search

ThePorgs / Exegol

Fully featured and community-driven hacking environment
https://exegol.readthedocs.io/
GNU General Public License v3.0
1.95k stars 191 forks source link

Add device /dev/net/tun for Docker Desktop #225

Closed exil-security closed 4 months ago

exil-security commented 4 months ago

The needs

The device /dev/net/tun can be pass through using the option --vpn but not using the --device directly using Docker Desktop on MacOS.

image

Description

We can add filter to allow this device /dev/net/tun on addUserDevice function to allow this device.

File: exegol/model/ContainerConfig.py

<SNIP>
def addUserDevice(self, user_device_config: str):
        """Add a device from a user parameters"""
        if EnvInfo.isDockerDesktop() and user_device_config != "/dev/net/tun" :
            logger.warning("Docker desktop (Windows & macOS) does not support USB device passthrough.")
            logger.verbose("Official doc: https://docs.docker.com/desktop/faqs/#can-i-pass-through-a-usb-device-to-a-container")
            logger.critical("Device configuration cannot be applied, aborting operation.")
        self.__addDevice(user_device_config)
<SNIP>

Adding fillter can fix the problem for the /dev/net/tun and still abort in case of other device like usb

image

Alternatives

Maybe create a whitelist of working devices on Docker Desktop on the future in order to allow the --device option for those devices

Additional context

No response

Dramelac commented 4 months ago

Suggested fix: https://github.com/ThePorgs/Exegol/pull/226