metasploit-framework/Dockerfile

63 lines
2.0 KiB
Docker
Raw Normal View History

2018-10-03 23:54:35 +00:00
FROM ruby:2.5.1-alpine3.7 AS builder
2017-11-28 20:35:20 +00:00
LABEL maintainer="Rapid7"
2017-04-22 00:10:00 +00:00
ARG BUNDLER_ARGS="--jobs=8 --without development test coverage"
ENV APP_HOME /usr/src/metasploit-framework/
2017-11-28 20:35:20 +00:00
ENV BUNDLE_IGNORE_MESSAGES="true"
WORKDIR $APP_HOME
2017-11-28 20:35:20 +00:00
COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME
COPY lib/metasploit/framework/version.rb $APP_HOME/lib/metasploit/framework/version.rb
COPY lib/metasploit/framework/rails_version_constraint.rb $APP_HOME/lib/metasploit/framework/rails_version_constraint.rb
COPY lib/msf/util/helper.rb $APP_HOME/lib/msf/util/helper.rb
2018-10-03 23:54:35 +00:00
RUN apk add --no-cache \
2017-04-22 00:10:00 +00:00
autoconf \
bison \
build-base \
ruby-dev \
2018-01-28 08:47:09 +00:00
libressl-dev \
2017-04-22 00:10:00 +00:00
readline-dev \
sqlite-dev \
postgresql-dev \
libpcap-dev \
libxml2-dev \
libxslt-dev \
yaml-dev \
zlib-dev \
ncurses-dev \
2017-07-17 14:41:47 +00:00
git \
2017-04-22 00:10:00 +00:00
&& echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
2017-11-28 20:35:20 +00:00
&& gem update --system \
2017-08-09 13:34:23 +00:00
&& gem install bundler \
2018-10-04 11:23:55 +00:00
&& bundle install --clean --no-cache --system $BUNDLER_ARGS \
# temp fix for https://github.com/bundler/bundler/issues/6680
2018-10-04 14:21:46 +00:00
&& rm -rf /usr/local/bundle/cache \
# needed so non root users can read content of the bundle
&& chmod -R a+r /usr/local/bundle
2018-10-03 23:54:35 +00:00
FROM ruby:2.5.1-alpine3.7
LABEL maintainer="Rapid7"
ENV APP_HOME /usr/src/metasploit-framework/
ENV NMAP_PRIVILEGED=""
COPY --from=builder /usr/local/bundle /usr/local/bundle
2018-10-04 08:54:21 +00:00
COPY . $APP_HOME
2018-10-03 23:54:35 +00:00
RUN apk add --no-cache bash sqlite-libs nmap nmap-scripts nmap-nselibs postgresql-libs python python3 ncurses libcap su-exec
2017-04-27 08:55:03 +00:00
RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
2017-11-28 20:35:20 +00:00
RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
2017-04-27 08:55:03 +00:00
2018-10-04 14:21:46 +00:00
WORKDIR $APP_HOME
2018-02-17 19:12:35 +00:00
# we need this entrypoint to dynamically create a user
# matching the hosts UID and GID so we can mount something
# from the users home directory. If the IDs don't match
# it results in access denied errors. Once docker has
# a solution for this we can revert it back to normal
ENTRYPOINT ["docker/entrypoint.sh"]
CMD ["./msfconsole", "-r", "docker/msfconsole.rc"]