Comments (9)
It will refuse to run inside Docker as root at all with the Must drop privileges
error. After I patched out that check, it runs just fine.
I run snmpsim inside a CI environment which always runs its jobs as uid=0 and I tried the --process-user=nobody
and --process-group=nogroup
arguments but then I ran into tempfiles permission errors (presumably fixed by e9e1d5b but not released), so I gave up and patched out that check.
from snmpsim.
do you meet any issue when running snmpsim in docker?
from snmpsim.
It will refuse to run inside Docker as root at all with the
Must drop privileges
error. After I patched out that check, it runs just fine.I run snmpsim inside a CI environment which always runs its jobs as uid=0 and I tried the
--process-user=nobody
and--process-group=nogroup
arguments but then I ran into tempfiles permission errors (presumably fixed by e9e1d5b but not released), so I gave up and patched out that check.
can you try with the master edition?
from snmpsim.
Regardless whether master works or not, I think the uid check needs to go or be disableable.
from snmpsim.
I totally understand what you concern about, but, not fix the issue by talking, I would say each layer has different specs to consider. Make a note about the steps what I did for a workaround:
- requirement.txt for docer
snmpsim @ https://github.com/etingof/snmpsim/zipball/master
- Dockerfile
# Pull base image
FROM python:3.9.0-alpine3.12
MAINTAINER [email protected]
# Set environment variables
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
# Update
RUN apk update && apk upgrade
RUN apk add build-base gcc
# set work directory
RUN mkdir /usr/test
# copy project
COPY ./requirements.txt /usr/test/requirements.txt
WORKDIR /usr/test
# install dependencies
RUN pip install --no-cache-dir --upgrade pip
# RUN pip install --no-cache-dir -U -r requirements-git.txt
RUN pip install --no-cache-dir -U -r requirements.txt
# Cleanup
Run rm -rf /var/cache/apk/* /root/.node-gyp /usr/share/man /tmp/*
- build then run the container with
docker run snmpsim /bin/sh -c "snmpsim-command-responder --process-user=nobody --process-group=nogroup --agent-udpv4-endpoint=127.0.0.1:1024"
and
docker run snmpsim /bin/sh -c "snmpsim-command-responder --process-user=root --process-group=root --agent-udpv4-endpoint=127.0.0.1:1024"
from snmpsim.
I use poetry and have snmpsim as a devDependency like
[tool.poetry.dev-dependencies]
snmpsim = "^0.4.7"
I guess I can try changing that to point to github master and try the uid/gid workaround, but it's just that, a workaround. I'm of the strong opinion that such uid checks have no place in a module like this.
I'm aware that it's dangerous to run stuff as root, but I accept that risk because my CI environment does not offer any other option and it's not inherently unsafe because it runs in a isolated container.
from snmpsim.
I agree with silverwind, the workaround is completely non-obvious, who would have thought you can provide root to process-user. I've spent a day messing with the permissions until i stumbled upon this issue.
from snmpsim.
https://github.com/lextudio/snmpsim has removed this uid check, so I'll be using that.
from snmpsim.
Seems I mislooked and snmpsim-lextudio
still features this stupd uid check, so I'm back to monkey-patching.
Reason I have to do it is I'm running inside a specific CI environment where it's not easy to drop privileges like it would in plain docker. moby/moby#2259 is also a dependency.
from snmpsim.
Related Issues (20)
- SNMP communication HOT 8
- snmplabs.com HOT 6
- SnmpV3 HOT 6
- snmp simulator HOT 2
- IP and Port number in snmp simulator HOT 6
- Can the daemon return random values? HOT 1
- Not dumping to .snmprec and not populating SQL table HOT 1
- Unable to record from MIB HOT 6
- Permissions problems running snmpsim as root
- snmpbulkwalk times out
- Cannot Import UTILS from SNMPSIM
- Unable to import utils
- snmpsim-command-responder: command not found on installing with pip HOT 1
- Cannot retrieve data from snmpsim with SNMP V3 HOT 1
- decodeMessageVersion takes 3 positional arguments but 4 were given. Cannot connect to the agent using SNMP Walk HOT 18
- snmpsimd.py is crashing on startup HOT 1
- No context in SNMP V3? HOT 4
- Any way to make mib2rec.py automatic?
- Cannot retrieve any data from simulator using any version HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snmpsim.