docker-library / busybox Goto Github PK

Docker Official Image packaging for Busybox

Shell 49.19% Dockerfile 50.81%

busybox's Introduction

https://github.com/docker-library/busybox

Maintained by: the Docker Community

This is the Git repo of the Docker "Official Image" for busybox (not to be confused with any official busybox image provided by busybox upstream). See the Docker Hub page for the full readme on how to use this Docker image and for information regarding contributing and issues.

The full image description on Docker Hub is generated/maintained over in the docker-library/docs repository, specifically in the busybox directory.

See a change merged here that doesn't show up on Docker Hub yet?

For more information about the full official images change lifecycle, see the "An image's source changed in Git, now what?" FAQ entry.

For outstanding busybox image PRs, check PRs with the "library/busybox" label on the official-images repository. For the current "source of truth" for busybox, see the library/busybox file in the official-images repository.

Build	Status	Badges	(per-arch)

busybox's People

Contributors

Stargazers

Watchers

Forkers

infosiftr ubereboy yghannam aarch64 amiryatshiori sujitgawas cloudxtreme aledbf damnsmall sudeeshjohn max8899 doomhammer dockernuts jy4618272 andrewgreen5610 makelog darstahl haochenprophet pylam leonarrd fighterld nagarajapalla steveregis hlorenzoz regardfs acidburn0zzz rouzier kaeb qianlifu12345 kmanav caojinglei quantonganh kalefranz dodynofri jharanadevops pkdsab ezc deckhandfirststar01 fangxinmiao jakubek j0wi dran-dev h0axd 7263 bhanditz izhongme-docker-file nixroxursox jimmyyutian rebornwwp tw3akg33k kxion wangjianze ccpster danielkon96 git04112019 jbharath11 container-projects evalevil merklepro mx237 takas12 chinayin q00179172 arvisha16 inkhomi86 tjolk072 hanumeshc woa7 pascal71 tomaszek2902 jinx-heniux korpx-z scottwedge luizgustavops chuanchang wajika isabella232 montanablood27 it4fi ismaelsj terrorizer1980 medhomegit jordansco9889 stjordanis summersmith houxianxin classicvalues enano2716 loesterfranco 666zimzum666 rozzii shareefali initdc satanvar sshyran armbiant jesuis33 blinkme323 x51ming lokera666

busybox's Issues

Append `rc` or `unstable` to version tags of unstable versions

Unstable images are already tagged with additional tags identifying that they are unstable.

In addition it would be very useful, when using e.g. renovate bot for update automation, if the tags containing the version number would be suffixed with -rc or -unstable resulting in 1.35.0-rc instead of 1.35.0.
This would keep Renovate from bumping to unstable versions and would remove the need to manually check if the image is stable or not.

Nslookup does not work in Kubernetes if omitting .svc.cluster.local suffix

Hi, after months of using busybox in Kubernetes with no problem and without changing anything to my busybox init-containers, yesterday I encountered a strange bug: if I omit to add the .svc.cluster.local suffix to nslookup, e.g. if I try to resolve kubernetes.defaultor cassandra.cassandra, it will end up with a NXDOMAIN answer and an exit status of 1. Note that from any other container than busybox, it works fine.

/ # nslookup kubernetes.default
Server:		10.0.0.10
Address:	10.0.0.10:53

** server can't find kubernetes.default: NXDOMAIN

*** Can't find kubernetes.default: No answer

/ # echo $?
1

But this works:

/ # nslookup kubernetes.default.svc.cluster.local
Server:		10.0.0.10
Address:	10.0.0.10:53

Non-authoritative answer:
Name:	kubernetes.default.svc.cluster.local
Address: 10.0.0.1

*** Can't find kubernetes.default.svc.cluster.local: No answer

/ # echo $?
0

/ # cat /etc/resolv.conf 
nameserver 10.0.0.10
search flowr-besix-stay.svc.cluster.local svc.cluster.local cluster.local c.taktik-dev.internal google.internal
options ndots:5

In my chart I have always simply been using 'busybox', I'm not sure on which tag I am currently, all I could find is the hash of the image:

    Image:         busybox
    Image ID:      docker-pullable://busybox@sha256:bf510723d2cd2d4e3f5ce7e93bf1e52c8fd76831995ac3bd3f90ecc866643aff

Meanwhile, the workaround is just to use nslookup cassandra.cassandra.svc.cluster.local instead of nslookup cassandra.cassandra.

Note that it doesn't seem to be the same bug as #48:

/ # nslookup -type=a kubernetes.default
Server:		10.0.0.10
Address:	10.0.0.10:53

** server can't find kubernetes.default: NXDOMAIN

/ # echo $?
1
/ # nslookup -type=aaaa kubernetes.default
Server:		10.0.0.10
Address:	10.0.0.10:53

** server can't find kubernetes.default: NXDOMAIN

/ # echo $?
1

nslookup doesn't work on 1.31.1

Reproduce steps

kubectl run busybox1 --generator=run-pod/v1 --image=busybox:1.28 -- sleep 3600
kubectl run busybox2 --generator=run-pod/v1 --image=busybox:1.31.1 -- sleep 3600
kubectl exec -ti busybox1 -- nslookup kubernetes.default
works fine

Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local

kubectl exec -ti busybox2 -- nslookup kubernetes.default
not working

Server:         10.96.0.10
Address:        10.96.0.10:53

** server can't find kubernetes.default: NXDOMAIN

*** Can't find kubernetes.default: No answer

command terminated with exit code 1

nslookup works differently on 1.31.1?
what's the correct way to use nslookup on 1.31.1?

nc not returning strings smaller than 4 characters

On a first terminal:

> docker run --rm -it -p 6868:6868 busybox sh
/ # echo "1234" | nc -l -p 6868
GET / HTTP/1.1
Host: localhost:6868
User-Agent: curl/7.49.0
Accept: */*

/ # echo "12345" | nc -l -p 6868
GET / HTTP/1.1
Host: localhost:6868
User-Agent: curl/7.49.0
Accept: */*

/ # nc
BusyBox v1.26.2 (2017-01-12 18:09:33 UTC) multi-call binary.

On a second terminal, the curl command failed when asked for the 1234string:

> curl localhost:6868
curl: (52) Empty reply from server

While the return is OK when the String is longer:

> curl localhost:6868
12345

Docker Version used (on MacOS):

docker version
Client:
 Version:      17.06.0-ce
 API version:  1.30
 Go version:   go1.8.3
 Git commit:   02c1d87
 Built:        Fri Jun 23 21:31:53 2017
 OS/Arch:      darwin/amd64

Server:
 Version:      17.06.0-ce
 API version:  1.30 (minimum version 1.12)
 Go version:   go1.8.3
 Git commit:   02c1d87
 Built:        Fri Jun 23 21:51:55 2017
 OS/Arch:      linux/amd64
 Experimental: true

busybox image does not work with rootless buildah

Hi there,

I'm playing around with rootless buildah to build images.
Buildah is running itself in a rootless container with a limited set of uids/gids (65536) available.
While building alpine images works fine I got an error when trying to build a simple container based on docker.io/library/busybox:latest.

[build@buildah-deployment-fb449b4cf-xn4th foo]$ buildah bud
STEP 1: FROM docker.io/library/busybox:latest
Trying to pull docker.io/library/busybox:latest...
Getting image source signatures
Copying blob b71f96345d44 done  
Copying config 69593048aa done  
Writing manifest to image destination
Storing signatures
error creating build container: Error committing the finished image: error adding layer with blob "sha256:b71f96345d44b237decc0c2d6c2f9ad0d17fde83dad7579608f1f0764d9686f2": Error processing tar file(exit status 1): potentially insufficient UIDs or GIDs available in user namespace (requested 65534:65534 for /home): Check /etc/subuid and /etc/subgid: lchown /home: invalid argument
ERRO[0003] exit status 125

Running tar --numeric-owner -tvf busybox.tar.xz on https://github.com/docker-library/busybox/raw/2bcc4bf56c2a4594aa31feb8b42d5eab76d168bb/stable/uclibc/busybox.tar.xz
reveals that /home has indeed owner/group set to 65534/65534

...
drwxr-xr-x 0/0               0 2021-06-07 19:34 ./etc/network/if-post-down.d/
drwxr-xr-x 0/0               0 2021-06-07 19:34 ./etc/network/if-down.d/
-rw-r--r-- 0/0             340 2021-06-06 23:21 ./etc/passwd
-rw-r--r-- 0/0             127 2021-01-27 20:21 ./etc/localtime
drwxr-xr-x 65534/65534       0 2021-06-07 19:34 ./home/
drwxr-xr-x 0/0               0 2021-06-07 19:34 ./usr/
drwxr-xr-x 1/1               0 2021-06-07 19:34 ./usr/sbin/
drwxr-xr-x 0/0               0 2021-06-07 19:34 ./var/
drwxr-xr-x 0/0               0 2021-06-07 19:34 ./var/www/
...

Is there a reason for that ?

nc server does not quit on client disconnection

If we run nc in listen mode w/o the -k option, it is supposed to only serve one client and quit when the client disconnects. However, in latest version of the busybox image (1.28.0, image id 5b0d59026729), the listen mode nc does not quit in such case:

Reproducer

In one terminal, start nc in listen mode,

$docker run -it --rm --name nctest busybox sh -c 'nc -l -p 1300'

In another terminal, connect and quit,

$docker exec nctest nc localhost 1300
^C

Expected Results

The nctest container in the first terminal is supposed to quit, but it doesn't.

It was working with older version of busybox (e.g., hash tag efe10ee6727f) but the current latest fails to quit.

[Bug] generate-stackbrew-library.sh is generating wrong result.

With the latest commit currently - 71f0f38 which updated the version to v1.26.0, it sill generate the result with v1.24.1, I tested with v1.25.1 - ea04699 and 39e8d70 but got the same result as below:

# this file is generated via https://github.com/docker-library/busybox/blob/e127beb6877e2c00f81112c74dea80fc3bcddcee/generate-stackbrew-library.sh

Maintainers: Tianon Gravi <[email protected]> (@tianon),
             Joseph Ferguson <[email protected]> (@yosifkit),
             Jérôme Petazzoni <[email protected]> (@jpetazzo)
GitRepo: https://github.com/docker-library/busybox.git
GitFetch: refs/heads/dist

Tags: 1.24.1-glibc, 1.24-glibc, 1-glibc, glibc
GitCommit: 6b303c84f063bea2bc3bc86dc86c4db1f3a8b5d3
Directory: glibc

Tags: 1.24.1-musl, 1.24-musl, 1-musl, musl
GitCommit: 6b303c84f063bea2bc3bc86dc86c4db1f3a8b5d3
Directory: musl

Tags: 1.24.1-uclibc, 1.24-uclibc, 1-uclibc, uclibc, 1.24.1, 1.24, 1, latest
GitCommit: 6b303c84f063bea2bc3bc86dc86c4db1f3a8b5d3
Directory: uclibc

Consider consuming upstream's static binaries

See https://busybox.net/downloads/binaries/1.26.1-defconfig-multiarch/, and the following blurb from the release notes for 1.16.1 (https://busybox.net/; #22 (comment)):

Static binaries are available for downloads, with each individual applet enabled separately, as well as the binary with almost all applets selected, and helper binaries (ssl_helper for HTTPS wget support, index.cgi, post_upload.cgi and httpd_ssi for HTTP server).

I did the following quick test to verify whether this is at all tenable, and it was alarmingly successful:

FROM scratch

COPY busybox-x86_64 /bin/busybox

RUN ["busybox", "--install", "/bin"]

CMD ["sh"]

Enable https verification for wget or disable https

busybox wget as included in the busybox base image doesn't verify TLS certificate:

$ docker run -ti --rm busybox wget -q https://expired.badssl.com && echo $?
wget: note: TLS certificate validation not implemented
0

While it prints an warning, most people won't realize this and are at risk downloading (and often executing).

See also #64: I also tend to agree that for full TLS, people should rather use another base image. But in this case I'd suggest disable https support altogether. Better no https than https without certificate validation and people not being aware of that.

kernel 5.5 busybox rm: can't remove: Directory not empty

trace.txt

While trying the kernel 5.5 release candidate for Fedora 31 I'm running into an issue with busybox rm where it seems unable to recursively remove directories with specific content, leaving one seemingly random file.

It doesn't happen with fedora's busybox, going back to kernel 5.4 or installing coreutils fixes the problem.

https://lists.alpinelinux.org/~alpine/users/%3Cb3d29f07-32de-f9ca-3234-4da2291cf86b%40foo%3E

$ docker run -ti busybox:musl 
Unable to find image 'busybox:musl' locally
musl: Pulling from library/busybox
a1dfa275066c: Pull complete 
Digest: sha256:7fe0cb3632d9ea7b2a9ab4427e339e01f7cdfeff50674804cb8946664976c610
Status: Downloaded newer image for busybox:musl
/ # wget https://github.com/michaelrsweet/htmldoc/releases/download/v1.9.7/htmldoc-1.9.7-source.tar.gz
Connecting to github.com (140.82.118.4:443)
wget: note: TLS certificate validation not implemented
Connecting to github-production-release-asset-2e65be.s3.amazonaws.com (52.216.143.44:443)
saving to 'htmldoc-1.9.7-source.tar.gz'
htmldoc-1.9.7-source 100% |****************************************************************************************************************| 4360k  0:00:00 ETA
'htmldoc-1.9.7-source.tar.gz' saved
/ # tar xf htmldoc-1.9.7-source.tar.gz 
/ # rm -rf htmldoc-1.9.7
rm: can't remove 'htmldoc-1.9.7/fonts': Directory not empty
rm: can't remove 'htmldoc-1.9.7/jpeg': Directory not empty
/ # rm -rf htmldoc-1.9.7
/ #

tar broken pipe

When executing
docker run --rm -v ldaps_ldap-config:/volume -v /tmp/tmp.VznAcI3PTA:/backup busybox tar c -Jvf /backup/ldap-config.tar /volume

I always get the following output:

BusyBox v1.31.0 (2019-07-16 01:13:11 UTC) multi-call binary.

Usage: xz -d [-cfk] [FILE]...

Decompress FILE (or stdin)

    -d  Decompress
    -c  Write to stdout
    -f  Force
    -k  Keep input files
tar: write error: Broken pipe

I use the following versions:

Docker version 18.06.3-ce, build d7080c1
BusyBox v1.31.0 (2019-07-16 01:13:11 UTC) multi-call binary.

Is this because of busybox or am I doing something wrong?

How can I fix this?

curl

How I cant add the curl to busybox?

Busybox Glibc : Missing Required Shared Libraries from Glibc

I am attempting to create a small container that includes IBM MQ client support, as the example image that IBM provides uses Ubuntu, which is quite large. As IBM uses glibc for their C libraries, an Alpine container would not work for my requirement, so I have turned to Busybox with it's glibc support.

Unfortunately, I am getting the below error without adding any additional shared libraries to the /lib folder.

error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory

Upon examining the /lib folder, it seems the only libraries provided are the following :

/lib # ls -ltr
total 3376
-rw-r--r--    1 root     root         84848 Jan 14 10:39 libresolv.so.2
-rwxr-xr-x    1 root     root        135440 Jan 14 10:39 libpthread.so.0
-rw-r--r--    1 root     root         51736 Jan 14 10:39 libnss_nisplus.so.2
-rw-r--r--    1 root     root         47688 Jan 14 10:39 libnss_nis.so.2
-rw-r--r--    1 root     root         18880 Jan 14 10:39 libnss_hesiod.so.2
-rw-r--r--    1 root     root         47632 Jan 14 10:39 libnss_files.so.2
-rw-r--r--    1 root     root         22928 Jan 14 10:39 libnss_dns.so.2
-rw-r--r--    1 root     root         31616 Jan 14 10:39 libnss_compat.so.2
-rw-r--r--    1 root     root         89064 Jan 14 10:39 libnsl.so.1
-rw-r--r--    1 root     root       1063328 Jan 14 10:39 libm.so.6
-rwxr-xr-x    1 root     root       1689360 Jan 14 10:39 libc.so.6
-rwxr-xr-x    1 root     root        153288 Apr  3 20:23 ld-linux-x86-64.so.2

Now, the official busybox image documentation states that the glibc provided in the container is from Debian, and links directly to libc6 which contains all of the shared libraries that glibc should include.

So, can these shared libraries be added to the busybox glibc container to support binaries requiring glibc shared libraries? I may be thinking about this incorrectly. If I'm missing something, please let me know, and I would appreciate it very much. Thanks!

Add support of Windows

busybox image doesn't run on Windows, we should add windows support for it.

Refer kubernetes/kubernetes#61097.
Refer https://github.com/e2e-win/k8s_images/blob/master/busybox/Dockerfile.

Nslookup does not work in latest busybox image

I deployed a kubernetes image using the latest version of busybox image.
After the pod was successfully deployed I tried to run
kubectl exec busybox nslookup kubernetes.default

The nslookup command no longer works.

shenoyk-m01:image-pipeline shenoyk$ kubectl exec busybox nslookup kubernetes.default
Server: 10.0.0.10
Address: 10.0.0.10:53

** server can't find kubernetes.default: NXDOMAIN

*** Can't find kubernetes.default: No answer

The same command works when specifying busybox:1.28 version for the image. Nslookup started failing with the latest version

busybox.yaml is below.

apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:

image: busybox
command:
- sleep
- "3600"
  imagePullPolicy: Always
  name: busybox
  restartPolicy: Always

Add envsubst to the container.

By having envsubst to the container, an Init pod or any type of pod/deployment can grab the already installed environment variables in the pod/deployment and create the more precise configuration files to the pod/deployment.
Example:
/etc/database/creds-template.conf

username=${DB_USERNAME}
password=${DB_PASSWORD}

envsubst < /etc/database/creds-template.conf > /etc/database/creds.conf

Will allow like ${DB_USERNAME} and ${DB_PASSWORD} that are already set in environment like k8s secret mounts or environment secrets references to be substituted so that the original file, at rest, does NOT have the creds exposed.

bbox 1.28.4 and nslookup question (sorry)

Sorry for another nslookup question but..I am using bbox 1.28.4 image as a K8s initContainer. Whenever I make a call to nslookup that fails, the container exits before I can check the return code.

     initContainers:
        ...
        imagePullPolicy: Always
        command:
        - sh
        - -c
        - "set -ex\n
          echo Init container running for $(hostname)\n
          nslookup kubernetes.default\n
          if [[ $? -ne 0 ]]; then\n
              echo oops\n
          fi\n
          nslookup foo.bar\n
          if [[ $? -ne 0 ]]; then\n
              echo oops\n
          fi\n"

The pod ends up in a crash backoff state. The log from the failed init container:

+ hostname
+ echo Init container running 'for' jnpr-ipb-redis-0
+ nslookup kubernetes.default
Init container running for jnpr-ipb-redis-0
Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
+ '[[' 0 -ne 0 ]]
+ nslookup foo.bar
Server:    10.96.0.10
nslookup: can't resolve 'foo.bar'
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Never executes the next line after nslookup foo.bar. Am I missing something obvious here?

Missing arm32v6/busybox:glibc

Would it be possible to create that image and release it even tho it's not officially supported, but would be nice to be able to generate all archs in one go(all others have it)?

Package manager?

Could library/busybox, specifically library/busybox:uclibc, get a package manager? I'm interested in obtaining a Docker container with uClibC + Go, but I can't seem to find a Docker image with both uClibC and a package manager. Not that there's much chance of a Go package for uClibC, but at least the ability to obtain packages and maybe setup a manual build of Go on uClibC would be nice.

Exception observed for the base image of busybox

If the busybox use debian:stretch-slim as the base image of the busybox, then we'll have the issue reported by moby/moby#35963, if we switch the base image from debian:jessie-slim, then the issue will not show. I guess the busybox binary has some kind of conflicts with the pkg(s) in the rootfs of debian:stretch-slim, but now can't narrow down which one(s).

wget doesn't support --no-directories option

Is the wget bundled in busybox a full-functional version? It doesn't support --no-directories option, also --version option returns unrecognized option

Missing riscv64/busybox

Would it be possible to create that image and release it even tho it's not officially supported?

How can I compile busysbox.tar.xz

I've successfully compiled the busybox source on the mips64le architecture system,
How can I package as busybox.tar.xz?
Can anyone help me?

sweetman135/sandogh

Unable to find group dbus

Hi,

I am not sure whether is the right place for this issue or not but, here it is,

Just testing this command mentioned in the Additional groups section ,I get the following error:

$ docker run -it --rm --group-add audio  --group-add dbus --group-add 777 busybox id
Unable to find group dbus
Error response from daemon: Cannot start container 53b17f2f45878e0a6f40e43d7f993e384e29e89d34b86b3af7f0b9ea9557866f: [8] System error: Unable to find group dbus

Simply taking dbus out, (also -it is redundant), I see the result with no error:

$ docker run --rm --group-add audio  --group-add 777 busybox id
uid=0(root) gid=0(root) groups=10(wheel),29(audio),777

Seems like dbus does not exist on the current user list of busybox:latest.

no apk within image, so can't install necessary tools, how to do?

busybox:1.25.1 contains DDoS Trojan Mirai

According to virustotal.com, busybox:1.25.1 contains the Busybox Trojan Mirai.

See fabric8io/docker-maven-plugin#795 for details.

nc: bad address "docker container"

When using netcat to wait for a docker container to be up, using container name using the latest busybox image, I am getting an error nc: bad address "docker container"

BB vol

Docker with Qemu emulation ... trying to build base boxes...

however having a place to stuff native tools for host os ...

ie arm64 @ / , /bb/ <--- busybox here... amd64 here...

can run scripts native amd64 wget etc... ln sh etc.. , if the qemu fails can also build via busybox /bb vol... to run docker building scripts.. in cloud... ie dockerhub..

last get base / built , retest till docker runs and or fix qemu and or load wrappers..

other point is dockerhub wont run privileged... so can still build , then drop off amd64 vol tools..

despite docker not liking unprivileged or arm/arm64 still can script wget rootfs tarball...
do symlinks etc.. go get tarballs > / etc ... unpack.. etc.. do basic crude builds , etc..

newer gentoo arm64 load /bb vol , build it... @ / push qemu into / , use scripts to load qemu layer or proot etc..

/bb/wget ... , /bb/ln -s ... /bb/sh run my script/s ie fix time , fix via /bb/echo google-pubdns-ips > /etc/hosts etc
wget newer qemu... basic diagnostic or building on native or cloud..

users/devs can add remove bb volume ...

create official busybox variant for ARM

While trying to get Docker integration tests running on ARM one major problem is that the current busybox image only works for x86.

Together with @StefanScherer I created a quick'n'dirty variant of the busybox image which can be found here: https://github.com/hypriot/armhf-busybox

Most of the tests seem to run with it. But we still have a couple of failing tests. This and the facts that the busybox image is crucial for the integration tests makes me think that it would be really important to have a clean port of your busybox image for ARM. And of course it should be part of the official docker-library.

How could we best achieve this? How could I help?

Please make tag available that picks up fix for CVE-2021-28831

A Prisma Cloud scan of a container using the latest docker image of BusyBox is raising CVE-2021-28831. This issue was fixed in a commit to BusyBox here. This bug requests a new docker image tag be published that contains this fix.

I'm uncertain of whether this requires a new version of BusyBox to be published. If so, I'm willing to write that bug as well.

BusyBox 1.32.1 (stable)

The latest version is already 1.33.0 (unstable), but the stable version, 1.32.1, is currently not available.

https://www.busybox.net/

1 January 2021 -- BusyBox 1.32.1 (stable)

Bug fix release. 1.32.1 fixes a case where in ash, "wait" never finishes.

29 December 2020 -- BusyBox 1.33.0 (unstable)

exit builtin broken in /bin/sh

Hello,

The latest image at busybox:latest (Digest: sha256:c583946ffce98766427b21c9f6bed5ca1cb3dfa46188d1e5a122854dff0c1b76) appears to have a broken sh. Here's an example:

$ docker run busybox@sha256:c583946ffce98766427b21c9f6bed5ca1cb3dfa46188d1e5a122854dff0c1b76 sh -c 'sh -c "exit 0"; echo $?'
Segmentation fault
139

The previous image I was using (looks to be similar to busybox:buildroot-2014.02) (Digest: sha256:ced99ae82473e7dea723e6c467f409ed8f051bda04760e07fd5f476638c33507) behaves closer to how I expect:

$ docker run busybox@sha256:ced99ae82473e7dea723e6c467f409ed8f051bda04760e07fd5f476638c33507 sh -c 'sh -c "exit 0"; echo $?'
0

And since I'm sure you want to see how I'm running this:

$ docker info
Containers: 6
Images: 199
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 213
 Dirperm1 Supported: false
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.13.0-55-generic
Operating System: Ubuntu precise (12.04.5 LTS)
CPUs: 4
Total Memory: 15.53 GiB
Name: u8c89a5b74c6750492784
ID: KXI5:FAAI:Y2OH:RMMF:OSCX:XUO5:NTJP:7A6N:RIAR:S4GU:EJFA:7X55
WARNING: No swap limit support
$ docker version
Client version: 1.7.1
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 786b29d
OS/Arch (client): linux/amd64
Server version: 1.7.1
Server API version: 1.19
Go version (server): go1.4.2
Git commit (server): 786b29d
OS/Arch (server): linux/amd64

Thanks,
Sam

TLS support

wget cannot fetch data from HTTPS websites.

wget: note: TLS certificate validation not implemented
wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer

wget failed any URLs with bad request

[root@bastion ~]# podman pull busybox
Trying to pull docker.io/library/busybox...
Getting image source signatures
Copying blob 24fb2886d6f6 done
Copying config 16ea53ea7c done
Writing manifest to image destination
Storing signatures
16ea53ea7c652456803632d67517b78a4f9075a10bfdc4fc6b7b4cbf2bc98497
[root@bastion chap3]# podman run -it --rm busybox
/ # wget http://kubernetes.io
wget: bad address 'kubernetes.io'

/ # wget https://github.com/docker-library/busybox/archive/master.zip
wget: bad address 'github.com'


/ # wget
BusyBox v1.33.1 (2021-09-13 17:20:40 UTC) multi-call binary.
......

[root@bastion chap3]# podman inspect docker.io/library/busybox
[
    {
        "Id": "16ea53ea7c652456803632d67517b78a4f9075a10bfdc4fc6b7b4cbf2bc98497",
        "Digest": "sha256:febcf61cd6e1ac9628f6ac14fa40836d16f3c6ddef3b303ff0321606e55ddd0b",
        "RepoTags": [
            "docker.io/library/busybox:latest"
        ],
        "RepoDigests": [
            "docker.io/library/busybox@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57",
            "docker.io/library/busybox@sha256:febcf61cd6e1ac9628f6ac14fa40836d16f3c6ddef3b303ff0321606e55ddd0b"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2021-09-14T01:20:04.919255608Z",
        "Config": {
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "sh"
            ]
        },
        "Version": "20.10.7",
        "Author": "",
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 1459397,
        "VirtualSize": 1459397,
        "GraphDriver": {
            "Name": "overlay",
            "Data": {
                "UpperDir": "/var/lib/containers/storage/overlay/cfd97936a58000adc09a9f87adeeb7628a2c71d11c4998e6e7f26935fa0cd713/diff",
                "WorkDir": "/var/lib/containers/storage/overlay/cfd97936a58000adc09a9f87adeeb7628a2c71d11c4998e6e7f26935fa0cd713/work"
            }
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:cfd97936a58000adc09a9f87adeeb7628a2c71d11c4998e6e7f26935fa0cd713"
            ]
        },
        "Labels": null,
        "Annotations": {},
        "ManifestType": "application/vnd.docker.distribution.manifest.v2+json",
        "User": "",
        "History": [
            {
                "created": "2021-09-14T01:20:04.771753521Z",
                "created_by": "/bin/sh -c #(nop) ADD file:c9e0c3d3badfd458c47d49d7a587177b7d7c1c025fefb1fd798004f77999ca31 in / "
            },
            {
                "created": "2021-09-14T01:20:04.919255608Z",
                "created_by": "/bin/sh -c #(nop)  CMD [\"sh\"]",
                "empty_layer": true
            }
        ]
    }
]

docker image busybox:latest nslookup not working in kubernetes

docker image: busybox:latest

test busybox binary

nslookup www.baidu.com
not working
-----------------------------------------------------------------------------
nslookup xxx-service.xxx-namespace
not working

test golang's net.LookupHost

package main
import (
    "net"
)
func main(){
    addrs,e:=net.LookupHost("www.baidu.com")  
    if e!=nil{
        panic(e)
    }
    fmt.Println(addrs)
}
go run main.go
not working,this will panic
-----------------------------------------------------------------------------
change host to "xxx-service.xxx-namespace"
go run main.go
not working,this will panic

docker image: busybox:1.28

test busybox binary

nslookup www.baidu.com
working
~/app # nslookup www.baidu.com
Server:    172.21.0.10
Address 1: 172.21.0.10 kube-dns.kube-system.svc.cluster.local

Name:      www.baidu.com
Address 1: 180.101.49.11
Address 2: 180.101.49.12
------------------------------------------------------------------------------
nslookup xxx-service.xxx-namespace
working,but the output has some format problem
~/app # nslookup discovery-service.community
Server:    172.21.0.10
Address 1: 172.21.0.10 kube-dns.kube-system.svc.cluster.local

Name:      discovery-service.community
Address 1: 10.137.63.146 discovery-deployment-b75b8969b-7zzlz
Address 2: 10.137.63.184 10-137-63-184.discovery-service.community.svc.cluster.local
Address 3: 10.137.63.159 10-137-63-159.discovery-service.community.svc.cluster.local

test golang's net.LookupHost

package main
import (
    "net"
)
func main(){
    addrs,e:=net.LookupHost("www.baidu.com")  
    if e!=nil{
        panic(e)
    }
    fmt.Println(addrs)
}
go run main.go
working
output: [180.101.49.11,180.101.49.12]
-----------------------------------------------------------------------------
change host to "xxx-service.xxx-namespace"
go run main.go
working
output: [10.137.63.146,10.137.63.184,10.137.63.159]

can't resolve dns in kubernetes

I have installed prometheus in kubernetes 1.17.
I`m using helm and stable/prometheus-operator chart.

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.0", GitCommit:"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529", GitTreeState:"clean", BuildDate:"2019-06-19T16:40:16Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.5", GitCommit:"e0fccafd69541e3750d460ba0f9743b90336f24f", GitTreeState:"clean", BuildDate:"2020-04-16T11:35:47Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
$ helm3 version
version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}

I got problem

kubectl logs alertmanager-prometheus-operator-alertmanager-0 alertmanager
level=warn ts=2020-06-11T15:32:36.386Z caller=main.go:322 msg="unable to join gossip mesh" err="1 error occurred:\n\t* Failed to resolve alertmanager-prometheus-operator-alertmanager-0.alertmanager-operated.prometheus-operator.svc:9094: lookup alertmanager-prometheus-operator-alertmanager-0.alertmanager-operated.prometheus-operator.svc on 10.245.0.10:53: no such host\n\n"

After investigation I have realise that problem may be in busybox image.
The problem is similar to kubernetes/kubernetes#66924 (comment)

part of kubernetes deploymet config:

        - args:
        - -c
        - while true; do nslookup alertmanager-bot; sleep 10; done
        command:
        - /bin/sh
        image: busybox:1.31.1

pod log:

Server:		10.245.0.10
Address:	10.245.0.10:53

** server can't find alertmanager-bot.monitoring.svc.cluster.local: NXDOMAIN

*** Can't find alertmanager-bot.svc.cluster.local: No answer
*** Can't find alertmanager-bot.cluster.local: No answer
*** Can't find alertmanager-bot.monitoring.svc.cluster.local: No answer
*** Can't find alertmanager-bot.svc.cluster.local: No answer
*** Can't find alertmanager-bot.cluster.local: No answer

coredns log:

coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.561Z [INFO] 10.244.0.215:43144 - 19456 "AAAA IN alertmanager-bot.cluster.local. udp 48 false 512" NXDOMAIN qr,aa,rd 141 0.000202924s
coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.562Z [INFO] 10.244.0.215:43144 - 19456 "A IN alertmanager-bot.monitoring.svc.cluster.local. udp 63 false 512" NOERROR qr,aa,rd 124 0.000145229s
coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.562Z [INFO] 10.244.0.215:43144 - 19456 "A IN alertmanager-bot.svc.cluster.local. udp 52 false 512" NXDOMAIN qr,aa,rd 145 0.000084224s
coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.562Z [INFO] 10.244.0.215:43144 - 19456 "A IN alertmanager-bot.cluster.local. udp 48 false 512" NXDOMAIN qr,aa,rd 141 0.000056272s
coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.562Z [INFO] 10.244.0.215:43144 - 19456 "AAAA IN alertmanager-bot.monitoring.svc.cluster.local. udp 63 false 512" NOERROR qr,aa,rd 156 0.000060009s
coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:29:27.562Z [INFO] 10.244.0.215:43144 - 19456 "AAAA IN alertmanager-bot.svc.cluster.local. udp 52 false 512" NXDOMAIN qr,aa,rd 145 0.000051978s

pod log with busybox 1.28.4:

Name:      alertmanager-bot
Address 1: 10.245.48.126 alertmanager-bot.monitoring.svc.cluster.local
Server:    10.245.0.10
Address 1: 10.245.0.10 kube-dns.kube-system.svc.cluster.local

coredns log:

coredns-84c79f5fb4-vkc7j coredns 2020-06-11T14:34:42.790Z [INFO] 10.244.0.204:53241 - 3 "AAAA IN alertmanager-bot.monitoring.svc.cluster.local. udp 63 false 512" NOERROR qr,aa,rd 156 0.000207196s
coredns-84c79f5fb4-bspnj coredns 2020-06-11T14:34:42.792Z [INFO] 10.244.0.204:57444 - 4 "A IN alertmanager-bot.monitoring.svc.cluster.local. udp 63 false 512" NOERROR qr,aa,rd 124 0.000175375s

resolv.conf

/ # cat /etc/resolv.conf # the same on both images
nameserver 10.245.0.10
search monitoring.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

I have already opened a bug on busybox https://bugs.busybox.net/show_bug.cgi?id=13006
My cloud provider is digital ocean.
Image version

$ kubectl get pods -o yaml alertmanager-prometheus-operator-alertmanager-0 | grep image:
    image: quay.io/prometheus/alertmanager:v0.20.0
    image: quay.io/coreos/configmap-reload:v0.0.1

alertmanager version

/alertmanager $ alertmanager --version
alertmanager, version 0.20.0 (branch: HEAD, revision: f74be0400a6243d10bb53812d6fa408ad71ff32d)
  build user:       root@00c3106655f8
  build date:       20191211-14:13:14
  go version:       go1.13.5

busybox version

/alertmanager $ busybox | head
BusyBox v1.31.1 (2019-10-28 18:40:01 UTC) multi-call binary.

wget: can't execute 'ssl_helper': No such file or directory

It appears that the busybox image is missing the ssl_helper:

# docker run -ti busybox:1.26.1
(in container) / # wget https://google.com
Connecting to google.com (172.217.16.174:443)
wget: can't execute 'ssl_helper': No such file or directory
wget: error getting response: Connection reset by peer

busybox:uclibc (aka latest) only allows 3 DNS search paths

busybox:glibc works correctly, busybox:uclibc does not. :latest is currently tagged as :uclibc - it looks like this was updated today.

https://git.uclibc.org/uClibc/tree/include/resolv.h#n93

uclibc code shows support for 6

# docker run --dns=10.0.0.10 --dns-search=f1 --dns-search=f2 --dns-search=google.internal busybox:glibc nslookup metadata
Unable to find image 'busybox:glibc' locally
glibc: Pulling from library/busybox

Digest: sha256:820e88a5350fab82a8bccad595ffbcd668197abb5b4a718bfe576dd87ab60977
Status: Downloaded newer image for busybox:glibc
Server:    10.0.0.10
Address 1: 10.0.0.10

Name:      metadata
Address 1: 169.254.169.254 metadata.google.internal



# docker run --dns=10.0.0.10 --dns-search=f1 --dns-search=f2 --dns-search=f3 --dns-search=google.internal busybox:glibc nslookup metadata
Server:    10.0.0.10
Address 1: 10.0.0.10

Name:      metadata
Address 1: 169.254.169.254 metadata.google.internal



# docker run --dns=10.0.0.10 --dns-search=f1 --dns-search=f2 --dns-search=google.internal busybox:uclibc nslookup metadataUnable to find image 'busybox:uclibc' locally
uclibc: Pulling from library/busybox

Digest: sha256:51fef9ff5e7a2b6fc3bd21f4f5542cc56329a1abf5eb336613a6c1731ef681ae
Status: Downloaded newer image for busybox:uclibc
Server:    10.0.0.10
Address 1: 10.0.0.10

Name:      metadata
Address 1: 169.254.169.254 metadata.google.internal



# docker run --dns=10.0.0.10 --dns-search=f1 --dns-search=f2 --dns-search=f3 --dns-search=google.internal busybox:uclibc nslookup metadata
Server:    10.0.0.10
Address 1: 10.0.0.10

nslookup: can't resolve 'metadata'

After upgrade to Alpine 3.10 timeout syntax is different

It looks like timeout syntax has changed in Busybox 1.30.1. -t parameter is not available anymore. This affects update from 18.09.5 to 18.09.6

WAS

https://git.busybox.net/busybox/tree/coreutils/timeout.c?h=1_29_stable#n66

//usage:#define timeout_trivial_usage
//usage:       "[-t SECS] [-s SIG] PROG ARGS"

NOW

https://git.busybox.net/busybox/tree/coreutils/timeout.c?h=1_30_stable#n66

//usage:#define timeout_trivial_usage
//usage:       "[-s SIG] SECS PROG ARGS"
//usage:#define timeout_full_usage "\n\n"
//usage:       "Runs PROG. Sends SIG to it if it is not gone in SECS seconds.\n"
//usage:       "Default SIG: TERM."

It was discussed already here

Xxx

docker pull busybox

Upgrade to Alpine 3.10

#59 (comment)

How add file to this image

Hello, I would like to build my program and share it with docker.

Is possible to write simple Makefile how producing simple 'hello world' program and add it to docker (add as layer). What linking, witch system to compiling etc.

What should I do with busybox image running on MIPS platform?

Hi everyone, I want to make busybox image on MIPS platform. I want to learn some experience about making busybox image on a new platform. And we will submit the busybox image to the official image warehouse after making successfully and testing completely. I think that we can cooperate on this and I need your help.
Thanks!

Add "bbconfig" applet to config

BusyBox supports a sort of reflective applet called "bbconfig" which will dump the .config used while building the binary. This can be enabled with these config options:

CONFIG_BBCONFIG=y
CONFIG_FEATURE_COMPRESS_BBCONFIG=y

This is a nicety but it's pretty useful when attempting to debug an issue with a container, the binary itself, etc.

Why nslookup can't resolv short name?

I'm using the newest container of busybox to run nslookup, but can't get short name resolved. any hints?

nslookup nginx

Server: 192.168.192.10
Address 1: 192.168.192.10 kube-dns.kube-system.svc.cluster.local

nslookup: can't resolve 'nginx'

nslookup nginx.policy-demo.svc.cluster.local

Server: 192.168.192.10
Address 1: 192.168.192.10 kube-dns.kube-system.svc.cluster.local

Name: nginx.policy-demo.svc.cluster.local
Address 1: 192.168.204.48 nginx.policy-demo.svc.cluster.local

My /etc/resolv.conf is like this:

cat /etc/resolv.conf

nameserver 192.168.192.10
search policy-demo.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

docker-library / busybox Goto Github PK

busybox's Introduction

Maintained by: the Docker Community

See a change merged here that doesn't show up on Docker Hub yet?

busybox's People

Contributors

Stargazers

Watchers

Forkers

busybox's Issues

Reproducer

Expected Results

docker image: busybox:latest

test busybox binary

test golang's net.LookupHost

docker image: busybox:1.28

test busybox binary

test golang's net.LookupHost

WAS

NOW

nslookup nginx

nslookup nginx.policy-demo.svc.cluster.local

cat /etc/resolv.conf

Recommend Projects

Recommend Topics

Recommend Org