Comments (5)
Hi @binoopnanu ,
Probably, your docker environment has the icc=false
configuration parameter setted, so your containers cannot communicate with others within the same host through docker bridge networks.
Despite of this, you can configure your docker-compose.yml
like I show you below thanks to the unresolved issue 21990 of the Moby repository --> moby/moby#21990
Please, test the next docker-compose.yml
in your environment and let me know if your issue would be fixed :-)
version: '2'
services:
dagda:
build: .
image: 3grander/dagda:0.8.0
container_name: dagda
entrypoint: python dagda.py start -s 0.0.0.0 -p 5000 -m 172.17.0.1 -mp 27018
ports:
- "5000:5000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /tmp:/tmp
depends_on:
- vulndb
vulndb:
image: mongo
container_name: vulndb
ports:
- "27018:27017"
volumes:
- ./db:/data/db
from dagda.
Hi @eliasgranderubio ,
I've used the new docker-compose file...
the db has been updated.
bash-4.3# python3 dagda.py vuln --init_status
{
"status": "Updated",
"timestamp": "2018-09-27 02:21:14.605383"
}
bash-4.3#
But I am getting a below error when I try to scan alpine image..
bash-4.3# python3 dagda.py history
[
{
"anomalies": 0,
"image_name": "alpine",
"libs_vulns": 0,
"malware_bins": 0,
"os_vulns": 0,
"reportid": "5bb2a613d8b9180001b13fb1",
"start_date": "2018-10-01 23:00:59.492841",
"status": "Unexpected exception of type DagdaError occured: '4depcheck output file [/tmp/4depcheck/alpine.json] not found.'"
}
]
bash-4.3# python3 dagda.py history alpine --d "5bb2a613d8b9180001b13fb1"
[
{
"id": "5bb2a613d8b9180001b13fb1",
"image_name": "alpine",
"static_analysis": {
"malware_binaries": [],
"os_packages": {
"ok_os_packages": 13,
"os_packages_details": [
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "musl",
"version": "1.1.19",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "busybox",
"version": "1.28.4",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "alpine-baselayout",
"version": "3.1.0",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "alpine-keys",
"version": "2.1",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "libressl2.7-libcrypto",
"version": "2.7.4",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "libressl2.7-libssl",
"version": "2.7.4",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "libressl2.7-libtls",
"version": "2.7.4",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "ssl_client",
"version": "1.28.4",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "zlib",
"version": "1.2.11",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "apk-tools",
"version": "2.10.1",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "scanelf",
"version": "1.2.3",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "musl-utils",
"version": "1.1.19",
"vulnerabilities": []
},
{
"is_false_positive": false,
"is_vulnerable": false,
"product": "libc-utils",
"version": "0.7.1",
"vulnerabilities": []
}
],
"total_os_packages": 13,
"vuln_os_packages": 0
},
"prog_lang_dependencies": {
"dependencies_details": {
"java": [],
"js": [],
"nodejs": [],
"php": [],
"python": [],
"ruby": []
},
"vuln_dependencies": 0
}
},
"status": "Unexpected exception of type DagdaError occured: '4depcheck output file [/tmp/4depcheck/alpine.json] not found.'",
"timestamp": "2018-10-01 23:00:59.492841"
}
]
bash-4.3#
Any idea what could be the reason ?
from dagda.
Hi @binoopnanu ,
If you have this error message, probably you have blocked the root user within containers execution in your environment. This issue is pending for fixed it in 4depcheck project:
If you run the same test in another environment, does dagda work fine? Could you inspect the docker logs for the 4depcheck containers?
from dagda.
Hi @binoopnanu,
Could you give me any feedback about this issue?
from dagda.
I close this issue because I have not any feedback about it for a long time.
Please, if the error persists, reopen it.
from dagda.
Related Issues (20)
- docker-compose instructions unclear and db error HOT 1
- docker-compose.yaml unfriendly to macos version of docker?
- dagda crashing when sent check job?
- Is it possible to run dagda as a container? HOT 1
- Unexpected exception of type RecursionError occurred: ('maximum recursion depth exceeded',)
- Unable to use python3 dagda.py vuln --init HOT 4
- Scanning image with included NPM project does not show NPM vulnerabilities HOT 1
- The problem of using docker-compose to build and deploy dagda is suspected to be a bug
- How to add custom falco rules HOT 1
- Vuln --init_status has been initializing and is never finishd
- docker image scan with dagda in standalone server mode. HOT 1
- Vuln --init fails HOT 2
- check result remains Analyzing HOT 1
- Dagda issue HOT 1
- Error while starting dagda (TypeError: an integer is required - got type bytes) HOT 3
- Scan containers running in K8s? HOT 1
- Many false-positives HOT 1
- Falcosecurity/ falco output file not found. HOT 4
- Publicly Accessible CVE Database
- docker compose build doesn't work: markupsafe dependency missing
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dagda.