You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm starting to work on the pull-request for SSH hardening in Alpine by setting up the tests. I noticed that calling the init system like you do with systemd in all the other distros doesn't work and it looks like that the openrc package needs to be installed in order to get services up and running for testing the role.
Expected behavior
Calling /sbin/init (or whatever is appropriate) in the alpine-ansible-latest image has the same general effect as calling /lib/systemd/systemd in the debian12-ansible-latest for the purposes of testing the devsec.hardening collection. As in it starts the indicated init system.
Actual behavior
Manually run:
$ docker run -it rndmh3ro/docker-alpine-ansible /sbin/init
can't run '/sbin/openrc': No such file or directory
can't run '/sbin/openrc': No such file or directory
can't run '/sbin/openrc': No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
can't open /dev/tty1: No such file or directory
can't open /dev/tty2: No such file or directory
can't open /dev/tty3: No such file or directory
can't open /dev/tty4: No such file or directory
can't open /dev/tty5: No such file or directory
can't open /dev/tty6: No such file or directory
<ctrl-c here>
can't run '/sbin/openrc': No such file or directory
The system is going down NOW!
Sent SIGTERM to all processes
Sent SIGKILL to all processes
Requesting system reboot
The CI for devsec.ssh_hardening (with Alpine added) fails in a funny way in the prepare step that I suspect is due to the lack of openrc. The internet says this is likely due to the container not being available.
PLAY [Wrapper playbook for kitchen testing "ansible-ssh-hardening" with default settings] ***
TASK [Gathering Facts] *********************************************************
Wednesday 03 April 2024 15:58:44 +0000 (0:00:00.010) 0:00:00.010 *******
fatal: [instance]: UNREACHABLE! => {"changed": false, "msg": "Failed to create temporary directory. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p \"` echo unable to find user ansible: no matching entries in passwd file/.ansible/tmp `\"&& mkdir \"` echo unable to find user ansible: no matching entries in passwd file/.ansible/tmp/ansible-tmp-1712159924.476709-2657-37920254182010 `\" && echo ansible-tmp-1712159924.476709-2657-37920254182010=\"` echo unable to find user ansible: no matching entries in passwd file/.ansible/tmp/ansible-tmp-1712159924.476709-2657-37920254182010 `\" ), exited with result 126, stdout output: unable to find user ansible: no matching entries in passwd file\r\n", "unreachable": true}
PLAY RECAP *********************************************************************
instance : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
Example Playbook
I'm not sure if this is relevant but it's failing in the prepare.yml in the molecule tests in the CI for devsec.ssh_hardening, but that's before it gets to the container.
OS / Environment
The manual run was with an Ubuntu 22.04 host using Docker version 26.0.0, build 2ae903e.
Describe the bug
I'm starting to work on the pull-request for SSH hardening in Alpine by setting up the tests. I noticed that calling the init system like you do with systemd in all the other distros doesn't work and it looks like that the
openrc
package needs to be installed in order to get services up and running for testing the role.Expected behavior
Calling
/sbin/init
(or whatever is appropriate) in thealpine-ansible-latest
image has the same general effect as calling/lib/systemd/systemd
in thedebian12-ansible-latest
for the purposes of testing thedevsec.hardening
collection. As in it starts the indicated init system.Actual behavior
Manually run:
The CI for
devsec.ssh_hardening
(with Alpine added) fails in a funny way in the prepare step that I suspect is due to the lack of openrc. The internet says this is likely due to the container not being available.The run with debug mode on is here.
Example Playbook
I'm not sure if this is relevant but it's failing in the prepare.yml in the molecule tests in the CI for
devsec.ssh_hardening
, but that's before it gets to the container.OS / Environment
The manual run was with an Ubuntu 22.04 host using Docker version 26.0.0, build 2ae903e.
The CI output is from github using your CI config with alpine added. https://github.com/haxwithaxe/ansible-collection-hardening/blob/feature/alpine-ssh-hardening-dev/.github/workflows/ssh_hardening.yml
Ansible Version
From the CI output before molecule has started:
From the image in question:
Role Version
Not applicable.
Additional context
Thanks for maintaining these docker images!
The text was updated successfully, but these errors were encountered: