11.8MB)
Complete output from command python setup.py egg_info:
/bin/sh: svnversion: not found
non-existing path in 'numpy/distutils': 'site.cfg'
Could not locate executable gfortran
Could not locate executable f95
Could not locate executable ifort
Could not locate executable ifc
Could not locate executable lf95
Could not locate executable pgfortran
Could not locate executable f90
Could not locate executable f77
Could not locate executable fort
Could not locate executable efort
Could not locate executable efc
Could not locate executable g77
Could not locate executable g95
Could not locate executable pathf95
Could not locate executable nagfor
don't know how to compile Fortran code on platform 'posix'
Running from numpy source directory.
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/setup.py:390: UserWarning: Unrecognized setuptools command, proceeding with generating Cython sources and expanding templates
run_build = parse_setuppy_commands()
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/system_info.py:639: UserWarning:
Atlas (http://math-atlas.sourceforge.net/) libraries not found.
Directories to search for the libraries can be specified in the
numpy/distutils/site.cfg file (section [atlas]) or by setting
the ATLAS environment variable.
self.calc_info()
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/system_info.py:639: UserWarning:
Blas (http://www.netlib.org/blas/) libraries not found.
Directories to search for the libraries can be specified in the
numpy/distutils/site.cfg file (section [blas]) or by setting
the BLAS environment variable.
self.calc_info()
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/system_info.py:639: UserWarning:
Blas (http://www.netlib.org/blas/) sources not found.
Directories to search for the sources can be specified in the
numpy/distutils/site.cfg file (section [blas_src]) or by setting
the BLAS_SRC environment variable.
self.calc_info()
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/system_info.py:639: UserWarning:
Lapack (http://www.netlib.org/lapack/) libraries not found.
Directories to search for the libraries can be specified in the
numpy/distutils/site.cfg file (section [lapack]) or by setting
the LAPACK environment variable.
self.calc_info()
/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/system_info.py:639: UserWarning:
Lapack (http://www.netlib.org/lapack/) sources not found.
Directories to search for the sources can be specified in the
numpy/distutils/site.cfg file (section [lapack_src]) or by setting
the LAPACK_SRC environment variable.
self.calc_info()
/usr/local/lib/python3.7/distutils/dist.py:274: UserWarning: Unknown distribution option: 'define_macros'
warnings.warn(msg)
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 154, in save_modules
yield saved
File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 195, in setup_context
yield
File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 250, in run_setup
_execfile(setup_script, ns)
File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 45, in execfile
exec(code, globals, locals)
File "/tmp/easy_install-ksrhpc2/numpy-1.16.4/setup.py", line 415, in

  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/setup.py", line 407, in setup_package
    cmdclass['cython'] = CythonCommand
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/core.py", line 171, in setup
  File "/usr/local/lib/python3.7/site-packages/setuptools/__init__.py", line 145, in setup
    return distutils.core.setup(**attrs)
  File "/usr/local/lib/python3.7/distutils/core.py", line 148, in setup
    dist.run_commands()
  File "/usr/local/lib/python3.7/distutils/dist.py", line 966, in run_commands
    self.run_command(cmd)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/bdist_egg.py", line 163, in run
    self.run_command("egg_info")
  File "/usr/local/lib/python3.7/distutils/cmd.py", line 313, in run_command
    self.distribution.run_command(command)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/egg_info.py", line 26, in run
  File "/usr/local/lib/python3.7/distutils/cmd.py", line 313, in run_command
    self.distribution.run_command(command)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 148, in run
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 159, in build_sources
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 292, in build_library_sources
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 375, in generate_sources
  File "numpy/core/setup.py", line 667, in get_mathlib_info
    }
RuntimeError: Broken toolchain: cannot link a simple C program

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/tmp/pip-install-mpncainf/pandas/setup.py", line 746, in <module>
    **setuptools_kwargs)
  File "/usr/local/lib/python3.7/site-packages/setuptools/__init__.py", line 144, in setup
    _install_setup_requires(attrs)
  File "/usr/local/lib/python3.7/site-packages/setuptools/__init__.py", line 139, in _install_setup_requires
    dist.fetch_build_eggs(dist.setup_requires)
  File "/usr/local/lib/python3.7/site-packages/setuptools/dist.py", line 717, in fetch_build_eggs
    replace_conflicting=True,
  File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 782, in resolve
    replace_conflicting=replace_conflicting
  File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 1065, in best_match
    return self.obtain(req, installer)
  File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 1077, in obtain
    return installer(requirement)
  File "/usr/local/lib/python3.7/site-packages/setuptools/dist.py", line 784, in fetch_build_egg
    return cmd.easy_install(req)
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/easy_install.py", line 679, in easy_install
    return self.install_item(spec, dist.location, tmpdir, deps)
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/easy_install.py", line 705, in install_item
    dists = self.install_eggs(spec, download, tmpdir)
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/easy_install.py", line 890, in install_eggs
    return self.build_and_install(setup_script, setup_base)
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/easy_install.py", line 1158, in build_and_install
    self.run_setup(setup_script, setup_base, args)
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/easy_install.py", line 1144, in run_setup
    run_setup(setup_script, args)
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 253, in run_setup
    raise
  File "/usr/local/lib/python3.7/contextlib.py", line 130, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 195, in setup_context
    yield
  File "/usr/local/lib/python3.7/contextlib.py", line 130, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 166, in save_modules
    saved_exc.resume()
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 141, in resume
    six.reraise(type, exc, self._tb)
  File "/usr/local/lib/python3.7/site-packages/setuptools/_vendor/six.py", line 685, in reraise
    raise value.with_traceback(tb)
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 154, in save_modules
    yield saved
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 195, in setup_context
    yield
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 250, in run_setup
    _execfile(setup_script, ns)
  File "/usr/local/lib/python3.7/site-packages/setuptools/sandbox.py", line 45, in _execfile
    exec(code, globals, locals)
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/setup.py", line 415, in <module>

  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/setup.py", line 407, in setup_package
    cmdclass['cython'] = CythonCommand
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/core.py", line 171, in setup
  File "/usr/local/lib/python3.7/site-packages/setuptools/__init__.py", line 145, in setup
    return distutils.core.setup(**attrs)
  File "/usr/local/lib/python3.7/distutils/core.py", line 148, in setup
    dist.run_commands()
  File "/usr/local/lib/python3.7/distutils/dist.py", line 966, in run_commands
    self.run_command(cmd)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/usr/local/lib/python3.7/site-packages/setuptools/command/bdist_egg.py", line 163, in run
    self.run_command("egg_info")
  File "/usr/local/lib/python3.7/distutils/cmd.py", line 313, in run_command
    self.distribution.run_command(command)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/egg_info.py", line 26, in run
  File "/usr/local/lib/python3.7/distutils/cmd.py", line 313, in run_command
    self.distribution.run_command(command)
  File "/usr/local/lib/python3.7/distutils/dist.py", line 985, in run_command
    cmd_obj.run()
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 148, in run
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 159, in build_sources
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 292, in build_library_sources
  File "/tmp/easy_install-ksrhpc2_/numpy-1.16.4/numpy/distutils/command/build_src.py", line 375, in generate_sources
  File "numpy/core/setup.py", line 667, in get_mathlib_info
    }
RuntimeError: Broken toolchain: cannot link a simple C program

----------------------------------------

Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-install-mpncainf/pandas/
You are using pip version 19.0.3, however version 19.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
The command '/bin/sh -c pip3 install -r requirements.txt' returned a non-zero code: 1

busybox 1.29.3-r10 and r12 vulnerabilities

Busybox 1.29.3-r10 (bin/busybox) and Busybox 1.29.3-r12 (usr/bin/ssl_client) have the following CVE's:

CVE-2019-5747 (CVSS v3.0: 7.5)
CVE-2018-20679 (CVSS v3.0: 7.5)

arm64v8/alpine:3.10 - qemu: Unsupported syscall: 283

hi,

Something change in 3.10 image, same is working fine in 3.9.
I continuously get qemu: Unsupported syscall: 283

Steps to reproduce:
I'm using Ubuntu 18.04.3 LTS.
Linux testubuntu 4.15.0-66-generic #75-Ubuntu SMP Tue Oct 1 05:24:09 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

Docker version

Client: Docker Engine - Community
 Version:           19.03.4
 API version:       1.40
 Go version:        go1.12.10
 Git commit:        9013bf583a
 Built:             Fri Oct 18 15:54:09 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.4
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.10
  Git commit:       9013bf583a
  Built:            Fri Oct 18 15:52:40 2019
  OS/Arch:          linux/amd64
  Experimental:     true
 containerd:
  Version:          1.2.10
  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339
 runc:
  Version:          1.0.0-rc8+dev
  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Commands to run as an example:

root@testubuntu:~# apt-get install -y qemu-user-static

root@testubuntu:~# docker run -it --rm -v /usr/bin/qemu-aarch64-static:/usr/bin/qemu-aarch64-static arm64v8/alpine:3.10 /bin/sh
/ # apk add git
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/aarch64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/aarch64/APKINDEX.tar.gz
(1/6) Installing ca-certificates (20190108-r0)
(2/6) Installing nghttp2-libs (1.39.2-r0)
(3/6) Installing libcurl (7.66.0-r0)
(4/6) Installing expat (2.2.8-r0)
(5/6) Installing pcre2 (10.33-r0)
(6/6) Installing git (2.22.0-r0)
Executing busybox-1.30.1-r2.trigger
Executing ca-certificates-20190108-r0.trigger
OK: 21 MiB in 20 packages
/ # git clone https://github.com/thockin/test /test
Cloning into '/test'...
qemu: Unsupported syscall: 283   <<<<<< THIS
qemu: Unsupported syscall: 283   <<<<<< IS NOT HERE IN ALPINE 3.9
remote: Enumerating objects: 56, done.
remote: Total 56 (delta 0), reused 0 (delta 0), pack-reused 56
Unpacking objects: 100% (56/56), done.

Same commands run with alpine:3.9

root@testubuntu:~# docker run -it --rm -v /usr/bin/qemu-aarch64-static:/usr/bin/qemu-aarch64-static arm64v8/alpine:3.9 /bin/sh
/ # apk add git
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/aarch64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/aarch64/APKINDEX.tar.gz
(1/7) Installing ca-certificates (20190108-r0)
(2/7) Installing nghttp2-libs (1.35.1-r1)
(3/7) Installing libssh2 (1.9.0-r1)
(4/7) Installing libcurl (7.64.0-r3)
(5/7) Installing expat (2.2.8-r0)
(6/7) Installing pcre2 (10.32-r1)
(7/7) Installing git (2.20.1-r0)
Executing busybox-1.29.3-r10.trigger
Executing ca-certificates-20190108-r0.trigger
OK: 20 MiB in 21 packages
/ # git clone https://github.com/thockin/test /test
Cloning into '/test'...
remote: Enumerating objects: 56, done.
remote: Total 56 (delta 0), reused 0 (delta 0), pack-reused 56
Unpacking objects: 100% (56/56), done.

Anyone has an idea how to debug this further?

Thanks

error with Svg\xml_parser_create()

I got this error on my docker:

Call to undefined function Svg\xml_parser_create()

this are my dep:

RUN apk update \ && apk upgrade \ && apk add --no-cache \ bash \ php \ php-xml \ php7-gd \ php7-zip \ php7-pdo_mysql \ php7-curl \ php7-mcrypt \ php7-mbstring \ php7-dom \ php7-json \ php7-phar \ php7-tokenizer \ php7-session \ php7-fileinfo \ php7-bcmath \ php7-sockets \ php7-xml \ php7-xmlreader \ php7-xmlwriter \ php7-simplexml \

From docker /bin/bash, simple file with:

$a = xml_parser_create('');

has this error:

PHP Fatal error: Call to undefined function xml_parser_create()

Whats wrong? i have this error using dompdf!

Thanks!

update to node v13.0.1

there is a bug with npm in node v13

npm WARN npm npm does not support Node.js v13.0.0

its fixed in latest release

ref, nodejs/node#30066

CVE-2019-5021

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechanism which uses the system shadow file as an authentication database, may accept a NULL password for the root user.

ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5021

chpasswd is not working correctly.

echo "avaliduser:apassword" | chpasswd

results in:

#Password:
#chpasswd: PAM: Authentication failure

Same issue reported here: https://stackoverflow.com/questions/55475157/pam-authentication-failure-when-running-chpasswd-on-alpine-linux

Using a previous alpine version corrects the issue.

CVE-2019-12900

CVE-2019-12900 has been reported and probably also affects alpine

alpinelinux / docker-alpine Goto Github PK

docker-alpine's Introduction

docker-alpine

Why

Usage

docker-alpine's People

Stargazers

Watchers

Forkers

docker-alpine's Issues

Code compilation

DOCKER FILE

DOCKER CONTAINER

Recommend Projects

Recommend Topics

Recommend Org