You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I'm currently trying to scan some containers with tern and have trouble for some because the application runs into an error ERROR - rootfs - Command failed. cp: not writing through dangling symlink '/root/.tern/temp/mergedir/sbin/ip' there i find, that ip is a dangling symlink to /bin/busybox what is odd because i'm working on a archlinux system. I also tried it out on Ubuntu and also in a docker container as described in the README.md. Ip is not the only symlink that is located there that can make issues. I also have seen others like unzip ...
I have seen this issue also with other containers:
ngoduykhanh/wireguard-ui:latest
bonita:latest
consul:1.15.4
drupal:latest
I would be very happy if somebody could tell me what i'm doing wrong or confirm this behavior.
Error in terminal
Here the full command i used to scan the container:
###
-- with a PIP install (tern Version 2.12.0)
tern report -f spdxjson -i ngoduykhanh/wireguard-ui:latest -o tern.spdx.json
-- in docker
docker run --rm ternd report -f spdxjson -i ngoduykhanh/wireguard-ui:latest
Here also the full Tracelog:
Traceback (most recent call last):
File "/usr/local/bin/tern", line 8, in <module>
sys.exit(main())
File "/usr/local/lib/python3.9/site-packages/tern/__main__.py", line 311, in main
do_main(args)
File "/usr/local/lib/python3.9/site-packages/tern/__main__.py", line 123, in do_main
crun.execute_image(args)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/run.py", line 80, in execute_image
cimage.default_analyze(full_image, args)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/image.py", line 75, in default_analyze
multi_layer.analyze_subsequent_layers(
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/multi_layer.py", line 168, in analyze_subsequent_layers
fresh_analysis(image_obj, curr_layer, prereqs, options)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/multi_layer.py", line 113, in fresh_analysis
target = prep_layers(image_obj, curr_layer, options.driver)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/multi_layer.py", line 71, in prep_layers
return apply_layers(image_obj, top_layer)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/multi_layer.py", line 63, in apply_layers
rootfs.root_command(['cp', '-r'] + glob.glob(layer_contents), target)
File "/usr/local/lib/python3.9/site-packages/tern/utils/rootfs.py", line 71, in root_command
raise subprocess.CalledProcessError( # nosec
subprocess.CalledProcessError: Command '['cp', '-r', '/root/.tern/temp/3/contents/var', '/root/.tern/temp/3/contents/sbin', '/root/.tern/temp/3/contents/usr', '/root/.tern/temp/3/contents/lib', '/root/.tern/temp/3/contents/etc', '/root/.tern/temp/3/contents/bin', '/root/.tern/temp/mergedir']' returned non-zero exit status 1.
Environment you are running Tern on
Version 2.12.0
archlinux / ubuntu / docker
The text was updated successfully, but these errors were encountered:
I took a look into it. And i don't think that it's the same problem. Somehow tern ends up with some symlinks that assume the container is based on busybox even if this is not the case.
Describe the bug
I'm currently trying to scan some containers with tern and have trouble for some because the application runs into an error
ERROR - rootfs - Command failed. cp: not writing through dangling symlink '/root/.tern/temp/mergedir/sbin/ip'
there i find, that ip is a dangling symlink to/bin/busybox
what is odd because i'm working on a archlinux system. I also tried it out on Ubuntu and also in a docker container as described in the README.md. Ip is not the only symlink that is located there that can make issues. I also have seen others like unzip ...I have also seen in the release nodes that something similar with symlinks in Alpine was already fixed in Version 2.2.0 (i use 2.12.0) might be related? #769
https://github.com/search?q=repo%3Atern-tools%2Ftern%20busybox&type=code
I have seen this issue also with other containers:
I would be very happy if somebody could tell me what i'm doing wrong or confirm this behavior.
Error in terminal
Here the full command i used to scan the container:
Here also the full Tracelog:
Environment you are running Tern on
The text was updated successfully, but these errors were encountered: