Closed oxr463 closed 2 years ago
oxr463
commented
2 years ago In https://github.com/infinite-omicron/pentesting-vm/blob/master/packer/scripts/dependencies.sh, we are assuming the commands will run as root. However, with the vagrant box, we are running as the vagrant user.
We could either do sudo su before installing the packages, or we could see about modifying the vagrant source to change the user before we provision.
outzhu
commented
2 years ago Does packer run the code as a step-by-step or does it try to run it all?
does this part run after the scripts part?
Do I change Vagrant's user in build.alpine.pkr.hcl or source.vagrant.pkr.hcl?
oxr463
commented
2 years ago Does packer run the code as a step-by-step or does it try to run it all?
Packer runs each of the scripts, one at a time.
does this part run after the scripts part?
That is the part that runs each of the scripts.
Do I change Vagrant's user in build.alpine.pkr.hcl or source.vagrant.pkr.hcl?
I'm thinking it would be in source.vagrant.pkr.hcl but you'll need to check.
outzhu
commented
2 years ago sorry meant https://github.com/infinite-omicron/pentesting-vm/blob/master/packer/build.alpine.pkr.hcl#L22
does this part run after the scripts part?
oxr463
commented
2 years ago sorry meant https://github.com/infinite-omicron/pentesting-vm/blob/master/packer/build.alpine.pkr.hcl#L22
The first shell provisioner runs before the second one.
outzhu
commented
2 years ago I added execute_command to the script part
execute_command = "echo 'vagrant' | sudo -S -E sh -c '{{ .Vars }} {{ .Path }}'"
Looks like it might have worked but it's taking a while to install go can you try testing it on your end?
My forked
I removed the Docker source since it also has permissions errors (denied connection to Docker daemon socket.) Will work on fixing those after Vagrant is fixed.
oxr463
commented
2 years ago I removed the Docker source since it also has permissions errors (denied connection to Docker daemon socket.) Will work on fixing those after Vagrant is fixed.
This fix isn't going to work once you put Docker back in because it there is no Vagrant user in the Docker image.
We need to run as root while provisioning Vagrant, like we do with Docker.
outzhu
commented
2 years ago I know but from what I found Packer doesn't have an option to run as root for everything so I'm doing one thing at a time.
outzhu
commented
2 years ago I decided to separate the sources into their own build. Trying to use one build is problematic since I can't find a solution that solves both Vagrant & Docker permission errors.
Testing new file structure, using sudo packer build . to fix Docker.
build {
name = "pentesting-vm"
description = "Penetration Testing Virtual Machine"
sources = [
"source.vagrant.alpine"
]
provisioner "shell" {
scripts = [
"scripts/dependencies.sh",
"scripts/apktool.sh",
"scripts/dex2jar.sh",
"scripts/jd_cmd.sh",
"scripts/mobsf.sh"
"scripts/theharvester.sh",
"scripts/zaproxy.sh"
]
execute_command = "echo 'vagrant' | sudo -S -E sh -c '{{ .Vars }} {{ .Path }}'"
}
provisioner "shell" {
/* Fix permissions */
inline = ["chown -R root:root /opt"]
}
}
build {
name = "pentesting-vm"
description = "Penetration Testing Virtual Machine"
sources = [
"source.docker.alpine"
]
provisioner "shell" {
scripts = [
"scripts/dependencies.sh",
"scripts/apktool.sh",
"scripts/dex2jar.sh",
"scripts/jd_cmd.sh",
"scripts/mobsf.sh",
"scripts/theharvester.sh",
"scripts/zaproxy.sh"
]
}
provisioner "shell" {
/* Fix permissions */
inline = ["chown -R root:root /opt"]
}
}Look likes the errors are now from the scripts which have their own open issues to solve.
oxr463
commented
2 years ago That's awesome! Can you create a PR? Also, should we change the names of the buillds, e.g., pentesting-docker and pentesting-vagrant?
Originally posted by @outzhu in https://github.com/infinite-omicron/pentesting-vm/issues/17#issuecomment-1134702705