search

dperson / samba

Samba docker container
GNU Affero General Public License v3.0
1.52k stars 514 forks source link

Set fixed version alpine:3.15 #397

Closed Erriez closed 2 years ago

Erriez commented 2 years ago

The latest images on DockerHub are based on alpine:3.12 and contains vulnerability issues as reported in #379. Set fixed version alpine:3.15 and rebuild/push images to fix vulnerability issues.

Executable smbd v4.15.2 no longer accepts -S option (-S, --log-stdout Log to stdout) in samba.sh and shows error Invalid option -FS: unknown option. For this reason, option -S removed.

# Apply diff, then rebuild image
$ docker build -t erriez/samba:latest .

$ docker exec -it samba-erriez_samba_1 smbd --version
Version 4.15.2

$ docker exec -it samba-erriez_samba_1 smbd --help
Usage: smbd [OPTION...]
  -b, --build-options                     Print build options
  -p, --port=STRING                       Listen on the specified ports
  -P, --profiling-level=PROFILE_LEVEL     Set profiling level

Help options:
  -?, --help                              Show this help message
      --usage                             Display brief usage message

Common Samba options:
  -d, --debuglevel=DEBUGLEVEL             Set debug level
      --debug-stdout                      Send debug output to standard output
  -s, --configfile=CONFIGFILE             Use alternative configuration file
      --option=name=value                 Set smb.conf option from command line
  -l, --log-basename=LOGFILEBASE          Basename for log/debug files
      --leak-report                       enable talloc leak reporting on exit
      --leak-report-full                  enable full talloc leak reporting on exit

Daemon options:
  -D, --daemon                            Become a daemon (default)
  -i, --interactive                       Run interactive (not a daemon) and log to stdout
  -F, --foreground                        Run daemon in foreground (for daemontools, etc.)
      --no-process-group                  Don't create a new process group

Version options:
  -V, --version                           Print version

# Scan with updated alpine:3.15 (today's report 19 December 2021)
$ docker scan erriez/samba:latest

Testing erriez/samba:latest...

Package manager:   apk
Project name:      docker-image|erriez/samba
Docker image:      erriez/samba:latest
Platform:          linux/amd64
Base image:        alpine:3.15.0

✓ Tested 64 dependencies for known vulnerabilities, no vulnerable paths found.

According to our scan, you are currently using the most secure version of the selected base image