From 06e2fb64a13b4879f9e2b26228a97681121a20bd Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Thu, 21 Jul 2022 23:01:11 +0800 Subject: [PATCH 1/7] add tools except libcSearch --- labs/pwn-lab | 1 + 1 file changed, 1 insertion(+) create mode 160000 labs/pwn-lab diff --git a/labs/pwn-lab b/labs/pwn-lab new file mode 160000 index 0000000..884460b --- /dev/null +++ b/labs/pwn-lab @@ -0,0 +1 @@ +Subproject commit 884460b77822b5e5ca86ea129be4d040aa5f7b76 -- Gitee From 4771375aaf173c7b511df3bb19c5d9c170c09ecb Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Thu, 21 Jul 2022 23:12:02 +0800 Subject: [PATCH 2/7] add docker pwn lab --- configs/pwn-lab/Dockerfile | 8 ++++++++ configs/pwn-lab/docker/container/placeholder | 0 configs/pwn-lab/docker/name | 1 + configs/pwn-lab/lab-logo.png | Bin 0 -> 3814 bytes .../system/home/ubuntu/.config/dconf/user | Bin 0 -> 5608 bytes .../home/ubuntu/.local/share/gvfs-metadata/home | Bin 0 -> 272 bytes .../system/home/ubuntu/Desktop/lab.desktop | 7 +++++++ 7 files changed, 16 insertions(+) create mode 100644 configs/pwn-lab/Dockerfile create mode 100644 configs/pwn-lab/docker/container/placeholder create mode 100644 configs/pwn-lab/docker/name create mode 100644 configs/pwn-lab/lab-logo.png create mode 100644 configs/pwn-lab/system/home/ubuntu/.config/dconf/user create mode 100644 configs/pwn-lab/system/home/ubuntu/.local/share/gvfs-metadata/home create mode 100755 configs/pwn-lab/system/home/ubuntu/Desktop/lab.desktop diff --git a/configs/pwn-lab/Dockerfile b/configs/pwn-lab/Dockerfile new file mode 100644 index 0000000..0c79395 --- /dev/null +++ b/configs/pwn-lab/Dockerfile @@ -0,0 +1,8 @@ +FROM tinylab/cloud-ubuntu-cinnamon:20220714 +MAINTAINER Wu Zhangjin + +EXPOSE 5900 22 + +WORKDIR /labs/ + +ENTRYPOINT ["/tools/lab/run"] diff --git a/configs/pwn-lab/docker/container/placeholder b/configs/pwn-lab/docker/container/placeholder new file mode 100644 index 0000000..e69de29 diff --git a/configs/pwn-lab/docker/name b/configs/pwn-lab/docker/name new file mode 100644 index 0000000..ccbb585 --- /dev/null +++ b/configs/pwn-lab/docker/name @@ -0,0 +1 @@ +tinylab/pwn-lab diff --git a/configs/pwn-lab/lab-logo.png b/configs/pwn-lab/lab-logo.png new file mode 100644 index 0000000000000000000000000000000000000000..408399327ce72a96c702f22f0f332a988816331e GIT binary patch literal 3814 zcmZu!X*|>q_x+l&j%_BBea%=BLRmvI_OVXZj4)*hS;p82GbH^gBxOs?gHkERPL^gY z5k^$XntgAChY-Wx@BjKa=bn4-=e)b0^XmSCu{Gy~h(Z7W;6+=Q*q=<|zv5&+=^cjG z`v8FDj=!-n25oFCjVFZo`Um;|fMRBRrh!EVQoPI4?S=gtK3`~P59YZt{B-CyCHQ}g zUY*89s5NbK=L>xN=E%A z;!1iimY-wsdmrR$k5%7pf7Bm|%``TuFy2VbJQvLQ+kw8XXIBM3s;+*7%P}L^!`Mjh&dOwW2^TzAsr+mIX z4zh)a^w;^e`?P{?r6rXCY~4rf?)>?Og4+vn6<@{8Alz5)u)-h#ugDOwP;7*~vbW#m zl{qN_^HdX@;6&|F&*1fYTvzLlI_Dd^blf@IjbWji;NcX`!2C`FcO-tfLs=7 z{4#!&#;(Rh$F{!fN+%u#P0zl6cQ%f?z^At7-ShI7rA$8U1}yq=Nk}gk+<^2RUVB%U z@s&f`%Kb$MG1(YbYchJv@b~)4FUHh`cSi|;FOE=*uRaVoiG}@!mAMIU{4dF^WmzW< z7v91(>?FY-|BA&(@mchV$q|mWG38j~;DZS2+`JT;3;;ZHXcLrU^ccfECfspY-9G+96bw;(@$ej$})GetFTy_os56wMNJyy`M>sNo?6|UHJL?U^1jB zM1+|9KOviiN;W_lcl?;Ur(E;TbqLrD+_Mm%37=#YcP8x$3wWGWQDG{{vA(LTYQVrBfXh}~hZ42@`3Ax&9o z+@yoqBVT+CcFTwJ4-RhZ=p^~vRExo4u~jXxr|Uz;*>bFA1=XRpW#EN{IZVuwim>6V zxVsLc$6>Q1%F5~%rRNMJ;Khs# zQQex?!_%V`@?64wLIZ7f^QMpowoMNKAH3MXg{1aO?=Z$ALvNLGdInF5y!Ut1cuZ}< z=;KBDhXu153aKXszI-sJ5l zR*-DJq?}5K#J1|i*xK?f_A^xi0;Z^G+MnlXdJbVk<20LS{ESzwR*bxJB^G>ko+azTXYsq; zMYnTv9_AIWf~Zx$^EW$-<#IJvghnWB*>3XVoB(jM;L5#AN+DfO{IeQ;92rCK8&PyJ;9wqA|Z{Fae5S$`98FaeB#>5w)%|C8yO-|Kk zxt<_I%3a>kwpO1mudK`nev${>-lq8~d(^T{B^yaWobwZNZU zKH@25eo;Dag^P2rkyjtJj1AbF+W5N~fq~00c#14FL`>o8qY{6+Z{3QX*1Qru7j?B- zyZ~r{SlHc;$FGsor5yA~ZkL~PK3W#CeV9O!bN7%CxX?vju^n-QnazK+k!lx4J+6({ z-YBk?B0SzuA|?y`f8~%~g3p6%TCn%ZLS7>t^rQs_S5v~{6rYIcw{CyRLVB>_H_Y41#w`8xvqJEE9hXeQ7VCr+JRJPC4Y9OR;yCQXcoi9|4EPf zJ25VmPja{1Gt3Yo+I(+&yY2(6xWrxnX;6&|<{VjQa~Zy4Zc8-WX1!BWfJq*+%7_5D z+{0-vBtIP`>9b&f+E~=3Yt$`OGW|BsDSHEZrqwGvN^*qRg_|qDu?bR*h{k|eaB{4% z%*bUcV&)9JOi!0WcptFzY)+u;F>IvBqG z^xIT|eVYaZBCfk*sTtq;PBrlt_i;kht#E3GMM1arls5a@Th8 zzT(OC12@ZmK7Uh|K{bdW%b|{49m_xpt;l~kwZ zaVL@&&t3!1n?N?hH9o~-g_xOcEk9W;7oY;Nue2hU@8Y+cWH>b7a0Vo_;zU!0=&i@Q z1e#V{=DqGAw(*ij{0hm8t=5*EuD2qK07h7GZwzX}02DObs)Ya`Ga!8q&#z<%2}Ka~ z>gFqYKw7A8MTvH}&gy?;AjgFv&qWQOTG2q4w&>`^)Qb4PCz0142#u88t@GT?jjZ8_ zeshj+j9?!V-R>RdT$|p>T9HKREVE+|@L7|91gCJ`$8n^|k?VywpeJ45N&=Qx0D7B#)6XqYE@zz5S2RCMV<=P_7LB{|C}^4Xh! z2S1UwDyXLjEvwqfV!>?p(P9hOx6UkM2>%%3`D>IR7CTx36n|XnkSHpS)vQ6*RQ6tRTh|W$7XMeTEh z;V_?n^pMpC*>(Tycx`)5HScX_MY3X?Ub-2Xt9cEoz?`lk%%1KByF5sOh~>Vig+Q-)gmJt54GrOs@%D(wXnA+l^fi`84)*V@XACK11qpYL|%pR96< zed|kFJwET=6ONFPT?y&uR^PfKPWd22n#6$z*wuKbm2WYgk{~U0ZCokc{mN&%15FT= zY`YC3wuL6gCZT(g&+7E4mbe^$lT1fkNm-G)?$J@6oB}jWy>Wmiw3kIsn)FnUoIOU` zkHjUwL&8k%ZW!?+jW9fXoq>Nx*si&eZQA{UTW!DmHU=#_u)Q_joD5r@to-C+c`C&k zT4hmGUP4Zw70zheNmpyfITb30>8vKD*p$cAUg{MzqK;)CR1NKoeOrTfE2!b}C3Bo4Ii=}tN=JSr7#hde$B^3nqQ>rK|E^E5-ZT#RW7_*ObrV z)cM8D;-gK~t~GSpHCdC|qpsD&#QCvUJ`ssY@BGwGqx%=PIl$O-Rt09 zjjmTn^Vi|W73UU0Vy;Sht3nV3K(VRRh1UBD2{Dg`T0NL5u2;TYp3jTiLanCekl4G2 zJaqdycd7P9#ApM_%(MFMixfo);fU+H(% z#Zt~3JK@R(o2Z6O*1dJVn&8&00k=m*McwZ*z2Wfr>+3D!5##BS2EqC)eByrJy67{q z1GM`tg*3ZFEtsyZZLmmkX4YJ1=_i4z*@c_o$BhHR#!M3XTp01spGffl{iLwZVhdBw z_V#yDrCL+n6jJ>B^dJ8DT9)O&zW%dDC@83`@w-h@eZ9j-O`PY}B8#I_SGq)V=wYo6j4tMjzEr3HKC9Iy`=T^V7L%Jsbih!S0}$vBR|UHgialW2)HHj#MEbHwK`t|R* zMA?r5L`PVPGpqoy zqGBM9YunJJ*?+^s1GS!1N(VbSIW=*o!kvMuA3IR@Ck;11;PTu{Q583dgcbTe{Dce6?Ek$I1u-ZBXg#*gw%-*FpQAfbkx4KwGnhxcP#U QPCg(2ZE9;$VT4QiKfl`=k^lez literal 0 HcmV?d00001 diff --git a/configs/pwn-lab/system/home/ubuntu/.config/dconf/user b/configs/pwn-lab/system/home/ubuntu/.config/dconf/user new file mode 100644 index 0000000000000000000000000000000000000000..e0ee0a006be183d8c0e4a4cf7db73a215f9cea58 GIT binary patch literal 5608 zcmaKw3y>7m6^46xE-WChfPez4^4O@ov&*uu3=es%N(2NEe4!RSGrc>_&P-3bd-jn; z17b>2v7&}jh*}m2QL$nYOks&)(8NlDuSAVO)I2sxC6bsZr76S$L%zSK_c2>my6WHm z-_xgW-+S)4=icedudzJG$^}MrO@!0K!+)x8j%)+qfnX3A0)~QeFsu(oqDS?^S^Pg5 zi~*Hke1r+`*%9=I6U@b7|8ftvD@qxD{C*+-9{&)}s0!PYYD(y~{>7lA36 zsRtKfmzI4Ayd3O%YI?24B|U`qu7cNsGeef%dO3FKQP?-ZDe&%sSzlX^U0UsQz_)@E zJ5Sv&e`)o9JG=|r-*DMqmSUG4iG44;59EJTYbs}@6`#ZK8{pn=zO=g%yL2V?WAI1d zw|_qHtl}U&0eksK!>9n0zjod><*l^(Qw7fgGh=6!sXx*qc<&sz5!^Lk=0LS0Jrw&A zxCuPCe%*bVFKOk&b?`=TXz-y$YG1kndm7#ihTSpk9knm5{M-va4z|u5F;96Vt#LgM z{}P;DV!WzxNe{#R8vG8}x9x>jwSJ`sVef+92RBcC{del8^hoR{;Yte6_!EPctDn-N zu~)-2p!(r!cE~P01bZXA09?6Y=vMVpTJzfkuK>^8QCYA0Agz2}3$F(wC(nv$UZj=J zo8ZkLyYlgY$}8z`oxAljj?}8ryvu0iUk?Nha@_aA+1Mu|r&)!k3lvdpK z!_R`9zkcESYDan!{zu_=LHmEZj>s;pd^irD04vwtU7^}0J&1Nr!{rp>!}(7R$zNLa zp$fhL+&9geD!a7uq!C^K+?J~rX}+Yx_`s{cci&7uthh-lKI`Ed!DCxSol!f|Y9|l3 zf$xkf{Im|cwA%S9ydCTr)_VIC?9z(oF8Cqv!HDOc(0ipvZBobHdhvPXm9*kH z5uOTmKK7q)EygUZ^;-?sg4ye~{a*D@dOZFs;FVy(g&%(?e`$?(J$xNF^Yd?v*4`tn zer|%(VDYy<8L06}hjjzqGuAM?=U)4s#w)G%55Nb(pnugjg!K@u_&*OH2A3{d?Q6W! z>VFsfSFq%PhArCXq{m`E37-Og%N{$Zd6cf8opKi8IPm`dPpXvX(&|q&Tm#-P66dYM zEeX&|4;a|>`cx>? zsxt@p=MY%9Yj}mu57KJqDEuzCVa%9csU2yp_v7%#;7=_l$6k$HT5%|6k}AL>KRJJu!hb&V=~C>{%7;7Q-Joh?(`v;{dJOjc@B#4jsrpINu}iBy9EM*8bCZi_ z=v*XSj{PY79=NtJys{R%w8pDL)({ZeUOz%{kk)=(1z!MmY@Z2>Q+bpmKP`ZqSTgWBt@JTyoB{DX);+5!W zGG%A1&d7SPCeukextx`Cb1`Eo|E>qhb)D@7g9f0OCI zR*P-=Zox}N1L??S;;~q);CnGYZFzRACFf>sGhroLTRg^|GV`9Bx4poz{g{<%x17ML z;UOaGXJ=eXy=`%Fwy!rDej%54a-B}j=x9yE3w}J#U1RtJ!}6o< zr#;(GyP0VG9Qzo5o0}(dxE{|Iuj9;5zbKiSB|F9V@=h`+c(&>0!_F6<__FI}iDEG! ze5=j&V&QL&v>T8evG9Dap}B=1%98GP^|V*;9K&dKGIr@i_fD~2ob>ML4aby0EC6z>dnI6q(!zATl*byZ6?!Jj>V-$xX1Io3o&bTnB=TY&VHbP zIj+}2X9pqKZo}WRen2*L{{K4Dcl5L$23%vV0{V?-)zy&^hM_uI511%btZ+Wb4=je! zp+8R8wb-S|nSk(Agrb3Q-!yk~%sApWeZ%)^=AZ z&ea;U6AOO>o5<4DU}oJ^RG7GDI33*`i0OB*expW}(X%a*sI)HT-FB@Gof~L3Q=ka> zu|;U@6VW_I<<>XyR?g1U#WQwu5U-7A?Ob6=cdFJfJMr2QkGeP|s-5_RJ4LByU5V%H zxXNbUPMPgaF2yq$#}7&$nBDz==d`5tcE8gPJgc+RtG?8$F5W>&GL>otztnS1spsr? zNewLZZ7B7vkLSIx2KH-mZmHXxxX1Ljg~^oir~&=l=asrQ#Je}H(w8@uy3LJ8OS05! zeyP{Ic(~3>ed>Cqrx?S=csTj}oO))a=rli0QD);@s zwUs?s_Or6TmyH@gJxaRSe1Wa5B;~0a;c^>CZs|NzT13cdzqtS5mnZ}Qn~|BOdWUW3 zj_f^qEJ>^HQ0D@j`95!BjP^y_Q#Hn?uBM@8_H5qUb9%vsy$MtTomureZwi7OB;)iLSD*S@XPCnbz=HpfR&B{B%j=F>=wbuv%%Yb6)DLo)meVn@qR4Ir3|R`=G@ZZnZL#|sS$9z|yEj7ajRkg_onxEV7F3*Q>M?27!US=bv%+#W z7kF-FvCmdv`C+X#lU6cqn}vLe{UQ~*8E>8bO@jXSJ5}@v3vuapGd%G1p7;8Uo$ATq zhfM9+gcPT+QWtk;&S{0L#et*KY_hyo(npoAZ))P-y?A5#-grLHT$5_yx6g~7!M_L) z?97+VX7hUVwRFNGj??0>M%uyvsA&B&QV*73U=DFDwFy*d>Yy=JIfaQ+T3RP`L;p?s zY_+ARBxzGCXEwNnXa{?^aWUqBh(B@!ezyghNxO2U;VJhnaD_Y9l_*BbUmr`~;6HP` f0Ovd(xdTt=qW03sFv(+zC`ywo52JjVQHbUn`$IJ) literal 0 HcmV?d00001 diff --git a/configs/pwn-lab/system/home/ubuntu/Desktop/lab.desktop b/configs/pwn-lab/system/home/ubuntu/Desktop/lab.desktop new file mode 100755 index 0000000..300b199 --- /dev/null +++ b/configs/pwn-lab/system/home/ubuntu/Desktop/lab.desktop @@ -0,0 +1,7 @@ +[Desktop Entry] +Encoding=UTF-8 +Name=Pwn Lab +Comment=A Friendly Lab for CTF PWN Learning +Exec=/usr/bin/gnome-terminal --working-directory=/labs/pwn-lab/ --title "PWN Lab" +Icon=/configs/lab-logo.png +Type=Application -- Gitee From 395f0ffe1169e47070a7bda687cdd4fdca47826b Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Thu, 21 Jul 2022 23:26:49 +0800 Subject: [PATCH 3/7] test gitmodule --- labs/pwn-lab | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/labs/pwn-lab b/labs/pwn-lab index 884460b..e7a6ce4 160000 --- a/labs/pwn-lab +++ b/labs/pwn-lab @@ -1 +1 @@ -Subproject commit 884460b77822b5e5ca86ea129be4d040aa5f7b76 +Subproject commit e7a6ce4f7997a16f913ce72310cd69825e8f6b5d -- Gitee From 83b11ca90bacb79524832668b7b6e35b93f8b6be Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Fri, 22 Jul 2022 19:32:59 +0800 Subject: [PATCH 4/7] modified Dockerfile --- .gitmodules | 5 +++++ configs/pwn-lab/Dockerfile | 28 ++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/.gitmodules b/.gitmodules index c874d5a..63981be 100644 --- a/.gitmodules +++ b/.gitmodules @@ -33,3 +33,8 @@ url = https://github.com/tinyclub/rtthread-lab branch = master ignore = all +[submodule "labs/pwn-lab"] + path = labs/pwn-lab + url = https://gitee.com/retroyong/pwn-lab.git + branch = master + ignore = all diff --git a/configs/pwn-lab/Dockerfile b/configs/pwn-lab/Dockerfile index 0c79395..decb66a 100644 --- a/configs/pwn-lab/Dockerfile +++ b/configs/pwn-lab/Dockerfile @@ -1,6 +1,34 @@ FROM tinylab/cloud-ubuntu-cinnamon:20220714 MAINTAINER Wu Zhangjin +RUN echo '#! /bin/sh\n\ +env DEBIAN_FRONTEND=noninteractive apt-get autoremove -y\n\ +apt-get clean\n\ +find /var/lib/apt/lists -type f -delete\n\ +find /var/cache -type f -delete\n\ +find /var/log -type f -delete\n\ +exit 0\n\ +' > /cleanup && chmod +x /cleanup + +RUN apt-get update && apt-get -y upgrade +RUN apt-get -y install python3-pip \ + && pip install pqi \ + && pqi use tuna + +RUN apt-get -y install --no-install-recommends \ + wget \ + curl \ + gcc \ + g++ \ + git \ + openssh-client \ + python-capstone \ + vim \ + gedit \ + gedit-plugins \ + gdb \ + && /cleanup + EXPOSE 5900 22 WORKDIR /labs/ -- Gitee From 6da99c63fe3d38c8b0bdf19aa69328dbf2fecb2f Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Mon, 25 Jul 2022 23:03:56 +0800 Subject: [PATCH 5/7] fixed up vnc bug --- .gitmodules | 2 +- README_zh.md | 2 + VERSION | 2 +- configs/.gitignore | 1 + configs/common/seccomp-profiles-default.json | 790 ++++++++++++++++++ .../docker/container/placeholder} | 0 configs/lep-lab/Dockerfile | 63 -- configs/lep-lab/docker/caps | 2 - configs/lep-lab/docker/limits | 1 - configs/lep-lab/docker/name | 1 - configs/lep-lab/docker/portmap | 1 - configs/lep-lab/system/etc/sudoers.d/ubuntu | 3 - .../system/home/ubuntu/Desktop/home.desktop | 7 - .../system/home/ubuntu/Desktop/lab.desktop | 7 - .../system/home/ubuntu/Desktop/lepv.desktop | 7 - configs/lep-lab/tools/container-run | 12 - .../docker/container/placeholder} | 0 .../docker/container/placeholder} | 0 configs/linux-lab/tools/container-run | 3 + .../markdown-lab/docker/container/placeholder | 0 configs/pwn-lab/Dockerfile | 2 +- configs/rtthread-lab/Dockerfile | 41 - configs/rtthread-lab/docker/caps | 4 - configs/rtthread-lab/docker/devices | 1 - configs/rtthread-lab/docker/limits | 1 - configs/rtthread-lab/docker/name | 1 - .../rtthread-lab/system/etc/sudoers.d/ubuntu | 3 - .../system/home/ubuntu/Desktop/help.desktop | 7 - .../system/home/ubuntu/Desktop/lab.desktop | 7 - .../ubuntu/Desktop/rt-thread-repo.desktop | 7 - .../ubuntu/Desktop/rt-thread-site.desktop | 7 - .../home/ubuntu/Desktop/showterm.desktop | 7 - configs/rtthread-lab/tools/container-run | 10 - .../rtthread-lab/tools/enable_net_bridge.sh | 18 - .../tinylab.org/docker/container/placeholder | 0 .../system/home/ubuntu/Desktop/demo.desktop | 7 - .../system/home/ubuntu/Desktop/local.desktop | 2 +- images/3rd-party/firefox.png | Bin 0 -> 5459 bytes images/3rd-party/gnome-terminal.svg | 101 +++ images/3rd-party/lxterminal.png | Bin 0 -> 5561 bytes labs/lep-lab | 1 - labs/pwn-lab | 2 +- labs/rtthread-lab | 1 - tools/docker/config | 180 ++-- tools/docker/container | 153 ++++ tools/docker/libs | 9 +- tools/docker/run | 32 +- tools/docker/vnc | 2 + tools/lab/run | 58 +- tools/system/usr/bin/showterm | 99 --- ...xqt-z-ibus.desktop => ibus-daemon.desktop} | 0 51 files changed, 1219 insertions(+), 448 deletions(-) create mode 100644 configs/common/seccomp-profiles-default.json rename configs/{lep-lab/docker/devices => cs630-qemu-lab/docker/container/placeholder} (100%) delete mode 100644 configs/lep-lab/Dockerfile delete mode 100644 configs/lep-lab/docker/caps delete mode 100644 configs/lep-lab/docker/limits delete mode 100644 configs/lep-lab/docker/name delete mode 100644 configs/lep-lab/docker/portmap delete mode 100644 configs/lep-lab/system/etc/sudoers.d/ubuntu delete mode 100644 configs/lep-lab/system/home/ubuntu/Desktop/home.desktop delete mode 100644 configs/lep-lab/system/home/ubuntu/Desktop/lab.desktop delete mode 100644 configs/lep-lab/system/home/ubuntu/Desktop/lepv.desktop delete mode 100755 configs/lep-lab/tools/container-run rename configs/{lep-lab/docker/volumemap => linux-0.11-lab/docker/container/placeholder} (100%) rename configs/{rtthread-lab/docker/volumemap => linux-lab/docker/container/placeholder} (100%) create mode 100644 configs/markdown-lab/docker/container/placeholder delete mode 100644 configs/rtthread-lab/Dockerfile delete mode 100644 configs/rtthread-lab/docker/caps delete mode 100644 configs/rtthread-lab/docker/devices delete mode 100644 configs/rtthread-lab/docker/limits delete mode 100644 configs/rtthread-lab/docker/name delete mode 100644 configs/rtthread-lab/system/etc/sudoers.d/ubuntu delete mode 100644 configs/rtthread-lab/system/home/ubuntu/Desktop/help.desktop delete mode 100644 configs/rtthread-lab/system/home/ubuntu/Desktop/lab.desktop delete mode 100644 configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-repo.desktop delete mode 100644 configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-site.desktop delete mode 100644 configs/rtthread-lab/system/home/ubuntu/Desktop/showterm.desktop delete mode 100755 configs/rtthread-lab/tools/container-run delete mode 100755 configs/rtthread-lab/tools/enable_net_bridge.sh create mode 100644 configs/tinylab.org/docker/container/placeholder delete mode 100644 configs/tinylab.org/system/home/ubuntu/Desktop/demo.desktop create mode 100644 images/3rd-party/firefox.png create mode 100644 images/3rd-party/gnome-terminal.svg create mode 100644 images/3rd-party/lxterminal.png delete mode 160000 labs/lep-lab delete mode 160000 labs/rtthread-lab create mode 100644 tools/docker/container delete mode 100755 tools/system/usr/bin/showterm rename tools/system/usr/share/desktop/home/.config/autostart/{lxqt-z-ibus.desktop => ibus-daemon.desktop} (100%) diff --git a/.gitmodules b/.gitmodules index 63981be..e67b143 100644 --- a/.gitmodules +++ b/.gitmodules @@ -35,6 +35,6 @@ ignore = all [submodule "labs/pwn-lab"] path = labs/pwn-lab - url = https://gitee.com/retroyong/pwn-lab.git + url = https://gitee.com/tinylab/pwn-lab.git branch = master ignore = all diff --git a/README_zh.md b/README_zh.md index 84b3cd3..d19d099 100644 --- a/README_zh.md +++ b/README_zh.md @@ -12,6 +12,8 @@ [Cloud Lab](http://tinylab.org/cloud-lab) 是一套基于 Docker 的计算机软件云端实验管理平台。 +Cloud Lab 是一个开源软件,不提供任何保证,请自行承担使用过程中的任何风险。 + ## 2. 产品安装 ### 2.1 安装 Docker diff --git a/VERSION b/VERSION index ad2ce75..a7077af 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -Cloud Lab v0.7 +Cloud Lab v0.8-rc1 diff --git a/configs/.gitignore b/configs/.gitignore index 6374745..d64eb15 100644 --- a/configs/.gitignore +++ b/configs/.gitignore @@ -1 +1,2 @@ */docker/.* +*/docker/container/.* diff --git a/configs/common/seccomp-profiles-default.json b/configs/common/seccomp-profiles-default.json new file mode 100644 index 0000000..abde87b --- /dev/null +++ b/configs/common/seccomp-profiles-default.json @@ -0,0 +1,790 @@ +{ + "defaultAction": "SCMP_ACT_ERRNO", + "defaultErrnoRet": 1, + "archMap": [ + { + "architecture": "SCMP_ARCH_X86_64", + "subArchitectures": [ + "SCMP_ARCH_X86", + "SCMP_ARCH_X32" + ] + }, + { + "architecture": "SCMP_ARCH_AARCH64", + "subArchitectures": [ + "SCMP_ARCH_ARM" + ] + }, + { + "architecture": "SCMP_ARCH_MIPS64", + "subArchitectures": [ + "SCMP_ARCH_MIPS", + "SCMP_ARCH_MIPS64N32" + ] + }, + { + "architecture": "SCMP_ARCH_MIPS64N32", + "subArchitectures": [ + "SCMP_ARCH_MIPS", + "SCMP_ARCH_MIPS64" + ] + }, + { + "architecture": "SCMP_ARCH_MIPSEL64", + "subArchitectures": [ + "SCMP_ARCH_MIPSEL", + "SCMP_ARCH_MIPSEL64N32" + ] + }, + { + "architecture": "SCMP_ARCH_MIPSEL64N32", + "subArchitectures": [ + "SCMP_ARCH_MIPSEL", + "SCMP_ARCH_MIPSEL64" + ] + }, + { + "architecture": "SCMP_ARCH_S390X", + "subArchitectures": [ + "SCMP_ARCH_S390" + ] + }, + { + "architecture": "SCMP_ARCH_RISCV64", + "subArchitectures": null + } + ], + "syscalls": [ + { + "names": [ + "accept", + "accept4", + "access", + "adjtimex", + "alarm", + "bind", + "brk", + "capget", + "capset", + "chdir", + "chmod", + "chown", + "chown32", + "clock_adjtime", + "clock_adjtime64", + "clock_getres", + "clock_getres_time64", + "clock_gettime", + "clock_gettime64", + "clock_nanosleep", + "clock_nanosleep_time64", + "close", + "close_range", + "connect", + "copy_file_range", + "creat", + "dup", + "dup2", + "dup3", + "epoll_create", + "epoll_create1", + "epoll_ctl", + "epoll_ctl_old", + "epoll_pwait", + "epoll_pwait2", + "epoll_wait", + "epoll_wait_old", + "eventfd", + "eventfd2", + "execve", + "execveat", + "exit", + "exit_group", + "faccessat", + "faccessat2", + "fadvise64", + "fadvise64_64", + "fallocate", + "fanotify_mark", + "fchdir", + "fchmod", + "fchmodat", + "fchown", + "fchown32", + "fchownat", + "fcntl", + "fcntl64", + "fdatasync", + "fgetxattr", + "flistxattr", + "flock", + "fork", + "fremovexattr", + "fsetxattr", + "fstat", + "fstat64", + "fstatat64", + "fstatfs", + "fstatfs64", + "fsync", + "ftruncate", + "ftruncate64", + "futex", + "futex_time64", + "futex_waitv", + "futimesat", + "getcpu", + "getcwd", + "getdents", + "getdents64", + "getegid", + "getegid32", + "geteuid", + "geteuid32", + "getgid", + "getgid32", + "getgroups", + "getgroups32", + "getitimer", + "getpeername", + "getpgid", + "getpgrp", + "getpid", + "getppid", + "getpriority", + "getrandom", + "getresgid", + "getresgid32", + "getresuid", + "getresuid32", + "getrlimit", + "get_robust_list", + "getrusage", + "getsid", + "getsockname", + "getsockopt", + "get_thread_area", + "gettid", + "gettimeofday", + "getuid", + "getuid32", + "getxattr", + "inotify_add_watch", + "inotify_init", + "inotify_init1", + "inotify_rm_watch", + "io_cancel", + "ioctl", + "io_destroy", + "io_getevents", + "io_pgetevents", + "io_pgetevents_time64", + "ioprio_get", + "ioprio_set", + "io_setup", + "io_submit", + "io_uring_enter", + "io_uring_register", + "io_uring_setup", + "ipc", + "kill", + "landlock_add_rule", + "landlock_create_ruleset", + "landlock_restrict_self", + "lchown", + "lchown32", + "lgetxattr", + "link", + "linkat", + "listen", + "listxattr", + "llistxattr", + "_llseek", + "lremovexattr", + "lseek", + "lsetxattr", + "lstat", + "lstat64", + "madvise", + "membarrier", + "memfd_create", + "memfd_secret", + "mincore", + "mkdir", + "mkdirat", + "mknod", + "mknodat", + "mlock", + "mlock2", + "mlockall", + "mmap", + "mmap2", + "mprotect", + "mq_getsetattr", + "mq_notify", + "mq_open", + "mq_timedreceive", + "mq_timedreceive_time64", + "mq_timedsend", + "mq_timedsend_time64", + "mq_unlink", + "mremap", + "msgctl", + "msgget", + "msgrcv", + "msgsnd", + "msync", + "munlock", + "munlockall", + "munmap", + "nanosleep", + "newfstatat", + "_newselect", + "open", + "openat", + "openat2", + "pause", + "pidfd_open", + "pidfd_send_signal", + "pipe", + "pipe2", + "poll", + "ppoll", + "ppoll_time64", + "prctl", + "pread64", + "preadv", + "preadv2", + "prlimit64", + "process_mrelease", + "pselect6", + "pselect6_time64", + "pwrite64", + "pwritev", + "pwritev2", + "read", + "readahead", + "readlink", + "readlinkat", + "readv", + "recv", + "recvfrom", + "recvmmsg", + "recvmmsg_time64", + "recvmsg", + "remap_file_pages", + "removexattr", + "rename", + "renameat", + "renameat2", + "restart_syscall", + "rmdir", + "rseq", + "rt_sigaction", + "rt_sigpending", + "rt_sigprocmask", + "rt_sigqueueinfo", + "rt_sigreturn", + "rt_sigsuspend", + "rt_sigtimedwait", + "rt_sigtimedwait_time64", + "rt_tgsigqueueinfo", + "sched_getaffinity", + "sched_getattr", + "sched_getparam", + "sched_get_priority_max", + "sched_get_priority_min", + "sched_getscheduler", + "sched_rr_get_interval", + "sched_rr_get_interval_time64", + "sched_setaffinity", + "sched_setattr", + "sched_setparam", + "sched_setscheduler", + "sched_yield", + "seccomp", + "select", + "semctl", + "semget", + "semop", + "semtimedop", + "semtimedop_time64", + "send", + "sendfile", + "sendfile64", + "sendmmsg", + "sendmsg", + "sendto", + "setfsgid", + "setfsgid32", + "setfsuid", + "setfsuid32", + "setgid", + "setgid32", + "setgroups", + "setgroups32", + "setitimer", + "setpgid", + "setpriority", + "setregid", + "setregid32", + "setresgid", + "setresgid32", + "setresuid", + "setresuid32", + "setreuid", + "setreuid32", + "setrlimit", + "set_robust_list", + "setsid", + "setsockopt", + "set_thread_area", + "set_tid_address", + "setuid", + "setuid32", + "setxattr", + "shmat", + "shmctl", + "shmdt", + "shmget", + "shutdown", + "sigaltstack", + "signalfd", + "signalfd4", + "sigprocmask", + "sigreturn", + "socket", + "socketcall", + "socketpair", + "splice", + "stat", + "stat64", + "statfs", + "statfs64", + "statx", + "symlink", + "symlinkat", + "sync", + "sync_file_range", + "syncfs", + "sysinfo", + "tee", + "tgkill", + "time", + "timer_create", + "timer_delete", + "timer_getoverrun", + "timer_gettime", + "timer_gettime64", + "timer_settime", + "timer_settime64", + "timerfd_create", + "timerfd_gettime", + "timerfd_gettime64", + "timerfd_settime", + "timerfd_settime64", + "times", + "tkill", + "truncate", + "truncate64", + "ugetrlimit", + "umask", + "uname", + "unlink", + "unlinkat", + "utime", + "utimensat", + "utimensat_time64", + "utimes", + "vfork", + "vmsplice", + "wait4", + "waitid", + "waitpid", + "write", + "writev" + ], + "action": "SCMP_ACT_ALLOW" + }, + { + "names": [ + "process_vm_readv", + "process_vm_writev", + "ptrace" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "minKernel": "4.8" + } + }, + { + "names": [ + "personality" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 0, + "op": "SCMP_CMP_EQ" + } + ] + }, + { + "names": [ + "personality" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 8, + "op": "SCMP_CMP_EQ" + } + ] + }, + { + "names": [ + "personality" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 131072, + "op": "SCMP_CMP_EQ" + } + ] + }, + { + "names": [ + "personality" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 131080, + "op": "SCMP_CMP_EQ" + } + ] + }, + { + "names": [ + "personality" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 4294967295, + "op": "SCMP_CMP_EQ" + } + ] + }, + { + "names": [ + "sync_file_range2", + "swapcontext" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "ppc64le" + ] + } + }, + { + "names": [ + "arm_fadvise64_64", + "arm_sync_file_range", + "sync_file_range2", + "breakpoint", + "cacheflush", + "set_tls" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "arm", + "arm64" + ] + } + }, + { + "names": [ + "arch_prctl" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "amd64", + "x32" + ] + } + }, + { + "names": [ + "modify_ldt" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "amd64", + "x32", + "x86" + ] + } + }, + { + "names": [ + "s390_pci_mmio_read", + "s390_pci_mmio_write", + "s390_runtime_instr" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "s390", + "s390x" + ] + } + }, + { + "names": [ + "riscv_flush_icache" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "arches": [ + "riscv64" + ] + } + }, + { + "names": [ + "open_by_handle_at" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_DAC_READ_SEARCH" + ] + } + }, + { + "names": [ + "clone", + "clone3", + "fanotify_init", + "fsconfig", + "fsmount", + "fsopen", + "fspick", + "lookup_dcookie", + "mount", + "mount_setattr", + "move_mount", + "name_to_handle_at", + "open_tree", + "perf_event_open", + "quotactl", + "quotactl_fd", + "setdomainname", + "sethostname", + "setns", + "syslog", + "umount", + "umount2", + "unshare" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_ADMIN" + ] + } + }, + { + "names": [ + "clone" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 0, + "value": 2114060288, + "op": "SCMP_CMP_MASKED_EQ" + } + ], + "excludes": { + "caps": [ + "CAP_SYS_ADMIN" + ], + "arches": [ + "s390", + "s390x" + ] + } + }, + { + "names": [ + "clone" + ], + "action": "SCMP_ACT_ALLOW", + "args": [ + { + "index": 1, + "value": 2114060288, + "op": "SCMP_CMP_MASKED_EQ" + } + ], + "comment": "s390 parameter ordering for clone is different", + "includes": { + "arches": [ + "s390", + "s390x" + ] + }, + "excludes": { + "caps": [ + "CAP_SYS_ADMIN" + ] + } + }, + { + "names": [ + "clone3" + ], + "action": "SCMP_ACT_ERRNO", + "errnoRet": 38, + "excludes": { + "caps": [ + "CAP_SYS_ADMIN" + ] + } + }, + { + "names": [ + "reboot" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_BOOT" + ] + } + }, + { + "names": [ + "chroot" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_CHROOT" + ] + } + }, + { + "names": [ + "delete_module", + "init_module", + "finit_module" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_MODULE" + ] + } + }, + { + "names": [ + "acct" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_PACCT" + ] + } + }, + { + "names": [ + "kcmp", + "pidfd_getfd", + "process_madvise", + "process_vm_readv", + "process_vm_writev", + "ptrace" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_PTRACE" + ] + } + }, + { + "names": [ + "iopl", + "ioperm" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_RAWIO" + ] + } + }, + { + "names": [ + "settimeofday", + "stime", + "clock_settime" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_TIME" + ] + } + }, + { + "names": [ + "vhangup" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_TTY_CONFIG" + ] + } + }, + { + "names": [ + "get_mempolicy", + "mbind", + "set_mempolicy" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYS_NICE" + ] + } + }, + { + "names": [ + "syslog" + ], + "action": "SCMP_ACT_ALLOW", + "includes": { + "caps": [ + "CAP_SYSLOG" + ] + } + } + ] +} diff --git a/configs/lep-lab/docker/devices b/configs/cs630-qemu-lab/docker/container/placeholder similarity index 100% rename from configs/lep-lab/docker/devices rename to configs/cs630-qemu-lab/docker/container/placeholder diff --git a/configs/lep-lab/Dockerfile b/configs/lep-lab/Dockerfile deleted file mode 100644 index b992e96..0000000 --- a/configs/lep-lab/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -FROM tinylab/cloud-ubuntu-dev_cn_input -MAINTAINER Wu Zhangjin wuzhangjin@gmail.com - -ENV DEBIAN_FRONTEND noninteractive -ENV HOME /home/ubuntu/ - -# For lepd -## -## perf heavily depends on host kernel version, it is not meaniful to preinstall it in docker image. -## so, linux-tools-`uname -r` should be installed on the fly? -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - libev-dev \ - linux-tools-common linux-tools-generic linux-tools-4.4.0-98-generic \ - libncurses5-dev \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - gcc-arm-linux-gnueabi \ - gcc-aarch64-linux-gnu \ - libc6-dev-arm64-cross \ - libc6-dev-armel-cross \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - qemu-user \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - -# For lepv -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - python3-pip \ - && pip3 install flask \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - -RUN pip3 install flask_socketio - -# Can not use python 2.7 by default, for supervisor doesn't work with python >= 3 -#RUN update-alternatives --install /usr/bin/python python /usr/bin/python2.7 41 \ -# && update-alternatives --install /usr/bin/python python /usr/bin/python3.4 45 \ -# && update-alternatives --set python /usr/bin/python2.7 \ -# && chmod a+rw /etc/alternatives/ \ -# && chmod a+rw /var/lib/dpkg/alternatives/ - -EXPOSE 5900 8889 22 - -WORKDIR /labs/ - -ENTRYPOINT ["/tools/lab/run"] diff --git a/configs/lep-lab/docker/caps b/configs/lep-lab/docker/caps deleted file mode 100644 index 875e938..0000000 --- a/configs/lep-lab/docker/caps +++ /dev/null @@ -1,2 +0,0 @@ -sys_admin -net_admin diff --git a/configs/lep-lab/docker/limits b/configs/lep-lab/docker/limits deleted file mode 100644 index 2add7dc..0000000 --- a/configs/lep-lab/docker/limits +++ /dev/null @@ -1 +0,0 @@ ---cpu-shares=512 diff --git a/configs/lep-lab/docker/name b/configs/lep-lab/docker/name deleted file mode 100644 index fb1500f..0000000 --- a/configs/lep-lab/docker/name +++ /dev/null @@ -1 +0,0 @@ -tinylab/lep-lab diff --git a/configs/lep-lab/docker/portmap b/configs/lep-lab/docker/portmap deleted file mode 100644 index f0c3214..0000000 --- a/configs/lep-lab/docker/portmap +++ /dev/null @@ -1 +0,0 @@ -8889:8889 diff --git a/configs/lep-lab/system/etc/sudoers.d/ubuntu b/configs/lep-lab/system/etc/sudoers.d/ubuntu deleted file mode 100644 index 7fe0202..0000000 --- a/configs/lep-lab/system/etc/sudoers.d/ubuntu +++ /dev/null @@ -1,3 +0,0 @@ -Cmnd_Alias LAB_TOOLS = /labs/lep-lab/lepd/lepd,/usr/bin/apt-get,/usr/bin/pkill,/usr/bin/qemu-arm - -ubuntu ALL=(ALL) NOPASSWD: LAB_TOOLS diff --git a/configs/lep-lab/system/home/ubuntu/Desktop/home.desktop b/configs/lep-lab/system/home/ubuntu/Desktop/home.desktop deleted file mode 100644 index b2ea398..0000000 --- a/configs/lep-lab/system/home/ubuntu/Desktop/home.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=Help Page -Comment=LEP Lab Project Home page -Exec=/usr/bin/chromium-browser https://tinylab.org/lep-lab -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/lep-lab/system/home/ubuntu/Desktop/lab.desktop b/configs/lep-lab/system/home/ubuntu/Desktop/lab.desktop deleted file mode 100644 index 21de101..0000000 --- a/configs/lep-lab/system/home/ubuntu/Desktop/lab.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=LEP Lab -Comment=An open-sourced all-in-one toolbox for Linux/Android performance profiling & visualization -Exec=/usr/bin/terminator --working-directory=/labs/lep-lab/ -T "LEP Lab" -Icon=/usr/share/pixmaps/terminator.png -Type=Application diff --git a/configs/lep-lab/system/home/ubuntu/Desktop/lepv.desktop b/configs/lep-lab/system/home/ubuntu/Desktop/lepv.desktop deleted file mode 100644 index 71d74dc..0000000 --- a/configs/lep-lab/system/home/ubuntu/Desktop/lepv.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=LEP Monitor -Comment=Start lepv web monitor -Exec=chromium-browser http://localhost:8889 -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/lep-lab/tools/container-run b/configs/lep-lab/tools/container-run deleted file mode 100755 index 62f83c6..0000000 --- a/configs/lep-lab/tools/container-run +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -# -# startup.sh -- lab specific startup script, -# - -TOP_DIR=$(cd $(dirname $0) && pwd)/ - -# Install perf, compile and run lepd, run lepv backend -LEP=/labs/lep-lab/lep.sh -$LEP perf & -PREBUILT=1 $LEP lepd & -sudo -u $UNIX_USER $LEP lepv & diff --git a/configs/lep-lab/docker/volumemap b/configs/linux-0.11-lab/docker/container/placeholder similarity index 100% rename from configs/lep-lab/docker/volumemap rename to configs/linux-0.11-lab/docker/container/placeholder diff --git a/configs/rtthread-lab/docker/volumemap b/configs/linux-lab/docker/container/placeholder similarity index 100% rename from configs/rtthread-lab/docker/volumemap rename to configs/linux-lab/docker/container/placeholder diff --git a/configs/linux-lab/tools/container-run b/configs/linux-lab/tools/container-run index cfea3e8..a5d42f4 100755 --- a/configs/linux-lab/tools/container-run +++ b/configs/linux-lab/tools/container-run @@ -111,3 +111,6 @@ $TOP_DIR/restart-net-servers.sh # FIXME: Disable git detachedHead advice, bsp submodule use FETCH_HEAD currently. git config --global advice.detachedHead false + +# Clean up the target directory +rm /binutils-arm-linux-gnueabi.tar.gz & diff --git a/configs/markdown-lab/docker/container/placeholder b/configs/markdown-lab/docker/container/placeholder new file mode 100644 index 0000000..e69de29 diff --git a/configs/pwn-lab/Dockerfile b/configs/pwn-lab/Dockerfile index decb66a..aa320ce 100644 --- a/configs/pwn-lab/Dockerfile +++ b/configs/pwn-lab/Dockerfile @@ -10,7 +10,7 @@ find /var/log -type f -delete\n\ exit 0\n\ ' > /cleanup && chmod +x /cleanup -RUN apt-get update && apt-get -y upgrade +RUN apt-get -y update RUN apt-get -y install python3-pip \ && pip install pqi \ && pqi use tuna diff --git a/configs/rtthread-lab/Dockerfile b/configs/rtthread-lab/Dockerfile deleted file mode 100644 index cff2d3f..0000000 --- a/configs/rtthread-lab/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ -FROM tinylab/cloud-ubuntu-vm -MAINTAINER Wu Zhangjin wuzhangjin@gmail.com - -# Building system - -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - scons \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - -# Gcc toolchain with libnewlib -# ref: https://launchpad.net/gcc-arm-embedded/ - -RUN url=https://launchpad.net/gcc-arm-embedded \ - && path=5.0/5-2016-q3-update/+download \ - && file=gcc-arm-none-eabi-5_4-2016q3-20160926-linux \ - && suffix=tar.bz2 \ - && wget -c $url/$path/$file.$suffix \ - && tar jxf $file.$suffix --strip-components=1 -C /usr/local \ - && rm -rf $file \ - && rm $file.$suffix - -# For scons --menuconfig - -RUN apt-get -y update \ - && apt-get install -y --force-yes --no-install-recommends \ - libncurses-dev \ - && apt-get autoclean -y \ - && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /var/cache/apt/archives/*.deb - - -EXPOSE 5900 22 - -WORKDIR /labs/ - -ENTRYPOINT ["/tools/lab/run"] diff --git a/configs/rtthread-lab/docker/caps b/configs/rtthread-lab/docker/caps deleted file mode 100644 index ec7c167..0000000 --- a/configs/rtthread-lab/docker/caps +++ /dev/null @@ -1,4 +0,0 @@ -sys_module -sys_admin -net_admin -mknod diff --git a/configs/rtthread-lab/docker/devices b/configs/rtthread-lab/docker/devices deleted file mode 100644 index a13408a..0000000 --- a/configs/rtthread-lab/docker/devices +++ /dev/null @@ -1 +0,0 @@ -/dev/net/tun diff --git a/configs/rtthread-lab/docker/limits b/configs/rtthread-lab/docker/limits deleted file mode 100644 index 91e089d..0000000 --- a/configs/rtthread-lab/docker/limits +++ /dev/null @@ -1 +0,0 @@ ---cpu-shares=1024 diff --git a/configs/rtthread-lab/docker/name b/configs/rtthread-lab/docker/name deleted file mode 100644 index b5668e3..0000000 --- a/configs/rtthread-lab/docker/name +++ /dev/null @@ -1 +0,0 @@ -tinylab/rtthread-lab diff --git a/configs/rtthread-lab/system/etc/sudoers.d/ubuntu b/configs/rtthread-lab/system/etc/sudoers.d/ubuntu deleted file mode 100644 index 2846bd2..0000000 --- a/configs/rtthread-lab/system/etc/sudoers.d/ubuntu +++ /dev/null @@ -1,3 +0,0 @@ -Cmnd_Alias LAB_TOOLS = /usr/local/bin/qemu-system-cskyv2,/usr/bin/qemu-system-aarch64,/usr/bin/qemu-system-arm,/usr/bin/qemu-system-mips64el,/usr/bin/qemu-system-ppcemb,/usr/bin/qemu-system-i386,/usr/bin/qemu-system-mipsel,/usr/bin/qemu-system-x86_64,/usr/bin/qemu-system-mips,/usr/bin/qemu-system-ppc,/usr/bin/qemu-system-x86_64-spice,/usr/bin/qemu-system-mips64,/usr/bin/qemu-system-ppc64,/bin/mount,/bin/umount,/bin/cpio,/usr/bin/update-alternatives,/bin/cp,/usr/bin/make,/sbin/modprobe - -ubuntu ALL=(ALL) NOPASSWD: LAB_TOOLS diff --git a/configs/rtthread-lab/system/home/ubuntu/Desktop/help.desktop b/configs/rtthread-lab/system/home/ubuntu/Desktop/help.desktop deleted file mode 100644 index 6cf9370..0000000 --- a/configs/rtthread-lab/system/home/ubuntu/Desktop/help.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=Help Page -Comment=Project Home Page -Exec=/usr/bin/chromium-browser http://www.tinylab.org/rtthread-lab/ -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/rtthread-lab/system/home/ubuntu/Desktop/lab.desktop b/configs/rtthread-lab/system/home/ubuntu/Desktop/lab.desktop deleted file mode 100644 index 4978dc4..0000000 --- a/configs/rtthread-lab/system/home/ubuntu/Desktop/lab.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=RT-Thread Lab -Comment=Cloud Lab for RT-Thread Development -Exec=/usr/bin/terminator --working-directory=/labs/rtthread-lab/ -T "RT-Thread Lab" -Icon=/usr/share/pixmaps/terminator.png -Type=Application diff --git a/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-repo.desktop b/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-repo.desktop deleted file mode 100644 index 9021455..0000000 --- a/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-repo.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=RT-Thread Git Repo -Comment=RT-Thread Git Repository -Exec=/usr/bin/chromium-browser https://github.com/rt-thread/rt-thread.git -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-site.desktop b/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-site.desktop deleted file mode 100644 index 93b149f..0000000 --- a/configs/rtthread-lab/system/home/ubuntu/Desktop/rt-thread-site.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=RT-Thread Home Page -Comment=RT-Thread Home Page -Exec=/usr/bin/chromium-browser http://www.rt-thread.org/ -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/rtthread-lab/system/home/ubuntu/Desktop/showterm.desktop b/configs/rtthread-lab/system/home/ubuntu/Desktop/showterm.desktop deleted file mode 100644 index 887fb25..0000000 --- a/configs/rtthread-lab/system/home/ubuntu/Desktop/showterm.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=Terminal Demo -Comment=Demonstration page with showterm.io -Exec=/usr/bin/chromium-browser http://showterm.io/4551e753b1518243d2a83 -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/rtthread-lab/tools/container-run b/configs/rtthread-lab/tools/container-run deleted file mode 100755 index ad5c169..0000000 --- a/configs/rtthread-lab/tools/container-run +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -# -# startup.sh -- lab specific startup script, -# - -TOP_DIR=$(cd $(dirname $0) && pwd)/ - -# Enable network bridge support - -$TOP_DIR/enable_net_bridge.sh diff --git a/configs/rtthread-lab/tools/enable_net_bridge.sh b/configs/rtthread-lab/tools/enable_net_bridge.sh deleted file mode 100755 index df4e498..0000000 --- a/configs/rtthread-lab/tools/enable_net_bridge.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -# enable_net_bridge.sh -# -# Copyright (C) 2016-2021 Wu Zhangjin -# - -ip=`ifconfig eth0 | grep "inet " | tr -d -c '^[0-9. ]' | awk '{print $1}'` -route=`route -n | head -3 | tail -1 | tr -s ' ' | cut -d' ' -f2` - -echo ip=$ip gateway=$route - -brctl addbr br0 -brctl addif br0 eth0 -ifconfig eth0 down -ifconfig eth0 0.0.0.0 up -ifconfig br0 $ip up -route add default gw $route br0 diff --git a/configs/tinylab.org/docker/container/placeholder b/configs/tinylab.org/docker/container/placeholder new file mode 100644 index 0000000..e69de29 diff --git a/configs/tinylab.org/system/home/ubuntu/Desktop/demo.desktop b/configs/tinylab.org/system/home/ubuntu/Desktop/demo.desktop deleted file mode 100644 index 1c2e778..0000000 --- a/configs/tinylab.org/system/home/ubuntu/Desktop/demo.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Name=Demo Page -Comment=Demonstrate how to write a post -Exec=/usr/bin/chromium-browser http://showterm.io/77c13ecbfe82b963029d7 -Icon=/usr/share/pixmaps/chromium-browser.png -Type=Application diff --git a/configs/tinylab.org/system/home/ubuntu/Desktop/local.desktop b/configs/tinylab.org/system/home/ubuntu/Desktop/local.desktop index 295dc87..9db8a8d 100644 --- a/configs/tinylab.org/system/home/ubuntu/Desktop/local.desktop +++ b/configs/tinylab.org/system/home/ubuntu/Desktop/local.desktop @@ -2,6 +2,6 @@ Encoding=UTF-8 Name=Local Page Comment=Local site of https://tinylab.org -Exec=/usr/bin/chromium-browser http://localhost:8080/ +Exec=/usr/bin/chromium-browser http://tinylab:8080/ Icon=/usr/share/pixmaps/chromium-browser.png Type=Application diff --git a/images/3rd-party/firefox.png b/images/3rd-party/firefox.png new file mode 100644 index 0000000000000000000000000000000000000000..39e77389022cb1b1205bbe2505739560521283f8 GIT binary patch literal 5459 zcmV-Z6|CxsP)}~$@tQ4Ys>+O4?#ibw z_eg`@%SYe;MWj*ZL}YcV`H!ss(b(m}vh#(>iw?t&gxLItL)TuW>4C@ov>kfPfdjWa z=Ao>)L~=OVC=KO56fTvkKG9s>y{7t_#PJuvaEwVF86ImzMvp!eku zOI5V>XV*S)S*`a?3E_FwiX_%bC5O9kXijoil3rI5aY+UL95T<{hhQZr04k1W&wsA- zs>;|hhm1-N_Z7Xje^Bamo&S|@y`UlKJIMSb-Xlmt!$}T(GLu{Xsx_6pasIdcd$PZx zS=SsE!zHSBzIE^8#QO=d0GTiFv5)49S~hP3FcN3a+5eH&3o7+Q>3PZFzL4~rdr~u% z`JcJr1q}RTfEYm0mt_%Pv?>3x=VRT2)0ZdjYJaKr6KTe08mG3e0E~N3LS4B#NzLiZ z%dUH3-+T&)ML+~aL@{*!7w3Mm9_-KP0s=b^=yiz`$r{UGSkjVQF7eqZqzcYr0I`}u z;$i?46$2Scz*u0sY5#id8~km%_Hy0Ym3(T~ry7^8dvyC-fQO}(xF$==cafW(al^I| zwO0@nvanzt30(2xSDdr`Z+Cor?ga<_HA#669a#uHbfsv!yBSt8GAaU^gzRimg^;7A zAcBEQOCdz(0wA$MdBB29Y+Y;rGInt|_rPc5+Lg=r_^t1)UApm6-ERP4=?%!1FyAq$ zHmhz!BYTH&g4p2KOyWksgV%(Y%+AZl#zySYMC~y* zzn2TwUalWsGyoY_hNV@}vzK*#U4l;FVX*!R01_cYh8|E!hsNsknODEy;U{1D;p)k# zBL@*hOctJZQJ8=r2!MiNw0ExLOMmgd*>d@3+3~oyqDeOR9t1E0v7rzEgho|P52<~X zV4%i|34S%Hx=*Fu-tZRS7})}Z0iyceQ};|CKbHQhh}98>OqZ*H#WM!PK5A;s4^}m& z_OSB@=OZowRYWzK5QLI(N)rYQ2$`_^x{b{39%I9gT@fc7K_Cdx^Z+ZUs;tKuU^r#d zOCRUI@E32Z-Ym{p4iTI#JDwwc!QuYtqHL%^f#g z2(B<5!Ad;{$ndM1VP@>Rc^$2TBdp(kO=;B^0Ra>Mf`D4g)u<+>fBZUqU)JiHr5O>D z(CScDWvuEN$aC-tl-8f2D=@5{fkp5PWNbS2{YfBh@tn{EMvA6~VUTfTTaKlsXzvGvp|ApkOj8idj-hDi(|U}jVjd$g)L8sf`S za!hT5iWDgFwNno~XkE?!PRZzS9rRU+A7lz-!^5|NsCsiBTerUp*O+JT?o-G@jUbAN zED-t?+6O1N>0{?nY0NS8pzkp{y^nPdxsmbB2hh|*2AD)xViN?Z7!bDrslV{i;R}EB zR(F%4rW9XEf+GqOkuBA59$uF=K9%K!9Kar7x^br68fh%733}$ytvg0{#2Ed7jF@?6lti=_V(iW7f0P!4( zexfPoX_9=Zcd!!x14y#DY_R?lb*-6fUowE>XJE_t!r=e}MCeyykHDTfjJD$1*&;CL$7(Ry zfW(0Sy{zb~35?XiDZ8#ai`}~)j5XpM!WEl0ci{%0ZT>1jLxAs0W9eroCTmZ z*@~oJ#y`>WZDcIaYy5I2}ZkH=U?CaznN)Qpx!GDD)iADAwlstQ5=dF z!R2@$!B7Hf0n8%{0r;Fi2!0Si&^T3tt}aa9oFdb+kVOkAr45MZk`kf}$0Me0xn|E? zlj``~k&|}ATVO{9aj*iR#aF&{8oT$8_sv@XB5^wq3#fUN_#80Bn~>xLAeiAS;DSeT z2wB8qhsolHndV{uIYFQ!pxQUjh|g(3rl1BLEdmGv6=D0&g)bt2Xbd1Wq36+x3*DJ9 zMpo?|Oy23hG(#IudJoSbW!>6!mMcwAoktDyd{cG?}HRjz=5^h!UmWDU_M}#v8Dkec>_T3-T<3DICjls zFF8r8S@dk>sUK z+d2ov!D~c{n#Ecs%ki$Lw>F^*r=R>KG6`h9m(wN7a(suhU%Pqj^vQfY$KOkRxA-$z zr|5ICK50(Ih7C6`Q9B4Ng|^Ens?8;YuIsP8Ow2;c;K7$d{`*DE>9yrrfe->jNJ5}c z$S_N6PQn*k`zIgKTy_XdkDNY3lUD;XP{0JP8RPM1e1K2ia2fz)24WZi%wv`y>d+h` z#}o?!Ib`G*)+gk6G|T#kPdVlIuR|*Va|Ps>Vuu0ychT#k9qwl&{n$JTE`E1EY2ir!p?TfGl@QZ^3( z{DB6R3St5|JNMZa0PlSm1dtzyLJ}9AK5^SsH|*PX+sy9e8>XA>IQ0PN(A^i%aAdCr zS1#j8=X{hsGt2qh^{0awq$%P(_ykK8af+!D5PT>?5D$_WQUp-ojYg%z6Hb3C%(-Yf z0b)Pi!%fY{$x8(A^lLa!M@7MeV9cEU_r1>tEYMAfA}Jp{sU`J#HZS%Ooo~LRGuNa( z(u#=>{m|n|y&fh8(-HXWDqeodI{?c=I0Im?4Wgj&WlMw*-}?s-J}W}NgBUb(^DjRA zUs%Qr%qN4@cLGywNJ5-E5djrQgfLetu1sA2`3@fjGRu6Zj3k2%$PYx3rm0~e`&6a% zPmk|4U$XzsY1VAL9U%Z#dP7vY`)Y$Nu($<5;Oi@R`Geojbo~JD{PrVRkOlDMcmM)L z06tIzVS=Je)(`UHFSJyXFpzQEPN*juh3gI>~|zPORO^@wHnxu6|2lt|y=h)c~~=9C4xw9!MlU@FZ4> zJ`vK}Cra-XBoE$RfmzR+_pX^3C5hW`8D;rakV>qRQ8y0=UCf@L7eqozti$xQe1VnUmXp;r97UUcIYx zTb6|m;8{d2S@vKwfnmZ-hKx8>P$y4gf zHRux8BquC#9fFXxtIXZJ63MD@@{SO6=0k^i&-u+e=5I8kleT(3WP!yHrY?b{CAHCN zg2>4053RfG%&h*Fpcz3@e9p*thsntv&czLg8zBUUn?ZTXI_L{HvO=jZSMDkY-FAcd zy;E`Wu0MH6gd53z?#$cvy%w13_R<~@SVAIeF5~WGsY!LDQW0eAqX#xU|3M-7vq1^0+dD?*&_sXbqj@w@Zq)SW&fdTKwPs;14cXG> zqeRzV$~~&*w9?R;Afq2XxaoNh_Q{``WCYFdQc$g>`8K39>H(r@5nBiZhQlZuUCg+} z%Af-ChZ@Z78^?N890}?Q<62R!OVVGsuzTn0%w#qrbOFyjNZiIpajzui5|f&UjJ|ee z-GyhQ^?w%e<3T(@vOZoswR*<*SjI?Wunm+qf_Tn>SXpZAi#`OQHD70D-x!uwaX6G5 zQ^XvmGW(rc`nwk;x4*%RLuttFmHD^)K!qGAS1stzv9^Eb|(I{iX9)+)87a@ zK?+b$qv2^beSa&QS}BYpE5!Z?)6nTua^p2R^9=|IY8s6X%y;4X4_D@Y{>MjleFJ2^ z=hODU{Lu~o5U=VgQWcS=z{qF!Z~po9mi)Lyy{zp$VB8N0D=y`M zNGqsIl0=cJsMH0i|IGaIt&i!BJ!N%Bo=|~x#0?mlev|+pCNT;DD-e{_xMRPDPrS8p z@YR1kvil~3&S88A9iLieGpPZ_{glwWm@<;yuBWV~~+!W<4Mc!DrsYhhFcf7%v5I z5kC@DMH6!(c^G1*BIZDxh&Vt6#6Un0v0NAs%q+wJa?D%ieJ0*$n*qjAmN0b@KXSQ5 zNK_J3s34e#D54mcVWNb9A;IusK6tZ$(aiviAEAWFi}~-Y{|A@l!IR{@Y-<1j002ov JPDHLkV1nRpQxpII literal 0 HcmV?d00001 diff --git a/images/3rd-party/gnome-terminal.svg b/images/3rd-party/gnome-terminal.svg new file mode 100644 index 0000000..248186a --- /dev/null +++ b/images/3rd-party/gnome-terminal.svg @@ -0,0 +1,101 @@ + + + + Adwaita Icon Template + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + GNOME Design Team + + + + + Adwaita Icon Template + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/images/3rd-party/lxterminal.png b/images/3rd-party/lxterminal.png new file mode 100644 index 0000000000000000000000000000000000000000..b8207a66f253f525d3714b4e6005f4df6563674f GIT binary patch literal 5561 zcmV;q6-MfbP)y{D4^02M1qL_t(|+U;F!Y#mj4K6CH2^BrR# z5IbHBm~KcdLI{Z9mZb_GYLZ3l2C+y8Y2nBID?d=R&8h+kQ2VE?R01VZDS`?i5vlxO z+lEvW6tS>XHz<%$5<*BoU>pdE?f5&fb3N1d8T-9H_xQ}rnVEAxd^5)y&D@ze1pA*Zr*X6Q?$H|h;XFh1R(GW z1bBaUclXM5>()7~t*xR^C}e2VpiNFrih+Rv@%iVUd&iC)8zeHUA`*CUj}sTYpDbFm zDA&`|<1{rjiDI!RMn^|8G^*{l9Y-u%woJ6Qw`1;n_0?C4i4eEZrvI%d0m%A)asBnz zF9Y}^BO~I(i4)?@H{S#cGgPYB)~{bLwr}4q)~;PER;*Yd+S=NhdwY8ys5k-0=dbJR z?DU=f$&)9=gAYDP3|uO@x;p7ZmX-GN#EcSovx4MF!sK~g*?exJBlY8LA^oHs<__ga z`zP%eye)k{FXTMU`kg<2UK~1fQ0(5lTkPAnPpn?OS`a2peSLj5CLvSo2(G!g*`M#( zv&TQd4IBR02j83hbLk{;zU7nWPvoac%QG8hz9J^qlef*R|?Qb@nYXCRD}TC_V3?MCvs&8colRl2n@RC z@zl8KAGfKgNijS;LJBbEr-C&j0G~cHdES@vmz@%fGb}I1)&#t$i?0$U zjEuT%>HCF|ByK-F=vY5CHcG&c`Z0jbmM)1e^RY7Mb6-}q_W0l>Q;9IOu+uM$Bysx9 z|9`T|BHJ1n8MR{V_6dNKcHKAr3>&3{zGq;Ksg-qa$Et1SUsFVNbP`t^F3cVj;JbF2E}b0&S*l^(OIr3|RcxvuDM`#KH#NQW_Y1H!x1>R?ia8pC>1$ zD54+orM{7x1p;{1Qnz}NcwRR(b%88?$S>74VoRL`l&66m2QcyL zwUBuE98kHtSmnM#F2GIb*DEjaa{uCV(J$Rz%yM7RG%%@OuY|;xAH(xO9~c;1PQ)Vjm-j`H3RS#|C8w`C0r+{hWYND}iC6bW3Aew0AoKN=cLA00>v1H$Y#*9N zXGi2*>=Awyf9*pKzaS-`N<5~YGnbsKrjq+TN1DK!vhvb@32mO zRzB%-^YaNR8d6a#+zoWAD)HsZj=zke4&Sa--&$5F0t78zgmnND(CtV(z{E$#$(7b& zbPfhQ!D<$eM&c#tC9p*abpDK5KE~e5 z{yq%!v@SsIA4LEeaGuw@i?HyTPcKH!ua`?1csanE18`pFwAX9G<} z{xHaM>0CMRDnK*O(~pz|dr_8OD+LH5Lm23~_0=YUl^7t(|Esli?19YIY^;ZWScdvtVwo2Wo731D0Dbq&O* z6bY=|4U8(Ks-Sc956MT+Cl`1ysh`uhgt#$)uKXKj`BBy{OS`G;2f0k!B(V5!s0ft! zAo5I1jQhEMnB@n7o+chJRe-2UpQ+@l(yp^^Qv%o~ft47*6nOcf;dwmV(lr6!gcM;e z!IlfCl;lT|KzEI8k-);JV6XHgRF>*VApBw4^1c43Da;)ti3idsfJv0E%6?iB*to4- zF&9woo1C(By8M~P=tluwDVGqIrNs67VNt#;`*HnzwXEL)0n`(7%WC8DiDSerqJ6cl zp9K84E+Hx)3=90C{Jx3goA~)4pmpbEQxUACfw~LIU;}&%!YY02+k;df%*w+`;8E+; zV6!e_0IuNateVdeQNH>kM?s@`Y=EC69*FDr*|(<+4s6y0~G{#8#os#T( z9&DOj6#o(Z`ewQO^cMm5;04 zr{;A4nemS(V;H&}E>M@LEe(U8OU^z@YOmO=$k+*z|`jc@7P@5(E$6!+bC zpIEYFiCDUHsW^G^cq*kg}v ztx6U^QuF7-!^6M%?6c4ABgQVTw~InjdI?!Yn_APC@1n_f)^w#;zWX=pTT$#9LLgs< z-*uGm_${5|KO{azqglnSUAtZ%8X9^C(K7rdR0@Fd11P9m!nbk?hB`VXY{#6_GJGa? z=aYaG?~@%nc5G-w6)7~@7oxOkqk4;1EjH=y0L}}JX4gXj$Om^dsvBvzI>6Z2*i{T3 ztR3kUa&D*r(kh-%QA0|`pAlhW!oKK(Nm7sHufF=~#!La~yuI|&OPl-p`j!AZfC_*C zJo|IVK0pOAFhTBlncV^a2NBQ*eIzcV6M)?beZHRlMUw#m)OB9Kb}yh$LleLW0NM!v+6l4xd1N4v z{^-(6FD>);09;l8e8$8s0N}Fab8v|M=z}?LCv|CiQD z*p314u}JXBE3d4-`R1E{Nm9T0?YG~)dj0zK{tXt?%~5Uz&>RDBP{=BPv=3D_c|vKn zwY9Z0@(G{$4JI2mZahW*XU~BH2VQ;n;fIeJf*)o1CS<4>DGC(;JPLSI@U`1kty)!h z{q@&>-Pzf>og(=kk<2&2YQOyQOL4^&SNQexp`oFY3cz{+rfluH0VNyqodNsP)zeQLqfUDd17t=8@p0 zn{HaNYuB!wS6y}0Hj?=!b#N!F6*o?}_=DgNK3rFWH)$XQ)PkP}z=Rt)JOqx2*Gy9v zk?!%{-rm3X_S{`Vy7 zO$>-S1e+|TE{=eC}b?d)c z0^AR64EB@vapNdM!4mK}OT?IW+;`u7cUMnO&rf01ux7p+rrt$^?85~xaPadshL~}1 z$Y~?)>BF_?-daNI3*-)-Arfrev}x1B5+J75Erae!#X46ZgRAs$0+u6Hp^y;xB!K6n zFQg+tes(JD|Hd0{{M9YD-15_zAA+1JlVg5u8s^x>MIISAj`XbsOmsX9gyl!b3Ha&hyJmprNx2OBWK6NH*hfL3ESZU5cMO1=b(6`nc|P@&YU^(hr@>t56ph2e84pl7UC$AI4jn@0G*}B zA%SBEeADc5LHg{kBMIF~5q(YtpXZqPSwy62U0q$`*s)`N%Ellw;D`%&oL!PQfL#eP z41V&NCw#^^%A~|O5*Zx|Tpyrr%@VPjXTP7kt|^AW#JS#%2D^EL$fc0{T*$sbCt$M8 zpU4V-jFGge+{=$eD;DR+07s7=^?yoE&JqAVwkI9H0y04r&|f|m&KBf1gz$uOpmXbz zTw5-oqUx?wQhai86(CNkmh?olK5A@i?EgqU179b{J|7e3@F@La{~vz%!3O}ADEn)! z0>&9u&A(j$0&xL}kHe~>8+?LMyhMbrLn?x@&(1{{R2qW}bqo0j;7$HfE@eM$6^#h+ zJ<0k56x}yt4*SOpa}5Yr%#{u=Kv2D$z+gAzg#0wV*ro|DIfBF^hFwo8iQO$ zmhU0RcM@?SMS@v0K)qEd88o&Vf_yutUhYTWHFpm+yaqx^IVhHx- zAORwMt_Wg|;8Lv$s!tvRe8dDFeDHxda^whH#_ktieDQw*qIsb#i-2_|`vhH2&t$uk z!2ef66-v`H&ph)0UEJRgXp2$kS+{OoX>7gjeE_G&H;xcwLn->;!Gmx;9ue)ocI?>kWJGG_8l-S;h5D813?^w{m?a0TGgXerecyZU zy`u!czBOysY@)QP6^}~6LID&kS4GFPIC!28GK~q+&Uf%w0aWW(U%DX6I1>Y(*$v=-;8<`Ma4UEt2j+YSk$@ke zZU6D|%P;@Sr=Na0VhEg@V7qH!f4RyS>YI}SnWl1RM1&`weDWt07;YgyyMX}u5rOUi zcvvg|!+1abkx2%bOUQCsDZkB>iJ-pp8f1WPp9Q+~Tt3Z*Nr{e7jPZx(pMU<}Fg`z| zoU2<-OOiBXFb?WW0gMB%)%yiowrsil-h1!;Gg5|4WT`h15!yfmxg5-60@wuvJ%`UK zAx}8QY|-f)Wd?^y_76~m|NCd3efDsQJ9%zEN@$ZHI=`QIK!{Be*tkg)IJ)T3M<4Cj zym|BOF(l zmgco<*S3-iSwz9x@bTlv$7nn8z?~+*r-=kbnl6yMPvWz|_&-m?8}Va<3{eDeO#!Xs zK#)p+9($}HsX>7Px;$Bap5_kCbC~mXl6aRg2bbm^&8KNTO>%Dnyf9RRq+VK^?*~EXjHn$q*O#SR;OF zK>$;Q5HT!13j8G2@5HFT3t|2ci0M%9D0Of}im`t6M1ZjW8%B&E&}~_N8aGf05>y=Q zdLlqva+redRQUUO2^GPMAW6+H_Cjk;2x;mi2FP00vX-^1Wv!mu{{t;!x8=_jphExv z03v!+SaefwW^{L9a%BJjc-kv3FW1Y=%Pvk%EJ)SMFG>dhHrNJO5L3!r00000NkvXX Hu0mjf)8nul literal 0 HcmV?d00001 diff --git a/labs/lep-lab b/labs/lep-lab deleted file mode 160000 index 673cc23..0000000 --- a/labs/lep-lab +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 673cc232eb22e3c67e2f370b2f8d7da1fa736d2e diff --git a/labs/pwn-lab b/labs/pwn-lab index e7a6ce4..fdffa3d 160000 --- a/labs/pwn-lab +++ b/labs/pwn-lab @@ -1 +1 @@ -Subproject commit e7a6ce4f7997a16f913ce72310cd69825e8f6b5d +Subproject commit fdffa3d118af4021ddc52c1441db570fc6582e12 diff --git a/labs/rtthread-lab b/labs/rtthread-lab deleted file mode 160000 index de05f38..0000000 --- a/labs/rtthread-lab +++ /dev/null @@ -1 +0,0 @@ -Subproject commit de05f38d9d1dc7dac5cabc240dfb413485e4c67f diff --git a/tools/docker/config b/tools/docker/config index 58e5828..9335370 100755 --- a/tools/docker/config +++ b/tools/docker/config @@ -49,91 +49,89 @@ get_current() fi } -if [ -n "$IN_CONTAINER" ]; then - LAB_DIR="$LAB_WORKDIR" - TOOL_DIR="$TOOL_WORKDIR" - CONFIG_DIR="$CONFIG_WORKDIR" -else - get_current $1 - CONFIG_DIR="$TOP_DIR"/configs/$CURRENT -fi +get_current $1 +CONFIG_DIR="$TOP_DIR"/configs/$CURRENT CORE_SYSTEM_DIR="$TOOL_DIR"/system CONFIG_TOOL_DIR="$CONFIG_DIR"/tools CONFIG_DOCKER_DIR="$CONFIG_DIR"/docker +CONFIG_CONTAINER_DIR="$CONFIG_DIR"/docker/container CONFIG_SYSTEM_DIR="$CONFIG_DIR"/system -if [ ! -n "$IN_CONTAINER" ]; then - LAB_LOGIN="$TOP_DIR"/.login_method - LAB_VNC="$TOP_DIR"/.login_vnc - LAB_HOST="$TOP_DIR"/.host_name - LAB_DOCKER="$TOP_DIR"/.docker_name - LAB_OUTPUT="$TOP_DIR"/output - - DOCKER_DIR="$TOOL_DIR"/docker - DOCKER_IDENTIFY_CMD="$DOCKER_DIR"/identify - DOCKER_VNC_CMD="$DOCKER_DIR"/vnc - DOCKER_WEBVNC_CMD="$DOCKER_DIR"/webvnc - DOCKER_IP_CMD="$DOCKER_DIR"/newip - DOCKER_LIST_CMD="$DOCKER_DIR"/list - DOCKER_RELEASE_CMD="$DOCKER_DIR"/release - DOCKER_BASH_CMD="$DOCKER_DIR"/bash - DOCKER_SSH_CMD="$DOCKER_DIR"/ssh - DOCKER_WEBSSH_CMD="$DOCKER_DIR"/webssh - DOCKER_LOGIN_CMD="$DOCKER_DIR"/login - DOCKER_EXPORT_CMD="$DOCKER_DIR"/export - DOCKER_RESIZE_CMD="$DOCKER_DIR"/resize - DOCKER_PUBLISH_CMD="$DOCKER_DIR"/publish - DOCKER_PULL_CMD="$DOCKER_DIR"/pull - DOCKER_GIT_PULL_CMD="$DOCKER_DIR"/git-pull - DOCKER_TPROXY_CMD="$DOCKER_DIR"/tproxy - DOCKER_CLEAN_CMD="$DOCKER_DIR"/clean - DOCKER_BUILD_CMD="$DOCKER_DIR"/build - DOCKER_RM_CMD="$DOCKER_DIR"/rm - DOCKER_RM_ALL_CMD="$DOCKER_DIR"/rm-all - DOCKER_RMI_ALL_CMD="$DOCKER_DIR"/rmi-all - DOCKER_RUN_CMD="$DOCKER_DIR"/run - DOCKER_CHOOSE_CMD="$DOCKER_DIR"/choose - DOCKER_STOP_CMD="$DOCKER_DIR"/stop - DOCKER_START_CMD="$DOCKER_DIR"/start - DOCKER_START_ALL_CMD="$DOCKER_DIR"/start-all - DOCKER_UNLOCK_CMD="$DOCKER_DIR"/unlock - DOCKER_XTERM_CMD="$DOCKER_DIR"/get_xterm - DOCKER_CMD_CMD="$DOCKER_DIR"/cmd - DOCKER_NOTIFY_CMD="$DOCKER_DIR"/notify - DOCKER_LIBS="$DOCKER_DIR"/libs - DOCKER_FILE="$CONFIG_DIR"/Dockerfile - - LAB_IMAGE="$CONFIG_DOCKER_DIR"/name - LAB_ENVS="$CONFIG_DOCKER_DIR"/envs - LAB_CAPS="$CONFIG_DOCKER_DIR"/caps - LAB_DNS="$CONFIG_DOCKER_DIR"/dns - LAB_DEVICES="$CONFIG_DOCKER_DIR"/devices - LAB_LIMITS="$CONFIG_DOCKER_DIR"/limits - LAB_PORTMAP="$CONFIG_DOCKER_DIR"/portmap - LAB_VOLUMEMAP="$CONFIG_DOCKER_DIR"/volumemap - LAB_BRANCH="$CONFIG_DOCKER_DIR"/branch - LAB_WEB_BROWSER="$CONFIG_DOCKER_DIR"/.web_browser - LAB_XTERM="$CONFIG_DOCKER_DIR"/.xterm - - LAB_TPROXY_LIMITS="$TPROXY_DIR"/limits - LAB_WPROXY_LIMITS="$WPROXY_DIR"/limits - - LAB_LOGO="$CONFIG_DIR"/lab-logo.png - LAB_HOST_RUN="$CONFIG_TOOL_DIR"/host-run -fi - +LAB_LOGIN="$TOP_DIR"/.login_method +LAB_VNC="$TOP_DIR"/.login_vnc +LAB_HOST="$TOP_DIR"/.host_name +LAB_DOCKER="$TOP_DIR"/.docker_name +LAB_OUTPUT="$TOP_DIR"/output + +DOCKER_DIR="$TOOL_DIR"/docker +DOCKER_IDENTIFY_CMD="$DOCKER_DIR"/identify +DOCKER_VNC_CMD="$DOCKER_DIR"/vnc +DOCKER_WEBVNC_CMD="$DOCKER_DIR"/webvnc +DOCKER_IP_CMD="$DOCKER_DIR"/newip +DOCKER_LIST_CMD="$DOCKER_DIR"/list +DOCKER_RELEASE_CMD="$DOCKER_DIR"/release +DOCKER_BASH_CMD="$DOCKER_DIR"/bash +DOCKER_SSH_CMD="$DOCKER_DIR"/ssh +DOCKER_WEBSSH_CMD="$DOCKER_DIR"/webssh +DOCKER_LOGIN_CMD="$DOCKER_DIR"/login +DOCKER_EXPORT_CMD="$DOCKER_DIR"/export +DOCKER_RESIZE_CMD="$DOCKER_DIR"/resize +DOCKER_PUBLISH_CMD="$DOCKER_DIR"/publish +DOCKER_PULL_CMD="$DOCKER_DIR"/pull +DOCKER_GIT_PULL_CMD="$DOCKER_DIR"/git-pull +DOCKER_TPROXY_CMD="$DOCKER_DIR"/tproxy +DOCKER_CLEAN_CMD="$DOCKER_DIR"/clean +DOCKER_BUILD_CMD="$DOCKER_DIR"/build +DOCKER_RM_CMD="$DOCKER_DIR"/rm +DOCKER_RM_ALL_CMD="$DOCKER_DIR"/rm-all +DOCKER_RMI_ALL_CMD="$DOCKER_DIR"/rmi-all +DOCKER_RUN_CMD="$DOCKER_DIR"/run +DOCKER_CHOOSE_CMD="$DOCKER_DIR"/choose +DOCKER_STOP_CMD="$DOCKER_DIR"/stop +DOCKER_START_CMD="$DOCKER_DIR"/start +DOCKER_START_ALL_CMD="$DOCKER_DIR"/start-all +DOCKER_UNLOCK_CMD="$DOCKER_DIR"/unlock +DOCKER_XTERM_CMD="$DOCKER_DIR"/get_xterm +DOCKER_CMD_CMD="$DOCKER_DIR"/cmd +DOCKER_NOTIFY_CMD="$DOCKER_DIR"/notify +DOCKER_LIBS="$DOCKER_DIR"/libs +DOCKER_FILE="$CONFIG_DIR"/Dockerfile + +LAB_IMAGE="$CONFIG_DOCKER_DIR"/name +LAB_ENVS="$CONFIG_DOCKER_DIR"/envs +LAB_CAPS="$CONFIG_DOCKER_DIR"/caps +LAB_DNS="$CONFIG_DOCKER_DIR"/dns +LAB_DEVICES="$CONFIG_DOCKER_DIR"/devices +LAB_LIMITS="$CONFIG_DOCKER_DIR"/limits +LAB_PORTMAP="$CONFIG_DOCKER_DIR"/portmap +LAB_VOLUMEMAP="$CONFIG_DOCKER_DIR"/volumemap +LAB_BRANCH="$CONFIG_DOCKER_DIR"/branch +LAB_WEB_BROWSER="$CONFIG_DOCKER_DIR"/.web_browser +LAB_PRIV_MODE="$CONFIG_DOCKER_DIR"/.priv_mode +LAB_XTERM="$CONFIG_DOCKER_DIR"/.xterm + +LAB_TPROXY_LIMITS="$TPROXY_DIR"/limits +LAB_WPROXY_LIMITS="$WPROXY_DIR"/limits + +LAB_LOGO="$CONFIG_DIR"/lab-logo.png +LAB_HOST_RUN="$CONFIG_TOOL_DIR"/host-run + +# Container writable +LAB_UNIX_PWD="$CONFIG_CONTAINER_DIR"/.unix_pwd +LAB_VNC_PWD="$CONFIG_CONTAINER_DIR"/.vnc_pwd +LAB_VNC_PWD_VIEWONLY="$CONFIG_CONTAINER_DIR"/.vnc_pwd_viewonly +LAB_VNC_IP="$CONFIG_CONTAINER_DIR"/.vnc_ip +LAB_VNC_TOKEN="$CONFIG_CONTAINER_DIR"/.vnc_token +LAB_UNIX_USER="$CONFIG_CONTAINER_DIR"/.unix_user +LAB_UNIX_UID="$CONFIG_CONTAINER_DIR"/.unix_uid +LAB_HOST_NAME="$CONFIG_CONTAINER_DIR"/.host_name +LAB_MIRROR_SITE="$CONFIG_CONTAINER_DIR"/.mirror_site + +# Host side only LAB_CONTAINER_NAME="$CONFIG_DOCKER_DIR"/.container_name LAB_CONTAINER_ID="$CONFIG_DOCKER_DIR"/.container_id -LAB_HOST_NAME="$CONFIG_DOCKER_DIR"/.host_name -LAB_UNIX_USER="$CONFIG_DOCKER_DIR"/.unix_user -LAB_UNIX_PWD="$CONFIG_DOCKER_DIR"/.unix_pwd -LAB_UNIX_UID="$CONFIG_DOCKER_DIR"/.unix_uid -LAB_VNC_PWD="$CONFIG_DOCKER_DIR"/.vnc_pwd -LAB_VNC_PWD_VIEWONLY="$CONFIG_DOCKER_DIR"/.vnc_pwd_viewonly -LAB_VNC_IP="$CONFIG_DOCKER_DIR"/.vnc_ip -LAB_VNC_TOKEN="$CONFIG_DOCKER_DIR"/.vnc_token LAB_TPROXY="$CONFIG_DOCKER_DIR"/.tproxy LAB_TPROXY_IP="$CONFIG_DOCKER_DIR"/.tproxy_ip LAB_SCREEN_SIZE="$CONFIG_DOCKER_DIR"/.screen_size @@ -145,9 +143,9 @@ LAB_CONTAINER_RUN="$CONFIG_TOOL_DIR"/container-run # Default variables [ -z "$LAB_SECURITY" ] && LAB_SECURITY=0 -DEF_USER=ubuntu -DEF_UID=1000 - +DEF_UNIX_USER=ubuntu +DEF_UNIX_UID=1000 +DEF_HOSTNAME=localhost DEF_PWD_LENGTH=6 DEF_PWD_TOTAL=100 @@ -156,13 +154,15 @@ DEF_TOKEN_LENGTH=6 [ -z "$DEF_TOKEN_DIR" ] && DEF_TOKEN_DIR=.vnc-tokens DEF_VNC_IP="0.0.0.0" +DEF_MIRROR_SITE="mirrors.ustc.edu.cn" + for cs in sha1sum shasum; do which $cs >/dev/null 2>&1 && DEF_ENCRYPT_CMD=$cs && break done [ -z "$ENCRYPT_CMD" ] && ENCRYPT_CMD=$DEF_ENCRYPT_CMD # Variables passed from host to container -VARS="UNIX_USER UNIX_UID UNIX_PWD VNC_PWD VNC_PWD_VIEWONLY VNC_IP VNC_TOKEN TPROXY_IP TPROXY VNC_SHARED SCREEN_SIZE HOST_NAME UNIX_IDENTIFY VNC_IDENTIFY SUDO_IDENTIFY HOST_OS LAB_SECURITY" +VARS="UNIX_USER UNIX_UID UNIX_PWD VNC_PWD VNC_PWD_VIEWONLY VNC_IP VNC_TOKEN TPROXY_IP TPROXY VNC_SHARED SCREEN_SIZE HOST_NAME UNIX_IDENTIFY VNC_IDENTIFY SUDO_IDENTIFY HOST_OS LAB_SECURITY MIRROR_SITE PWD_LENGTH PWD_TOTAL" debug_print () { @@ -260,6 +260,8 @@ if [ $LAB_SECURITY -eq 1 ]; then DEF_UNIX_IDENTIFY=0 # No sudo, no way to switch to root in clients DEF_SUDO_IDENTIFY=0 + # Enable vnc identify + DEF_VNC_IDENTIFY=1 [ -z "$VNC_SHARED" ] && VNC_SHARED=0 elif [ $LAB_SECURITY -eq 2 ]; then WEB_NOSSL=1 @@ -269,6 +271,8 @@ elif [ $LAB_SECURITY -eq 2 ]; then DEF_UNIX_IDENTIFY=1 # No sudo, no way to switch to root in clients DEF_SUDO_IDENTIFY=0 + # Enable vnc identify + DEF_VNC_IDENTIFY=1 [ -z "$VNC_SHARED" ] && VNC_SHARED=0 elif [ $LAB_SECURITY -eq 3 ]; then WEB_NOSSL=1 @@ -278,6 +282,8 @@ elif [ $LAB_SECURITY -eq 3 ]; then DEF_UNIX_IDENTIFY=1 # Can get root simply with sudo and password DEF_SUDO_IDENTIFY=1 + # Enable vnc identify + DEF_VNC_IDENTIFY=1 [ -z "$VNC_SHARED" ] && VNC_SHARED=1 else WEB_NOSSL=1 @@ -287,6 +293,8 @@ else DEF_UNIX_IDENTIFY=1 # Can get root simply with sudo and no password DEF_SUDO_IDENTIFY=2 + # Enable vnc identify + DEF_VNC_IDENTIFY=1 [ -z "$VNC_SHARED" ] && VNC_SHARED=1 fi @@ -313,8 +321,14 @@ get_var () #VAR #defval fi # If no variable specified or cached, use the default value if specified, otherwise, reserve empty - [ -z "$var_value" -a -n "$defval" ] && eval `eval echo \\$VAR='$defval'` - + if [ -z "$var_value" ]; then + if [ -n "$defval" ]; then + eval `eval echo \\$VAR='$defval'` + else + defval="`eval echo '$DEF_'${VAR}`" + eval `eval echo \\$VAR='$defval'` + fi + fi debug_print "`eval echo GET: $VAR=\\$${VAR}`" } @@ -396,4 +410,4 @@ host_init() LAB_NAME=$CURRENT } -[ ! -n "$IN_CONTAINER" ] && host_init +host_init diff --git a/tools/docker/container b/tools/docker/container new file mode 100644 index 0000000..a5f4a1b --- /dev/null +++ b/tools/docker/container @@ -0,0 +1,153 @@ +#!/bin/sh +# +# container -- Configure the common variables for container +# +# Copyright (C) 2016-2021 Wu Zhangjin +# + +if [ -z "$TOP_DIR" ]; then + TOP_DIR="$(cd "$(dirname "$0")"/../../ && pwd)" +else + TOP_DIR="$(cd "$(dirname "$TOP_DIR"/null)" && pwd)" +fi + +# Basic files/directories +TOOL_WORKDIR=//tools + +CONFIGS_DIR="$TOP_DIR"/configs/ +CONFIG_WORKDIR=//configs + +TOOL_DIR="$TOOL_WORKDIR" +CONFIG_DIR="$CONFIG_WORKDIR" + +CORE_SYSTEM_DIR="$TOOL_DIR"/system +CONFIG_SYSTEM_DIR="$CONFIG_DIR"/system + +CONFIG_DOCKER_DIR="$CONFIG_DIR"/docker +CONFIG_CONTAINER_DIR="$CONFIG_DIR"/docker/container + +# Container writable +LAB_UNIX_PWD="$CONFIG_CONTAINER_DIR"/.unix_pwd +LAB_VNC_PWD="$CONFIG_CONTAINER_DIR"/.vnc_pwd +LAB_VNC_PWD_VIEWONLY="$CONFIG_CONTAINER_DIR"/.vnc_pwd_viewonly +LAB_VNC_IP="$CONFIG_CONTAINER_DIR"/.vnc_ip +LAB_VNC_TOKEN="$CONFIG_CONTAINER_DIR"/.vnc_token +LAB_UNIX_USER="$CONFIG_CONTAINER_DIR"/.unix_user +LAB_UNIX_UID="$CONFIG_CONTAINER_DIR"/.unix_uid +LAB_HOST_NAME="$CONFIG_CONTAINER_DIR"/.host_name +LAB_MIRROR_SITE="$CONFIG_CONTAINER_DIR"/.mirror_site + +# Default variables +DEF_UNIX_USER=ubuntu +DEF_UNIX_UID=1000 +DEF_HOSTNAME=localhost +DEF_PWD_LENGTH=6 +DEF_PWD_TOTAL=100 + +DEF_MIRROR_SITE="mirrors.ustc.edu.cn" + +# Get default encrypt command +for cs in sha1sum shasum; do + which $cs >/dev/null 2>&1 && DEF_ENCRYPT_CMD=$cs && break +done +[ -z "$ENCRYPT_CMD" ] && ENCRYPT_CMD=$DEF_ENCRYPT_CMD + +# Lock the important files for security +__do_lock () +{ + [ `id -u` -ne 0 ] && SUDO=sudo + + [ -d "$CONFIG_DOCKER_DIR" ] && \ + $SUDO find "$CONFIG_DOCKER_DIR" -iname ".[^.]*" -exec chmod -f -R a-rw "{}" \; + + which chattr >/dev/null 2>&1 + if [ $? -eq 0 ]; then + $SUDO chattr -R +i "$CONFIGS_DIR" + $SUDO chattr -R +i "$TOOL_DIR" + fi +} + +# Unlock the important files for configuration +__do_unlock () +{ + [ `id -u` -ne 0 ] && SUDO=sudo + + which chattr >/dev/null 2>&1 + if [ $? -eq 0 ]; then + $SUDO chattr -R -i "$CONFIGS_DIR" + $SUDO chattr -R -i "$TOOL_DIR" + fi + [ -d "$CONFIG_DOCKER_DIR" ] && \ + $SUDO find "$CONFIG_DOCKER_DIR" -iname ".[^.]*" -exec chmod -f -R 664 "{}" \; +} + +do_lock () +{ + [ $LAB_SECURITY -ge 1 ] && __do_lock +} + +do_unlock () +{ + [ $LAB_SECURITY -ge 1 ] && __do_unlock +} + +get_var () #VAR #defval +{ + local var_value + local VAR + local defval + + VAR=$1 + defval=$2 + + # Get potential variable cache file + var_file="`eval echo \\${LAB_$VAR}`" + + # Init it as user input + var_value=`eval echo \\$${VAR}` + + # Load from variable cached file, if no user input specified + if [ -f "$var_file" -a -z "$var_value" ]; then + eval var_value=\\\'$\(sed -e \'':a;N;$!ba;s/\r//g;s/\n/ /g;s/#[^ ]* //g;s%^\s*$%%g;s%\s\{1,\}$%%g'\' \'$var_file\'\)\\\' + eval `eval echo \\$VAR='$var_value'` + var_value="`eval echo '$'${VAR}`" + fi + + # If no variable specified or cached, use the default value if specified, otherwise, reserve empty + if [ -z "$var_value" ]; then + if [ -n "$defval" ]; then + eval `eval echo \\$VAR='$defval'` + else + defval="`eval echo '$DEF_'${VAR}`" + eval `eval echo \\$VAR='$defval'` + fi + fi +} + +get_vars () +{ + for var in $@; do + get_var $var + done +} + +set_var () #VAR +{ + local VAR + local var + local var_file + + VAR=$1 + + var=`eval echo \\$${VAR} | egrep -v "^$|^ *$"` + var_file="`eval echo \\${LAB_$VAR}`" + + [ -n "$var" ] && echo "$var" | sed -e ':a;N;$!ba;s/\r//g;s%^\s*$%%g;s%\s\{1,\}$%%g;s/ /\n/g' > "$var_file" +} + +set_vars () +{ + for var in $@; do + set_var $var + done +} diff --git a/tools/docker/libs b/tools/docker/libs index 512fb81..c330f92 100755 --- a/tools/docker/libs +++ b/tools/docker/libs @@ -690,7 +690,10 @@ create_shortcuts () BROWSER_ICON=/usr/share/pixmaps/${WEB_BROWSER}.png DEFAULT_BROWSER_ICON=$BROWSER_ICON if [ ! -f "$BROWSER_ICON" ]; then - BROWSER_ICON=$(find /usr/share/ -name "${WEB_BROWSER}*.png" 2>/dev/null | egrep "hicolor" | head -1) + BROWSER_ICON=$(find /usr/share/ -name "*${WEB_BROWSER}*.png" -o -name "*${WEB_BROWSER}*.svg" 2>/dev/null | egrep -i "hicolor|bloom" | egrep "48|64|96" | tail -1) + fi + if [ ! -f "$BROWSER_ICON" ]; then + BROWSER_ICON=$TOP_DIR/images/3rd-party/${WEB_BROWSER}.png fi if [ "x$LAB_DESKTOP_SHORTCUT" = "x1" -a ! -f "$LOCAL_DESKTOP_SHORTCUT" ]; then @@ -742,8 +745,8 @@ create_shortcuts () fi fi if [ ! -f "$XTERM_ICON" ]; then - XTERM_ICON=$(find /usr/share/ -name "${XTERM}*.png" 2>/dev/null | grep icon | head -1) - [ -z "$XTERM_ICON" ] && XTERM_ICON=$(find /usr/share/ -name "${XTERM}*.png" 2>/dev/null | head -1) + XTERM_ICON=$(find /usr/share/ -name "${XTERM}*.png" -o -name "${XTERM}*.svg" 2>/dev/null | egrep -i "hicolor|bloom" | egrep "48|64|96|128" | tail -1) + [ -z "$XTERM_ICON" ] && XTERM_ICON=$(find /usr/share/ -name "${XTERM}*.png" 2>/dev/null | tail -1) fi fi diff --git a/tools/docker/run b/tools/docker/run index 2e1e7df..a11fbb7 100755 --- a/tools/docker/run +++ b/tools/docker/run @@ -149,8 +149,13 @@ envs="" # ref: https://headsigned.com/posts/mounting-docker-volumes-with-docker-toolbox-for-windows/ volumemap="-v '/$GIT_DIR':'$GIT_WORKDIR'" volumemap="$volumemap -v '/$LAB_DIR':'$LAB_WORKDIR'" -volumemap="$volumemap -v '/$TOOL_DIR':'$TOOL_WORKDIR'" -volumemap="$volumemap -v '/$CONFIG_DIR':'$CONFIG_WORKDIR'" +volumemap="$volumemap -v '/$TOOL_DIR/docker/container':'$TOOL_WORKDIR/docker/container':ro" +volumemap="$volumemap -v '/$TOOL_DIR/lab/run':'$TOOL_WORKDIR/lab/run':ro" +volumemap="$volumemap -v '/$TOOL_DIR/system':'$TOOL_WORKDIR/system':ro" +volumemap="$volumemap -v '/$CONFIG_DIR/tools':'$CONFIG_WORKDIR/tools':ro" +volumemap="$volumemap -v '/$CONFIG_DIR/system':'$CONFIG_WORKDIR/system':ro" +volumemap="$volumemap -v '/$CONFIG_DIR/lab-logo.png':'$CONFIG_WORKDIR/lab-logo.png':ro" +volumemap="$volumemap -v '/$CONFIG_DIR/docker/container':'$CONFIG_WORKDIR/docker/container'" limits=$LIMITS # Get a new ip for our new container if no one cached @@ -167,11 +172,15 @@ get_var SCREEN_SIZE # Sync UID before running [ "x$HOST_OS" = "xLinux" ] && UNIX_UID=$(id -u `get_host_user`) -[ "x$UNIX_UID" = "x0" -o -z "$UNIX_UID" ] && UNIX_UID=$DEF_UID -[ -z "$UNIX_USER" ] && UNIX_USER=$DEF_USER +[ "x$UNIX_UID" = "x0" -o -z "$UNIX_UID" ] && UNIX_UID=$DEF_UNIX_UID +[ -z "$UNIX_USER" ] && UNIX_USER=$DEF_UNIX_USER # Build vars passed to container log_print "Build variables for $CONTAINER_NAME" + +# Init environment variables instead of parsing it in container +get_vars UNIX_IDENTIFY SUDO_IDENTIFY VNC_IDENTIFY + for var in $VARS; do # Available encrypt cmds: sha1sum, sha224sum, cksum, sha256sum, sha512sum, md5sum, sha384sum, sum value=$(eval echo \$${var}) @@ -203,17 +212,18 @@ done # Get configured settings log_print "Build more arguments ..." if [ "x$HOST_OS" = "xWindows" ]; then - get_vars CAPS DEVICES VOLUMEMAP + get_vars CAPS DEVICES VOLUMEMAP PRIV_MODE else - get_vars ENVS CAPS DNS DEVICES PORTMAP VOLUMEMAP + get_vars ENVS CAPS DNS DEVICES PORTMAP VOLUMEMAP PRIV_MODE fi for env in $ENVS; do vars="$vars -e $env"; done for cap in $CAPS; do caps="$caps --cap-add $cap"; done for dns in $DNS; do dnss="$dnss --dns $dns"; done -for dev in $DEVICES; do devs="$devs --device $dev"; done +for dev in $DEVICES; do [ -e "$dev" ] && devs="$devs --device $dev"; done for map in $PORTMAP; do portmap="$portmap -p $map"; done for map in $VOLUMEMAP; do volumemap="$volumemap -v $map"; done +[ "x$PRIV_MODE" = "x1" ] && privmode=--privileged # Build container name container="--name $CONTAINER_NAME" @@ -229,7 +239,9 @@ net="$ip --network $VNC_NET_NAME" info_print "Wait for lab launching ..." -lab_id=$(eval docker run -d --privileged $coredump -h $LAB_NAME $net $audio $container $portmap $caps $dnss $devices $limits $volumemap $vars $EXTRA_ARGS $IMAGE) +seccomp="--security-opt seccomp=$TOP_DIR/configs/common/seccomp-profiles-default.json" + +lab_id=$(eval docker run -d $privmode $coredump -h $LAB_NAME $seccomp $net $audio $container $portmap $caps $dnss $devs $limits $volumemap $vars $EXTRA_ARGS $IMAGE) [ $? -ne 0 ] && err_print "docker running error." && exit 1 @@ -270,6 +282,10 @@ get_host # Save the lab's information (for restore the container for 'docker start') set_vars CONTAINER_NAME CONTAINER_ID SCREEN_SIZE +[ -n "$PRIV_MODE" -a "x$PRIV_MODE" = "x1" ] && set_var PRIV_MODE +[ "$MIRROR_SITE" != "$DEF_MIRROR_SITE" ] && set_var MIRROR_SITE +[ "$UNIX_USER" != "$DEF_UNIX_USER" ] && set_var UNIX_USER +[ "$UNIX_UID" != "1000" -a "$UNIX_UID" != "0" ] && set_var UNIX_UID do_lock diff --git a/tools/docker/vnc b/tools/docker/vnc index 60f5684..7f2c879 100755 --- a/tools/docker/vnc +++ b/tools/docker/vnc @@ -188,4 +188,6 @@ copy2clipboard "$VNC_PWD" info_print "Running '$VNC_LOGIN'" echo +sleep 1 + nohup $VNC_LOGIN >/dev/null 2>&1 & diff --git a/tools/lab/run b/tools/lab/run index c4305a6..1f19870 100755 --- a/tools/lab/run +++ b/tools/lab/run @@ -9,25 +9,30 @@ if [ ! -d /labs -o ! -d /.git ]; then exit 1 fi -# no argument required of config for container -IN_CONTAINER=1 +# Dump environment variables +# env +# Clean up everything before running +find /var/lib/apt/lists -type f -delete & +find /var/cache -type f -delete & +find /var/log -type f -delete & + +# NOTE: for Security, variables should be passed as environment variables # NOTE: for Security, variables should be passed as environment variables -. /tools/docker/config >/dev/null +. /tools/docker/container >/dev/null do_unlock # Don't touch me -[ -z "$UNIX_USER" ] && get_var UNIX_USER $DEF_USER [ -z "$LAB_SECURITY" ] && LAB_SECURITY=0 -get_var HOST_NAME localhost -get_var UNIX_IDENTIFY $DEF_UNIX_IDENTIFY -get_var SUDO_IDENTIFY $DEF_SUDO_IDENTIFY -get_var UNIX_UID 1000 +get_vars UNIX_USER UNIX_UID HOST_NAME MIRROR_SITE PWD_LENGTH PWD_TOTAL + +# Check and update mirror site +old=$(grep -m1 ^deb /etc/apt/sources.list | cut -d ' ' -f2 | tr -s '/' | cut -d '/' -f2) +[ "$old" != "$MIRROR_SITE" -a -n "$MIRROR_SITE" ] && sed -i -e "s/$old/$MIRROR_SITE/g" /etc/apt/sources.list & [ "x$UNIX_UID" = "x0" ] && UNIX_UID=1000 -set_var UNIX_UID [ -z "$VNC_IP" ] && get_var VNC_IP $DEF_VNC_IP [ -z "$VNC_TOKEN" ] && get_var VNC_TOKEN "" @@ -43,7 +48,7 @@ else fi [ -n "$VNC_IP" -a -z "$VNC_TOKEN" ] && VNC_TOKEN=`echo -n $VNC_IP | tr -d '\n' | $ENCRYPT_CMD | cut -d' ' -f1 | cut -c1-$TOKEN_LENGTH` -[ -n "$VNC_IP" ] && set_var VNC_IP +[ -n "$VNC_IP" -a "$VNC_IP" != "$DEF_VNC_IP" ] && set_var VNC_IP [ -n "$VNC_TOKEN" ] && set_var VNC_TOKEN do_lock @@ -68,8 +73,8 @@ else # Touch a flag touch $CREATE_FLAG - DEF_HOME=/home/$DEF_USER - DEF_SYSTEM_SUDOERS_USER=/etc/sudoers.d/$DEF_USER + DEF_HOME=/home/$DEF_UNIX_USER + DEF_SYSTEM_SUDOERS_USER=/etc/sudoers.d/$DEF_UNIX_USER DESKTOP=$HOME/Desktop/ [ $SUDO_IDENTIFY -ge 1 ] && UNIX_USER_GROUPS="--groups adm,sudo,audio" @@ -108,7 +113,7 @@ else [ -f "$DEF_SYSTEM_SUDOERS_USER" -a "$LAB_SECURITY" != "0" ] \ && mv $DEF_SYSTEM_SUDOERS_USER $SYSTEM_SUDOERS_USER \ - && sed -i -e "s/^$DEF_USER/$UNIX_USER/g" $SYSTEM_SUDOERS_USER \ + && sed -i -e "s/^$DEF_UNIX_USER/$UNIX_USER/g" $SYSTEM_SUDOERS_USER \ && chmod 440 $SYSTEM_SUDOERS_USER chown $UNIX_USER:$UNIX_USER -R $HOME/ @@ -136,23 +141,26 @@ else [ -z "$VNC_PWD" ] && get_var VNC_PWD [ -z "$VNC_PWD_VIEWONLY" ] && get_var VNC_PWD_VIEWONLY - [ -z "$PWD_LENGTH" ] && get_var PWD_LENGTH $DEF_PWD_LENGTH - [ -z "$PWD_TOTAL" ] && get_var PWD_TOTAL $DEF_PWD_TOTAL + [ -z "$PWD_TOTAL" ] && PWD_TOTAL=$DEF_PWD_TOTAL + [ -z "$PWD_LENGTH" ] && PWD_TOTAL=$DEF_PWD_LENGTH PWGEN_OPTS="-B -s -n -v $PWD_LENGTH 1" [ -z "$UNIX_PWD" ] && UNIX_PWD=`pwgen $PWGEN_OPTS | tr '[A-Z]' '[a-z]'` [ -z "$VNC_PWD" ] && VNC_PWD=`pwgen $PWGEN_OPTS | tr '[A-Z]' '[a-z]'` [ -z "$VNC_PWD_VIEWONLY" ] && VNC_PWD_VIEWONLY=`pwgen $PWGEN_OPTS | tr '[A-Z]' '[a-z]'` - [ -n "$UNIX_USER" ] && set_var UNIX_USER [ -n "$UNIX_PWD" ] && set_var UNIX_PWD [ -n "$VNC_PWD" ] && set_var VNC_PWD [ -n "$VNC_PWD_VIEWONLY" ] && set_var VNC_PWD_VIEWONLY # Sync UID between host and container FILES_TO_SYN_PERM="$LAB_UNIX_PWD $LAB_VNC_PWD $LAB_VNC_PWD_VIEWONLY $LAB_UNIX_UID $LAB_UNIX_USER $LAB_VNC_IP $LAB_VNC_TOKEN" - sudo chown $UNIX_USER:$UNIX_USER $FILES_TO_SYN_PERM - sudo chmod a+w $FILES_TO_SYN_PERM + for f in $FILES_TO_SYN_PERM + do + [ ! -f $f ] && continue + sudo chown $UNIX_USER:$UNIX_USER $f + sudo chmod a+w $f + done do_lock @@ -160,9 +168,9 @@ else echo "User: $UNIX_USER ,Password: $UNIX_PWD ,VNC Password: $VNC_PWD ,Viewonly Password: $VNC_PWD_VIEWONLY" SYSTEM_SUPERVISORD_CONF=/etc/supervisor/conf.d/x11vnc.conf - if [ "$UNIX_USER" != "$DEF_USER" ]; then + if [ "$UNIX_USER" != "$DEF_UNIX_USER" ]; then sed -i -e "s%$DEF_HOME%$HOME%g" $SYSTEM_SUPERVISORD_CONF - sed -i -e "s%user=$DEF_USER%user=$UNIX_USER%g" $SYSTEM_SUPERVISORD_CONF + sed -i -e "s%user=$DEF_UNIX_USER%user=$UNIX_USER%g" $SYSTEM_SUPERVISORD_CONF fi # VNC PASS @@ -181,7 +189,6 @@ else chmod o-rwx $VNC_PWD_FILE # Disable the VNC login password - get_var VNC_IDENTIFY 1 [ $VNC_IDENTIFY -eq 0 -a "x$HOST_NAME" = "xlocalhost" ] \ && sed -i -e "s% -usepw$%-nopw%g" $SYSTEM_SUPERVISORD_CONF fi @@ -224,9 +231,14 @@ mount -t tmpfs none /tmp/ # Run Lab specific tasks [ -x $LAB_CONTAINER_RUN ] && UNIX_USER=$UNIX_USER $LAB_CONTAINER_RUN & +# Init lxqt detection +lxqt=0 # Detect lxqt -which startlxqt >/dev/null 2>&1 -[ $? -eq 0 ] && ln -sf /usr/bin/lxqt-session /usr/bin/lxsession +which startlxqt >/dev/null 2>&1 && ln -sf /usr/bin/lxqt-session /usr/bin/lxsession && lxqt=1 +# Detect cinnamon +which cinnamon-session >/dev/null 2>&1 && ln -sf /usr/bin/cinnamon-session /usr/bin/lxsession +# Clean up lxqt specific files +[ $lxqt -eq 0 ] && rm -rf $HOME/.config/lxqt $HOME/.config/pcmanfm-qt $HOME/.config/autostart/lxqt*.desktop & # Run image built-in tasks for f in /etc/startup.aux/*.sh diff --git a/tools/system/usr/bin/showterm b/tools/system/usr/bin/showterm deleted file mode 100755 index ecbaa19..0000000 --- a/tools/system/usr/bin/showterm +++ /dev/null @@ -1,99 +0,0 @@ -#!/bin/bash -# A simple Linux-only pure-shell showterm client for those without Ruby. -# -# Mac users (and Linux users with Ruby installed) should use the ruby client: -# (sudo) gem install showterm -# -# Dependencies (please let me know if you don't have them all already) -# mktemp (coreutils) -# script (util-linux) -# tput (ncurses) -# bash -# curl -# -# To install. Just copy this file to your computer, and chmod +x showterm. -# -# curl showterm.io/showterm > ~/bin/showterm -# chmod +x ~/bin/showterm -# -# Otherwise you can run this file without installing: -# -# bash <(curl record.showterm.io) -# - -# set -e - -record_base_url="http://showterm.io/record" -upload_base_url="http://showterm.io" - -if ! which curl >/dev/null -then - # Current docker image system is based on ubuntu - sudo apt-get -y update - sudo apt-get install -y curl -fi - -if ! tty >/dev/null -then - echo "Usage: bash <(curl $record_base_url)" - exit 1 -fi - -if [ "-d" = "$1" -o "--delete" = "$1" ] -then - url="${2?-Usage showterm --delete }" - curl --fail "$url" -X "DELETE" --data-urlencode "secret@$HOME/.showterm" - exit -fi - -scriptfile="$(mktemp /tmp/XXXXX.script)" -timingfile="$(mktemp /tmp/XXXXX.timing)" - -cols="$(tput cols)" -lines="$(tput lines)" - -server="${SHOWTERM_SERVER-$upload_base_url}" -url="${server%/}/scripts" - -if [ "$*" ] -then - echo "$*" - args=-c "$*" -fi - -if [ ! -f "$HOME/.showterm" ] -then - echo -n $(openssl rand -hex 16) > "$HOME/.showterm" -fi - -echo "showterm recording. (Exit shell when done.)" -script $args -q -t"$timingfile" "$scriptfile" -echo "Uploading..." -echo "" - -data=$(curl --fail "$url" --data-urlencode "cols=$cols" --data-urlencode "lines=$lines" --data-urlencode "scriptfile@$scriptfile" --data-urlencode "timingfile@$timingfile" "secret@$HOME/.showterm" 2>/dev/null) -status=$? - -echo "$data" - -# get a browser and check the $data accessible -for b in chromium-browser firefox -do - if which $b >/dev/null - then - ($b $data >/dev/null 2>&1)& - break - fi -done - -if [ $status -eq 0 ] -then - echo "" - rm "$scriptfile" "$timingfile" - exit 0 -else - echo "" - echo "Uploading may failed, but don't worry! Your work is safe." - echo "If the above url not accessible, try uploading again with:" - echo curl "$url" --data-urlencode "cols=$cols" --data-urlencode "lines=$lines" --data-urlencode "scriptfile@$scriptfile" --data-urlencode "timingfile@$timingfile" "secret@$HOME/.showterm" -fi diff --git a/tools/system/usr/share/desktop/home/.config/autostart/lxqt-z-ibus.desktop b/tools/system/usr/share/desktop/home/.config/autostart/ibus-daemon.desktop similarity index 100% rename from tools/system/usr/share/desktop/home/.config/autostart/lxqt-z-ibus.desktop rename to tools/system/usr/share/desktop/home/.config/autostart/ibus-daemon.desktop -- Gitee From 0d0ee926a0fb58112a127d3d58d79fcf8446d3d8 Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Thu, 28 Jul 2022 22:37:09 +0800 Subject: [PATCH 6/7] modified Dockerfile --- configs/pwn-lab/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configs/pwn-lab/Dockerfile b/configs/pwn-lab/Dockerfile index aa320ce..5782985 100644 --- a/configs/pwn-lab/Dockerfile +++ b/configs/pwn-lab/Dockerfile @@ -27,6 +27,9 @@ RUN apt-get -y install --no-install-recommends \ gedit \ gedit-plugins \ gdb \ + autoconf \ + automake \ + libtool \ && /cleanup EXPOSE 5900 22 -- Gitee From 8da08a4752835dadfe3f0c62d9ee8ef8633de8ca Mon Sep 17 00:00:00 2001 From: RetroYong <202021220043@stu.ppsuc.edu.cn> Date: Wed, 31 Aug 2022 15:54:06 +0800 Subject: [PATCH 7/7] add ruby --- configs/pwn-lab/Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/configs/pwn-lab/Dockerfile b/configs/pwn-lab/Dockerfile index 5782985..bf0ae36 100644 --- a/configs/pwn-lab/Dockerfile +++ b/configs/pwn-lab/Dockerfile @@ -31,7 +31,11 @@ RUN apt-get -y install --no-install-recommends \ automake \ libtool \ && /cleanup - + +RUN apt-get -y install --no-install-recommends \ + ruby \ + && /cleanup + EXPOSE 5900 22 WORKDIR /labs/ -- Gitee