Zenn
🤐

ポートスキャナ自作で始めるペネトレーションテストの2章で起動するDockerコンテナが起動できない

2024/07/14に公開
Docker
pentest
tech
------
 > [bind  2/13] RUN yum -y update     && yum -y groupinstall "Development Tools"     && yum install -y epel-release     && yum -y install kernel-devel kernel-headers openssl-devel perl-Net-DNS bind-utils vim tar python-pip     && pip --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org install argparse ply:
0.264 Loaded plugins: fastestmirror, ovl
0.337 Determining fastest mirrors
0.462 Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was
0.462 14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
0.463 
0.463 
0.463  One of the configured repositories failed (Unknown),
0.463  and yum doesn't have enough cached data to continue. At this point the only
0.463  safe thing yum can do is fail. There are a few ways to work "fix" this:
0.463 
0.463      1. Contact the upstream for the repository and get them to fix the problem.
0.463 
0.463      2. Reconfigure the baseurl/etc. for the repository, to point to a working
0.463         upstream. This is most often useful if you are using a newer
0.463         distribution release than is supported by the repository (and the
0.463         packages for the previous distribution release still work).
0.463 
0.463      3. Run the command with the repository temporarily disabled
0.463             yum --disablerepo=<repoid> ...
0.463 
0.463      4. Disable the repository permanently, so yum won't use it by default. Yum
0.463         will then just ignore the repository until you permanently enable it
0.463         again or use --enablerepo for temporary usage:
0.463 
0.463             yum-config-manager --disable <repoid>
0.463         or
0.463             subscription-manager repos --disable=<repoid>
0.463 
0.463      5. Configure the failing repository to be skipped, if it is unavailable.
0.463         Note that yum will try to contact the repo. when it runs most commands,
0.463         so will have to try and fail each time (and thus. yum will be be much
0.463         slower). If it is a very temporary problem though, this is often a nice
0.463         compromise:
0.463 
0.463             yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
0.463 
0.463 Cannot find a valid baseurl for repo: base/7/x86_64
------
failed to solve: process "/bin/sh -c yum -y update     && yum -y groupinstall \"Development Tools\"     && yum install -y epel-release     && yum -y install kernel-devel kernel-headers openssl-devel perl-Net-DNS bind-utils vim tar python-pip     && pip --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org install argparse ply" did not complete successfully: exit code: 1

解決方法

centos7のサポート終了により、mirrorlist.centos.orgが存在しなくなったから参照できずエラーが発生したようだ.そのため,サービス終了後のリポジトリを参照するように変更すればOK

5~9行目を以下のように書き換える.
~/pentest-starting-with-port-scanner/containers/bind/Dockerfile

- RUN yum -y update \
+ RUN sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* && \
+     sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* && \
+     yum -y update && yum clean all && \
      yum -y groupinstall "Development Tools" && \
      yum install -y epel-release && \
      yum -y install kernel-devel kernel-headers openssl-devel perl-Net-DNS bind-utils vim tar python-pip && \
      pip --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org install argparse ply

参考文献

https://qiita.com/vossibop/items/d4fc4c94e5b7714e3a8c

Discussion