search

hubblestack / hubble

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
Apache License 2.0
379 stars 87 forks source link

Dockerfile - osquery packaging broken #895

Closed zachsis closed 3 years ago

zachsis commented 4 years ago

Hello,

when I build the osquery package first, that runs and completes. When copying the osquery_4hubble.tar to pkg/ubuntu1804/ (copy of pkg/debian10/) and running docker build -t 'ubuntu:bionic' . it gets to the following step and fails:

https://github.com/hubblestack/hubble/blob/6456af53c5eff10a7ca91ecba4abdbfe18e8084e/pkg/debian10/Dockerfile#L121

[zach@atreides:~/hubble/pkg/ubuntu1804/tmp]$ docker build -t 'ubuntu:bionic' .
...
Step 31/49 : RUN /opt/osquery/osqueryi --version
 ---> Running in 101b428b975b
/bin/sh: 1: /opt/osquery/osqueryi: not found
The command '/bin/sh -c /opt/osquery/osqueryi --version' returned a non-zero code: 127

and fails when it tries to run /opt/osquery/osqueryi which doesn't exist in the tarball that gets made in the previous step. Here are the contents of the osquery_4hubble.tar file. Notice that osqueryi is not in the tarball that gets made. 

[zach@atreides:~/hubble/pkg/ubuntu1804/tmp]$ tar -tvvf osquery_4hubble.tar
dr-x------ root/root         0 2020-08-04 00:09 extensions/
dr-x------ root/root         0 2020-08-04 00:09 lenses/
-r-x------ root/root      1602 2020-08-04 00:09 lenses/afs_cellalias.aug
-r-x------ root/root     10287 2020-08-04 00:09 lenses/mdadm_conf.aug
-r-x------ root/root      4120 2020-08-04 00:09 lenses/xinetd.aug
-r-x------ root/root      4426 2020-08-04 00:09 lenses/hosts_access.aug
-r-x------ root/root       869 2020-08-04 00:09 lenses/collectd.aug
-r-x------ root/root       745 2020-08-04 00:09 lenses/shells.aug
-r-x------ root/root      3087 2020-08-04 00:09 lenses/crypttab.aug
-r-x------ root/root      2151 2020-08-04 00:09 lenses/postgresql.aug
-r-x------ root/root      1966 2020-08-04 00:09 lenses/wine.aug
-r-x------ root/root      1449 2020-08-04 00:09 lenses/spacevars.aug
-r-x------ root/root      1697 2020-08-04 00:09 lenses/puppetfile.aug
-r-x------ root/root      9502 2020-08-04 00:09 lenses/fai_diskconfig.aug
-r-x------ root/root     17045 2020-08-04 00:09 lenses/build.aug
-r-x------ root/root      1386 2020-08-04 00:09 lenses/jmxaccess.aug
-r-x------ root/root       726 2020-08-04 00:09 lenses/aptcacherngsecurity.aug
-r-x------ root/root      3736 2020-08-04 00:09 lenses/bootconf.aug
-r-x------ root/root     22817 2020-08-04 00:09 lenses/openvpn.aug
-r-x------ root/root      4432 2020-08-04 00:09 lenses/erlang.aug
-r-x------ root/root       781 2020-08-04 00:09 lenses/smbusers.aug
-r-x------ root/root     15859 2020-08-04 00:09 lenses/inifile.aug
-r-x------ root/root      4783 2020-08-04 00:09 lenses/mke2fs.aug
-r-x------ root/root      3947 2020-08-04 00:09 lenses/phpvars.aug
-r-x------ root/root       741 2020-08-04 00:09 lenses/modules.aug
-r-x------ root/root      3447 2020-08-04 00:09 lenses/cgconfig.aug
-r-x------ root/root      2314 2020-08-04 00:09 lenses/xymon.aug
-r-x------ root/root       398 2020-08-04 00:09 lenses/cobblermodules.aug
-r-x------ root/root      1306 2020-08-04 00:09 lenses/sep.aug
-r-x------ root/root      1080 2020-08-04 00:09 lenses/protocols.aug
-r-x------ root/root      1130 2020-08-04 00:09 lenses/rhsm.aug
-r-x------ root/root      2424 2020-08-04 00:09 lenses/exports.aug
-r-x------ root/root      1546 2020-08-04 00:09 lenses/cyrus_imapd.aug
-r-x------ root/root      2727 2020-08-04 00:09 lenses/rsyslog.aug
-r-x------ root/root      2138 2020-08-04 00:09 lenses/nagioscfg.aug
-r-x------ root/root     11957 2020-08-04 00:09 lenses/shellvars.aug
-r-x------ root/root     10111 2020-08-04 00:09 lenses/nslcd.aug
-r-x------ root/root      1662 2020-08-04 00:09 lenses/inputrc.aug
-r-x------ root/root      2329 2020-08-04 00:09 lenses/nsswitch.aug
-r-x------ root/root      3228 2020-08-04 00:09 lenses/solaris_system.aug
-r-x------ root/root      4071 2020-08-04 00:09 lenses/dovecot.aug
-r-x------ root/root      2065 2020-08-04 00:09 lenses/limits.aug
-r-x------ root/root      1450 2020-08-04 00:09 lenses/odbc.aug
-r-x------ root/root      7464 2020-08-04 00:09 lenses/httpd.aug
-r-x------ root/root      2264 2020-08-04 00:09 lenses/up2date.aug
-r-x------ root/root      2216 2020-08-04 00:09 lenses/lokkit.aug
-r-x------ root/root      1574 2020-08-04 00:09 lenses/carbon.aug
-r-x------ root/root      4187 2020-08-04 00:09 lenses/multipath.aug
-r-x------ root/root       638 2020-08-04 00:09 lenses/pbuilder.aug
-r-x------ root/root      3669 2020-08-04 00:09 lenses/access.aug
-r-x------ root/root     16330 2020-08-04 00:09 lenses/squid.aug
-r-x------ root/root     13000 2020-08-04 00:09 lenses/chrony.aug
-r-x------ root/root      6274 2020-08-04 00:09 lenses/krb5.aug
-r-x------ root/root       459 2020-08-04 00:09 lenses/cups.aug
-r-x------ root/root       323 2020-08-04 00:09 lenses/iproute2.aug
-r-x------ root/root       719 2020-08-04 00:09 lenses/ceph.aug
-r-x------ root/root      1257 2020-08-04 00:09 lenses/webmin.aug
-r-x------ root/root      3988 2020-08-04 00:09 lenses/aptconf.aug
-r-x------ root/root       819 2020-08-04 00:09 lenses/fonts.aug
-r-x------ root/root      2023 2020-08-04 00:09 lenses/aptsources.aug
-r-x------ root/root       780 2020-08-04 00:09 lenses/inittab.aug
-r-x------ root/root      1994 2020-08-04 00:09 lenses/mysql.aug
-r-x------ root/root      4158 2020-08-04 00:09 lenses/rx.aug
-r-x------ root/root      1610 2020-08-04 00:09 lenses/getcap.aug
-r-x------ root/root      1097 2020-08-04 00:09 lenses/xendconfsxp.aug
-r-x------ root/root       788 2020-08-04 00:09 lenses/rmt.aug
-r-x------ root/root      1014 2020-08-04 00:09 lenses/backuppchosts.aug
-r-x------ root/root      2977 2020-08-04 00:09 lenses/kdump.aug
-r-x------ root/root      1201 2020-08-04 00:09 lenses/mongodbserver.aug
-r-x------ root/root      1841 2020-08-04 00:09 lenses/gdm.aug
-r-x------ root/root      1756 2020-08-04 00:09 lenses/vfstab.aug
-r-x------ root/root      4706 2020-08-04 00:09 lenses/redis.aug
-r-x------ root/root      5604 2020-08-04 00:09 lenses/reprepro_uploaders.aug
-r-x------ root/root      1044 2020-08-04 00:09 lenses/openshift_quickstarts.aug
-r-x------ root/root      2079 2020-08-04 00:09 lenses/lvm.aug
-r-x------ root/root       485 2020-08-04 00:09 lenses/hosts.aug
-r-x------ root/root      4468 2020-08-04 00:09 lenses/masterpasswd.aug
-r-x------ root/root       422 2020-08-04 00:09 lenses/hostname.aug
-r-x------ root/root      1422 2020-08-04 00:09 lenses/desktop.aug
-r-x------ root/root      1286 2020-08-04 00:09 lenses/approx.aug
-r-x------ root/root      2058 2020-08-04 00:09 lenses/json.aug
-r-x------ root/root      4148 2020-08-04 00:09 lenses/automounter.aug
-r-x------ root/root      2404 2020-08-04 00:09 lenses/shadow.aug
-r-x------ root/root      1290 2020-08-04 00:09 lenses/cron_user.aug
-r-x------ root/root      4804 2020-08-04 00:09 lenses/rabbitmq.aug
-r-x------ root/root      7833 2020-08-04 00:09 lenses/ldif.aug
-r-x------ root/root      4963 2020-08-04 00:09 lenses/util.aug
-r-x------ root/root      4095 2020-08-04 00:09 lenses/sshd.aug
-r-x------ root/root      1116 2020-08-04 00:09 lenses/networks.aug
-r-x------ root/root      2231 2020-08-04 00:09 lenses/aliases.aug
-r-x------ root/root      1755 2020-08-04 00:09 lenses/samba.aug
-r-x------ root/root      5327 2020-08-04 00:09 lenses/slapd.aug
-r-x------ root/root      1941 2020-08-04 00:09 lenses/host_conf.aug
-r-x------ root/root      5790 2020-08-04 00:09 lenses/systemd.aug
-r-x------ root/root      4861 2020-08-04 00:09 lenses/ntpd.aug
-r-x------ root/root       864 2020-08-04 00:09 lenses/activemq_xml.aug
-r-x------ root/root      3043 2020-08-04 00:09 lenses/pg_hba.aug
-r-x------ root/root      2182 2020-08-04 00:09 lenses/monit.aug
-r-x------ root/root      1699 2020-08-04 00:09 lenses/mailscanner.aug
-r-x------ root/root      1384 2020-08-04 00:09 lenses/oz.aug
-r-x------ root/root      6365 2020-08-04 00:09 lenses/inetd.aug
-r-x------ root/root       861 2020-08-04 00:09 lenses/sssd.aug
-r-x------ root/root       615 2020-08-04 00:09 lenses/login_defs.aug
-r-x------ root/root      6481 2020-08-04 00:09 lenses/xml.aug
-r-x------ root/root      2240 2020-08-04 00:09 lenses/gshadow.aug
-r-x------ root/root      1677 2020-08-04 00:09 lenses/splunk.aug
-r-x------ root/root      1518 2020-08-04 00:09 lenses/radicale.aug
-r-x------ root/root       773 2020-08-04 00:09 lenses/darkice.aug
-r-x------ root/root       670 2020-08-04 00:09 lenses/qpid.aug
-r-x------ root/root       898 2020-08-04 00:09 lenses/koji.aug
-r-x------ root/root      2663 2020-08-04 00:09 lenses/pagekite.aug
-r-x------ root/root      1462 2020-08-04 00:09 lenses/pgbouncer.aug
-r-x------ root/root      1155 2020-08-04 00:09 lenses/simplelines.aug
-r-x------ root/root       702 2020-08-04 00:09 lenses/vmware_config.aug
-r-x------ root/root      3391 2020-08-04 00:09 lenses/automaster.aug
-r-x------ root/root       663 2020-08-04 00:09 lenses/ethers.aug
-r-x------ root/root       871 2020-08-04 00:09 lenses/fuse.aug
-r-x------ root/root      1552 2020-08-04 00:09 lenses/jettyrealm.aug
-r-x------ root/root      6868 2020-08-04 00:09 lenses/quote.aug
-r-x------ root/root      2615 2020-08-04 00:09 lenses/sysconfig_route.aug
-r-x------ root/root      2785 2020-08-04 00:09 lenses/vsftpd.aug
-r-x------ root/root      1085 2020-08-04 00:09 lenses/ldso.aug
-r-x------ root/root      1272 2020-08-04 00:09 lenses/memcached.aug
-r-x------ root/root       684 2020-08-04 00:09 lenses/iscsid.aug
-r-x------ root/root      3107 2020-08-04 00:09 lenses/tmpfiles.aug
-r-x------ root/root       697 2020-08-04 00:09 lenses/postfix_sasl_smtpd.aug
-r-x------ root/root      2213 2020-08-04 00:09 lenses/dput.aug
-r-x------ root/root      3929 2020-08-04 00:09 lenses/channels.aug
-r-x------ root/root      1347 2020-08-04 00:09 lenses/postfix_virtual.aug
-r-x------ root/root      1112 2020-08-04 00:09 lenses/mcollective.aug
-r-x------ root/root      1424 2020-08-04 00:09 lenses/simplevars.aug
-r-x------ root/root       620 2020-08-04 00:09 lenses/device_map.aug
-r-x------ root/root      2703 2020-08-04 00:09 lenses/iptables.aug
-r-x------ root/root      1212 2020-08-04 00:09 lenses/csv.aug
-r-x------ root/root      1159 2020-08-04 00:09 lenses/updatedb.aug
-r-x------ root/root      5376 2020-08-04 00:09 lenses/ntp.aug
-r-x------ root/root      1555 2020-08-04 00:09 lenses/postfix_main.aug
-r-x------ root/root      2260 2020-08-04 00:09 lenses/stunnel.aug
-r-x------ root/root      1167 2020-08-04 00:09 lenses/soma.aug
-r-x------ root/root      7415 2020-08-04 00:09 lenses/syslog.aug
-r-x------ root/root      4733 2020-08-04 00:09 lenses/interfaces.aug
-r-x------ root/root      1224 2020-08-04 00:09 lenses/fstab.aug
-r-x------ root/root      3752 2020-08-04 00:09 lenses/ssh.aug
-r-x------ root/root      2911 2020-08-04 00:09 lenses/mailscanner_rules.aug
-r-x------ root/root       450 2020-08-04 00:09 lenses/securetty.aug
-r-x------ root/root      3190 2020-08-04 00:09 lenses/puppetfileserver.aug
-r-x------ root/root      3609 2020-08-04 00:09 lenses/passwd.aug
-r-x------ root/root      2393 2020-08-04 00:09 lenses/php.aug
-r-x------ root/root      2051 2020-08-04 00:09 lenses/cachefilesd.aug
-r-x------ root/root      1558 2020-08-04 00:09 lenses/puppet.aug
-r-x------ root/root      1345 2020-08-04 00:09 lenses/thttpd.aug
-r-x------ root/root      1437 2020-08-04 00:09 lenses/yaml.aug
-r-x------ root/root      2524 2020-08-04 00:09 lenses/openshift_config.aug
-r-x------ root/root      4143 2020-08-04 00:09 lenses/cron.aug
-r-x------ root/root      1789 2020-08-04 00:09 lenses/nrpe.aug
-r-x------ root/root      1793 2020-08-04 00:09 lenses/lightdm.aug
-r-x------ root/root      1703 2020-08-04 00:09 lenses/group.aug
-r-x------ root/root      1050 2020-08-04 00:09 lenses/termcap.aug
-r-x------ root/root      1043 2020-08-04 00:09 lenses/htpasswd.aug
-r-x------ root/root      3149 2020-08-04 00:09 lenses/opendkim.aug
-r-x------ root/root      2293 2020-08-04 00:09 lenses/cobblersettings.aug
-r-x------ root/root      2017 2020-08-04 00:09 lenses/rsyncd.aug
-r-x------ root/root      1417 2020-08-04 00:09 lenses/avahi.aug
-r-x------ root/root      1256 2020-08-04 00:09 lenses/pamconf.aug
-r-x------ root/root      1570 2020-08-04 00:09 lenses/clamav.aug
-r-x------ root/root      2240 2020-08-04 00:09 lenses/yum.aug
-r-x------ root/root      1732 2020-08-04 00:09 lenses/netmasks.aug
-r-x------ root/root      1832 2020-08-04 00:09 lenses/schroot.aug
-r-x------ root/root      2852 2020-08-04 00:09 lenses/dpkg.aug
-r-x------ root/root       771 2020-08-04 00:09 lenses/postfix_access.aug
-r-x------ root/root      1979 2020-08-04 00:09 lenses/known_hosts.aug
-r-x------ root/root      3555 2020-08-04 00:09 lenses/nginx.aug
-r-x------ root/root      1612 2020-08-04 00:09 lenses/jaas.aug
-r-x------ root/root      2545 2020-08-04 00:09 lenses/anacron.aug
-r-x------ root/root      1651 2020-08-04 00:09 lenses/sip_conf.aug
-r-x------ root/root     21379 2020-08-04 00:09 lenses/dhcpd.aug
-r-x------ root/root      3420 2020-08-04 00:09 lenses/modprobe.aug
-r-x------ root/root       923 2020-08-04 00:09 lenses/sysctl.aug
-r-x------ root/root      9835 2020-08-04 00:09 lenses/grub.aug
-r-x------ root/root      2550 2020-08-04 00:09 lenses/sysconfig.aug
-r-x------ root/root      1779 2020-08-04 00:09 lenses/shellvars_list.aug
-r-x------ root/root      6259 2020-08-04 00:09 lenses/xymon_alerting.aug
-r-x------ root/root       854 2020-08-04 00:09 lenses/rtadvd.aug
-r-x------ root/root     10958 2020-08-04 00:09 lenses/keepalived.aug
-r-x------ root/root     20458 2020-08-04 00:09 lenses/sudoers.aug
-r-x------ root/root      2209 2020-08-04 00:09 lenses/dnsmasq.aug
-r-x------ root/root      2359 2020-08-04 00:09 lenses/pylonspaste.aug
-r-x------ root/root      2963 2020-08-04 00:09 lenses/dns_zone.aug
-r-x------ root/root      6770 2020-08-04 00:09 lenses/dhclient.aug
-r-x------ root/root      3701 2020-08-04 00:09 lenses/debctrl.aug
-r-x------ root/root      2001 2020-08-04 00:09 lenses/puppet_auth.aug
-r-x------ root/root      4342 2020-08-04 00:09 lenses/bbhosts.aug
-r-x------ root/root      1473 2020-08-04 00:09 lenses/logwatch.aug
-r-x------ root/root      1883 2020-08-04 00:09 lenses/authorized_keys.aug
-r-x------ root/root      1135 2020-08-04 00:09 lenses/apt_update_manager.aug
-r-x------ root/root       824 2020-08-04 00:09 lenses/cpanel.aug
-r-x------ root/root      1312 2020-08-04 00:09 lenses/postfix_passwordmap.aug
-r-x------ root/root      2817 2020-08-04 00:09 lenses/subversion.aug
-r-x------ root/root      2887 2020-08-04 00:09 lenses/services.aug
-r-x------ root/root      2327 2020-08-04 00:09 lenses/properties.aug
-r-x------ root/root      1375 2020-08-04 00:09 lenses/jmxpassword.aug
-r-x------ root/root      2298 2020-08-04 00:09 lenses/pam.aug
-r-x------ root/root      1052 2020-08-04 00:09 lenses/openshift_http.aug
-r-x------ root/root      1604 2020-08-04 00:09 lenses/nagiosobjects.aug
-r-x------ root/root      2035 2020-08-04 00:09 lenses/pythonpaste.aug
-r-x------ root/root      1513 2020-08-04 00:09 lenses/postfix_transport.aug
-r-x------ root/root      2047 2020-08-04 00:09 lenses/networkmanager.aug
-r-x------ root/root      4303 2020-08-04 00:09 lenses/logrotate.aug
-r-x------ root/root      3939 2020-08-04 00:09 lenses/resolv.aug
-r-x------ root/root      1068 2020-08-04 00:09 lenses/modules_conf.aug
-r-x------ root/root      1831 2020-08-04 00:09 lenses/aptpreferences.aug
-r-x------ root/root      2432 2020-08-04 00:09 lenses/cgrules.aug
-r-x------ root/root       941 2020-08-04 00:09 lenses/star.aug
-r-x------ root/root      1509 2020-08-04 00:09 lenses/activemq_conf.aug
-r-x------ root/root       387 2020-08-04 00:09 lenses/tuned.aug
-r-x------ root/root       855 2020-08-04 00:09 lenses/gtkbookmarks.aug
-r-x------ root/root      4110 2020-08-04 00:09 lenses/trapperkeeper.aug
-r-x------ root/root     10361 2020-08-04 00:09 lenses/xorg.aug
-r-x------ root/root      1941 2020-08-04 00:09 lenses/postfix_master.aug
-r-x------ root/root  27694552 2020-08-04 00:09 osqueryd
dr-x------ root/root         0 2020-08-04 00:09 yara/

Please note that I copied the hubble/pkg/debian10/ folder to hubble/pkg/ubuntu1804/ and changed the FROM debian:10 to FROM ubuntu:bionic.

MoodyMudit commented 4 years ago

Noted. Will fix this.