mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-19 01:06:27 +00:00
Merge pull request #1951 from dave-tucker/ports
Test that no ports are open
This commit is contained in:
Riyaz Faizullabhoy
GitHub
commit
efbeea75d0
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -21,4 +21,4 @@ files:
|
|||||||
contents: '#public ssh key here'
|
contents: '#public ssh key here'
|
||||||
trust:
|
trust:
|
||||||
org:
|
org:
|
||||||
- linuxkit
|
- linuxkit
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
services:
|
services:
|
||||||
- name: rngd
|
- name: rngd
|
||||||
image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
|
image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -6,7 +6,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
|
- linuxkit/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
20
linuxkit.yml
20
linuxkit.yml
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
@ -28,6 +28,24 @@ services:
|
|||||||
files:
|
files:
|
||||||
- path: etc/docker/daemon.json
|
- path: etc/docker/daemon.json
|
||||||
contents: '{"debug": true}'
|
contents: '{"debug": true}'
|
||||||
|
- path: etc/containerd/config.toml
|
||||||
|
contents: |
|
||||||
|
state = "/run/containerd"
|
||||||
|
root = "/var/lib/containerd"
|
||||||
|
snapshotter = "overlay"
|
||||||
|
subreaper = false
|
||||||
|
|
||||||
|
[grpc]
|
||||||
|
address = "/run/containerd/containerd.sock"
|
||||||
|
uid = 0
|
||||||
|
gid = 0
|
||||||
|
|
||||||
|
[debug]
|
||||||
|
address = "/run/containerd/debug.sock"
|
||||||
|
level = "info"
|
||||||
|
|
||||||
|
[metrics]
|
||||||
|
address = ":13337"
|
||||||
trust:
|
trust:
|
||||||
org:
|
org:
|
||||||
- linuxkit
|
- linuxkit
|
||||||
|
|||||||
@ -13,4 +13,4 @@ subreaper = false
|
|||||||
level = "info"
|
level = "info"
|
||||||
|
|
||||||
[metrics]
|
[metrics]
|
||||||
address = ":13337"
|
address = ""
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192
|
- linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
- linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29
|
- linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29
|
||||||
onboot:
|
onboot:
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037 # with runc, logwrite, startmemlogd
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037 # with runc, logwrite, startmemlogd
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
- linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012
|
- linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012
|
||||||
onboot:
|
onboot:
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38
|
- linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: check-kernel-config
|
- name: check-kernel-config
|
||||||
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: check-kernel-config
|
- name: check-kernel-config
|
||||||
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: check-kernel-config
|
- name: check-kernel-config
|
||||||
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: check
|
- name: check
|
||||||
image: "kmod-test"
|
image: "kmod-test"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
|
|||||||
13
test/cases/030_security/010_ports/check.sh
Normal file
13
test/cases/030_security/010_ports/check.sh
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
PORTS=$(netstat -lntup)
|
||||||
|
LINES=$(echo "${PORTS}" | wc -l)
|
||||||
|
if [ $((LINES > 2)) -ne 0 ]
|
||||||
|
then
|
||||||
|
echo "Ports test case FAILED"
|
||||||
|
echo "${PORTS}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Ports test case PASSED"
|
||||||
24
test/cases/030_security/010_ports/test.sh
Normal file
24
test/cases/030_security/010_ports/test.sh
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# SUMMARY: Check that there are no open ports
|
||||||
|
# LABELS:
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Source libraries. Uncomment if needed/defined
|
||||||
|
#. "${RT_LIB}"
|
||||||
|
. "${RT_PROJECT_ROOT}/_lib/lib.sh"
|
||||||
|
|
||||||
|
NAME=lsof
|
||||||
|
|
||||||
|
clean_up() {
|
||||||
|
# remove any files, containers, images etc
|
||||||
|
rm -rf ${NAME}* || true
|
||||||
|
}
|
||||||
|
|
||||||
|
trap clean_up EXIT
|
||||||
|
|
||||||
|
moby build -output kernel+initrd -name "${NAME}" test.yml
|
||||||
|
linuxkit run qemu -kernel "${NAME}"
|
||||||
|
#RESULT=$(linuxkit run qemu -kernel "${NAME}")
|
||||||
|
#echo "${RESULT}" | grep -q "PASSED"
|
||||||
|
exit 0
|
||||||
23
test/cases/030_security/010_ports/test.yml
Normal file
23
test/cases/030_security/010_ports/test.yml
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
kernel:
|
||||||
|
image: "linuxkit/kernel:4.9.x"
|
||||||
|
cmdline: "console=ttyS0 page_poison=1"
|
||||||
|
init:
|
||||||
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
|
onboot:
|
||||||
|
- name: test
|
||||||
|
image: "alpine:3.6"
|
||||||
|
readonly: true
|
||||||
|
binds:
|
||||||
|
- /check.sh:/check.sh
|
||||||
|
command: ["sh", "./check.sh"]
|
||||||
|
- name: poweroff
|
||||||
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
command: ["/bin/sh", "/poweroff.sh", "10"]
|
||||||
|
files:
|
||||||
|
- path: check.sh
|
||||||
|
source: ./check.sh
|
||||||
|
trust:
|
||||||
|
org:
|
||||||
|
- linuxkit
|
||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
|
image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
|
||||||
onboot:
|
onboot:
|
||||||
- name: test
|
- name: test
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: mkimage
|
- name: mkimage
|
||||||
image: "linuxkit/mkimage:f4bf0c24261f7d120c8674892805ab3054eb8ac3"
|
image: "linuxkit/mkimage:f4bf0c24261f7d120c8674892805ab3054eb8ac3"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: poweroff
|
- name: poweroff
|
||||||
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: sysctl
|
- name: sysctl
|
||||||
image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
|
image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
- linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: ltp
|
- name: ltp
|
||||||
image: "linuxkit/test-ltp:6df23ac196332cafb9c0f8e32f328e22d612267d"
|
image: "linuxkit/test-ltp:6df23ac196332cafb9c0f8e32f328e22d612267d"
|
||||||
|
|||||||
@ -6,7 +6,7 @@ kernel:
|
|||||||
init:
|
init:
|
||||||
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
- linuxkit/init:1b8a7e394d2ec2f1fdb4d67645829d1b5bdca037
|
||||||
- linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38
|
- linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38
|
||||||
- linuxkit/containerd:5749f2e9e65395cc6635229e8da0e0d484320ddf
|
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user