update cowrie

2025-01-12 04:23:04 +02:00 · 2020-11-19 15:43:20 +08:00 · 2020-11-19 15:43:20 +08:00 · 272e0758f0
commit 272e0758f0
parent 680b27bf6c
2 changed files with 97 additions and 36 deletions
--- a/cowrie/arm/Dockerfile
+++ b/cowrie/arm/Dockerfile
@ -1,38 +1,94 @@
-#
-# Dockerfile for cowrie-arm
-#
+# This Dockerfile contains two images, `builder` and `runtime`.
+# `builder` contains all necessary code to build
+# `runtime` is stripped down.

-FROM arm32v7/alpine:3
-MAINTAINER EasyPi Software Foundation
+FROM arm32v7/debian:buster-slim as builder
+LABEL maintainer="Michel Oosterhof <michel@oosterhof.net>"

-RUN apk add -U bash \
-               build-base \
-               ca-certificates \
-               libffi \
-               libffi-dev \
-               openssl \
-               openssl-dev \
-               python \
-               python-dev \
-               tar \
-    && wget -qO- https://bootstrap.pypa.io/get-pip.py | python \
-    && adduser -D cowrie \
-    && cd /home/cowrie \
-    && wget -qO- https://github.com/micheloosterhof/cowrie/archive/master.tar.gz | tar xz --strip 1 \
-    && pip install -r requirements.txt \
-    && sed '/Enable Telnet/{n;s/\(enabled\).*/\1 = true/}' cowrie.cfg.dist > cowrie.cfg \
-    && sed -i 's/^\(VIRTUALENV_ENABLED\).*/\1=no/' bin/cowrie \
-    && chown -R cowrie:cowrie . \
-    && apk del build-base \
-               libffi-dev \
-               openssl-dev \
-               python-dev \
-               tar \
-    && rm -rf /var/cache/apk/*
+WORKDIR /

+ENV COWRIE_GROUP=cowrie \
+    COWRIE_USER=cowrie \
+    COWRIE_HOME=/cowrie
+
+# Set locale to UTF-8, otherwise upstream libraries have bytes/string conversion issues
+ENV LC_ALL=en_US.UTF-8 \
+    LANG=en_US.UTF-8 \
+    LANGUAGE=en_US.UTF-8
+
+RUN groupadd -r -g 1000 ${COWRIE_GROUP} && \
+    useradd -r -u 1000 -d ${COWRIE_HOME} -m -g ${COWRIE_GROUP} ${COWRIE_USER}
+
+# Set up Debian prereqs
+RUN export DEBIAN_FRONTEND=noninteractive; \
+    apt-get update && \
+    apt-get install -y \
+        -o APT::Install-Suggests=false \
+        -o APT::Install-Recommends=false \
+      python3-pip \
+      libssl-dev \
+      libffi-dev \
+      python3-dev \
+      python3-venv \
+      python3 \
+      gcc \
+      git \
+      build-essential \
+      python3-virtualenv \
+      libsnappy-dev \
+      default-libmysqlclient-dev && \
+    rm -rf /var/lib/apt/lists/*
+
+# Build a cowrie environment from github master HEAD.
+
+USER ${COWRIE_USER}
+
+RUN git clone --separate-git-dir=/tmp/cowrie.git https://github.com/cowrie/cowrie ${COWRIE_HOME}/cowrie-git && \
+    cd ${COWRIE_HOME} && \
+      python3 -m venv cowrie-env && \
+      . cowrie-env/bin/activate && \
+      pip install --no-cache-dir --upgrade pip && \
+      pip install --no-cache-dir --upgrade cffi && \
+      pip install --no-cache-dir --upgrade setuptools && \
+      pip install --no-cache-dir --upgrade -r ${COWRIE_HOME}/cowrie-git/requirements.txt && \
+      pip install --no-cache-dir --upgrade -r ${COWRIE_HOME}/cowrie-git/requirements-output.txt
+
+FROM arm32v7/debian:buster-slim AS runtime
+LABEL maintainer="Michel Oosterhof <michel@oosterhof.net>"
+
+ENV COWRIE_GROUP=cowrie \
+    COWRIE_USER=cowrie \
+    COWRIE_HOME=/cowrie
+
+RUN groupadd -r -g 1000 ${COWRIE_GROUP} && \
+    useradd -r -u 1000 -d ${COWRIE_HOME} -m -g ${COWRIE_GROUP} ${COWRIE_USER}
+
+RUN export DEBIAN_FRONTEND=noninteractive; \
+    apt-get update && \
+    apt-get install -y \
+        -o APT::Install-Suggests=false \
+        -o APT::Install-Recommends=false \
+      libssl1.1 \
+      libffi6 \
+      procps \
+      python3 && \
+    rm -rf /var/lib/apt/lists/* && \
+    ln -s /usr/bin/python3 /usr/local/bin/python
+
+COPY --from=builder ${COWRIE_HOME} ${COWRIE_HOME}
+RUN chown -R ${COWRIE_USER}:${COWRIE_GROUP} ${COWRIE_HOME}
+
+ENV PATH=${COWRIE_HOME}/cowrie-git/bin:${PATH}
+ENV STDOUT=yes
+
+USER ${COWRIE_USER}
+WORKDIR ${COWRIE_HOME}/cowrie-git
+
+# preserve .dist file when etc/ volume is mounted
+RUN cp ${COWRIE_HOME}/cowrie-git/etc/cowrie.cfg.dist ${COWRIE_HOME}/cowrie-git
+VOLUME [ "/cowrie/cowrie-git/var", "/cowrie/cowrie-git/etc" ]
+RUN mv ${COWRIE_HOME}/cowrie-git/cowrie.cfg.dist ${COWRIE_HOME}/cowrie-git/etc
+
+ENTRYPOINT [ "cowrie" ]
+CMD [ "start", "-n" ]
 EXPOSE 2222 2223
-
-USER cowrie
-WORKDIR /home/cowrie
-
-CMD ["bin/cowrie", "start", "-n"]
--- a/cowrie/arm/docker-compose.yml
+++ b/cowrie/arm/docker-compose.yml
@ -1,4 +1,5 @@
 version: "3.8"
+
 services:
  cowrie:
    image: easypi/cowrie-arm
@ -6,6 +7,10 @@ services:
      - "2222:2222"
      - "2223:2223"
    volumes:
-      - ./data/dl:/home/cowrie/dl
-      - ./data/log:/home/cowrie/log
+      - cowrie-etc:/cowrie/cowrie-git/etc
+      - cowrie-var:/cowrie/cowrie-git/var
    restart: unless-stopped
+
+volumes:
+  cowrie-etc:
+  cowrie-var: