Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-05-03 13:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

hardening

Browse source
This commit is contained in:
Marco Ochse 2018-05-18 20:05:52 +00:00
parent 114997308b
commit 77cd9df8f7
2 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docker/glutton/Dockerfile
View file

@ -11,6 +11,7 @@ RUN apk -U --no-cache add \
g++ \ g++ \
iptables-dev \ iptables-dev \
libnetfilter_queue-dev \ libnetfilter_queue-dev \
libcap \
libpcap-dev && \ libpcap-dev && \
# Setup go, glutton # Setup go, glutton
@ -26,6 +27,8 @@ RUN apk -U --no-cache add \
mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \ mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \
mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \ mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \
mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \ mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \
setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \
setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-multi && \
# Setup user, groups and configs # Setup user, groups and configs
addgroup -g 2000 glutton && \ addgroup -g 2000 glutton && \
@ -44,4 +47,5 @@ RUN apk -U --no-cache add \
# Start glutton # Start glutton
WORKDIR /opt/glutton WORKDIR /opt/glutton
USER glutton:glutton
CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log

3
docker/glutton/docker-compose.yml
View file

@ -1,5 +1,4 @@
# For docker-compose ... version: '2.3'
version: '2.2'
services: services: