All lab exercises are reproducible in a linux testbed implemented as a docker container. You can run it locally in your laptop (runs on Linux, Windows, Mac) by either installing docker or by running a Linux VM with docker already installed.
Running the testbed with docker
- Install Docker CE from here or use the Linux VM with docker already installed
- Run the docker image (automatic download)
$ docker run --rm -it secunive/sec:testbed bash Home: /tmp/tmp.bb8xzokM7J rookie@dcd7a8da42c7:~$
- The above command will start the linux testbed used during the course
Mounting a volume
You can mount a local folder as follows:
$ docker run --rm -it -v /fullpath/MyVolume:/tmp/MyVolume secunive/sec:testbed bash Home: /tmp/tmp.bb8xzokM7J rookie@dcd7a8da42c7:~$ ls /tmp/MyVolume hello.txt rookie@dcd7a8da42c7:~$
The above command will mount your local folder
/tmp/MyVolume in the docker container. In this way you can edit file locally and keep a copy of what you do (files are not preserved when you close the container).
/fullpath/MyVolume with the path of the local folder you want to mount. Be sure that the folder exists before you start docker! If the folder does not exists, docker will create it as root and you won’t be able to use it.
Accessing with ssh
ssh is supported, you only need to map the port as follows:
docker run -p2223:22 --rm -it secunive/sec:testbed bash
Then you can access with (password
ssh rookie@localhost -p2223
Notice that this also work in the Linux VM with docker already installed and allows for directly connecting to the testbed machine without passing through the alpine linux host. You can also use
sshfs to mount the testbed filesystem remotely (requires WSL 2 in Windows 10).
Pulling the latest image
Image might be updated during the semester. If you need to pull the latest one just use the pull command of docker:
$ docker pull secunive/sec:testbed testbed: Pulling from secunive/sec ...
gdb in docker
To run gdb in docker you need a customised secure computing mode (seccomp) profile. Download it here and run docker as follows:
docker run --rm -it --security-opt seccomp=./gdb.json secunive/sec:testbed