search

docker / docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
Apache License 2.0
9.17k stars 1.02k forks source link

bash not available within Alpine:3.13 #473

Closed denhamparry closed 3 years ago

denhamparry commented 3 years ago

I've tried building the Dockerfile locally, and when attempting to run the following error is returned when the container starts [dumb-init] docker-bench-security.sh: No such file or directory.

Looking into the docker-bench-security.sh script, I can see that it has been updated to use /bin/bash, and this isn't available within the base image FROM Alpine:3.13.

Steps to Replicate

git clone https://github.com/docker/docker-bench-security.git
cd docker-bench-security
docker build -t docker-bench-security .
docker run -it --net host --pid host --cap-add audit_control \
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
-v /var/lib:/var/lib \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/lib/systemd:/usr/lib/systemd \
-v /etc:/etc --label docker_bench_security \
docker-bench-security

Output

[dumb-init] docker-bench-security.sh: No such file or directory