Using Docker to quickly and safely reproduce issues

I had a problem following an installation the other day, and eventually we tracked it down.

This week, I was curious to see if things were fixed, but I had already installed the tool on my computer.

So I ran up Docker container:

$ docker run --rm -it --name test debian bash
root@14e9e953d708:/# apt-get update && apt-get install -yq curl sudo vim-tiny
Get:1 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:2 http://security.debian.org jessie/updates/main amd64 Packages [182 kB]
Ign http://httpredir.debian.org jessie InRelease
Get:3 http://httpredir.debian.org jessie-updates InRelease [135 kB]
Get:4 http://httpredir.debian.org jessie Release.gpg [2373 B]
Get:5 http://httpredir.debian.org jessie Release [148 kB]
Get:6 http://httpredir.debian.org jessie-updates/main amd64 Packages [3653 B]
Get:7 http://httpredir.debian.org jessie/main amd64 Packages [9035 kB]
Fetched 9569 kB in 16s (574 kB/s)
Reading package lists... Done
Reading package lists...
Building dependency tree...
The following extra packages will be installed:
ca-certificates krb5-locales libcurl3 libffi6 libgmp10 libgnutls-deb0-28 libgssapi-krb5-2 libhogweed2
libidn11 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 libnettle4 libp11-kit0
librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libssh2-1 libssl1.0.0 libtasn1-6 openssl
vim-common
Suggested packages:
gnutls-bin krb5-doc krb5-user libsasl2-modules-otp libsasl2-modules-ldap libsasl2-modules-sql
libsasl2-modules-gssapi-mit libsasl2-modules-gssapi-heimdal indent
The following NEW packages will be installed:
ca-certificates curl krb5-locales libcurl3 libffi6 libgmp10 libgnutls-deb0-28 libgssapi-krb5-2
libhogweed2 libidn11 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 libnettle4
libp11-kit0 librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libssh2-1 libssl1.0.0 libtasn1-6
openssl sudo vim-common vim-tiny
0 upgraded, 28 newly installed, 0 to remove and 1 not upgraded.
Need to get 9322 kB of archives.
After this operation, 19.7 MB of additional disk space will be used.
Get:1 http://security.debian.org/ jessie/updates/main libsasl2-modules-db amd64 2.1.26.dfsg1-13+deb8u1 [67.1 kB]
Get:2 http://security.debian.org/ jessie/updates/main libsasl2-2 amd64 2.1.26.dfsg1-13+deb8u1 [105 kB]
Get:3 http://security.debian.org/ jessie/updates/main libldap-2.4-2 amd64 2.4.40+dfsg-1+deb8u1 [218 kB]
...
root@14e9e953d708:/# adduser --ingroup sudo sven
Adding user sven' ...
Adding new user
sven' (1000) with group sudo' ...
Creating home directory
/home/sven' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for sven
Enter the new value, or press ENTER for the default
Full Name []: sven
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n]
root@14e9e953d708:/#

and then in another terminal:


$ docker exec -it -u sven insane_colden bash
sven@14e9e953d708:/$ sudo env

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

[sudo] password for sven:
HOSTNAME=14e9e953d708
TERM=xterm
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:.tar=01;31:.tgz=01;31:.arc=01;31:.arj=01;31:.taz=01;31:.lha=01;31:.lz4=01;31:.lzh=01;31:.lzma=01;31:.tlz=01;31:.txz=01;31:.tzo=01;31:.t7z=01;31:.zip=01;31:.z=01;31:.Z=01;31:.dz=01;31:.gz=01;31:.lrz=01;31:.lz=01;31:.lzo=01;31:.xz=01;31:.bz2=01;31:.bz=01;31:.tbz=01;31:.tbz2=01;31:.tz=01;31:.deb=01;31:.rpm=01;31:.jar=01;31:.war=01;31:.ear=01;31:.sar=01;31:.rar=01;31:.alz=01;31:.ace=01;31:.zoo=01;31:.cpio=01;31:.7z=01;31:.rz=01;31:.cab=01;31:.jpg=01;35:.jpeg=01;35:.gif=01;35:.bmp=01;35:.pbm=01;35:.pgm=01;35:.ppm=01;35:.tga=01;35:.xbm=01;35:.xpm=01;35:.tif=01;35:.tiff=01;35:.png=01;35:.svg=01;35:.svgz=01;35:.mng=01;35:.pcx=01;35:.mov=01;35:.mpg=01;35:.mpeg=01;35:.m2v=01;35:.mkv=01;35:.webm=01;35:.ogm=01;35:.mp4=01;35:.m4v=01;35:.mp4v=01;35:.vob=01;35:.qt=01;35:.nuv=01;35:.wmv=01;35:.asf=01;35:.rm=01;35:.rmvb=01;35:.flc=01;35:.avi=01;35:.fli=01;35:.flv=01;35:.gl=01;35:.dl=01;35:.xcf=01;35:.xwd=01;35:.yuv=01;35:.cgm=01;35:.emf=01;35:.axv=01;35:.anx=01;35:.ogv=01;35:.ogx=01;35:.aac=00;36:.au=00;36:.flac=00;36:.m4a=00;36:.mid=00;36:.midi=00;36:.mka=00;36:.mp3=00;36:.mpc=00;36:.ogg=00;36:.ra=00;36:.wav=00;36:.axa=00;36:.oga=00;36:.spx=00;36:.xspf=00;36:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
SHELL=/bin/bash
MAIL=/var/mail/root
LOGNAME=root
USER=root
USERNAME=root
HOME=/root
SUDO_COMMAND=/usr/bin/env
SUDO_USER=sven
SUDO_UID=1000
SUDO_GID=27
sven@14e9e953d708:/$

(ok, so the thing I was testing was something else)

The point is, without using alot of time, diskspace, or effort, I created a debian environment, created the environment I needed, and then could run my test as the user I needed.

If this was more than a once-off, I’d do the setup in a Dockerfile, and make the command I’m testing be that Dockerfile’s ENTRYPOINT – making it possible to run a suite of tests using docker build -t test . && docker --rm run test

Vote ‘Foswiki for Best Project for the Enterprise’


SourceForge is running their fourth Community Choice Awards – you could vote for ‘Best Project for the Enterprise’ or even ‘Best New Project’

Wow, it seems we’re almost winners 😉

Howto protect foswiki attachments without slowdown

I was just asked on IRC how to protect some attachments without forcing all requested attachments to go through the viewfile cgi script (as that causes your foswiki images and css to load incredibly slowly), and here’s the howto I answered with:

I was just asked on IRC how to protect some attachments without forcing all requested attachments to go through the viewfile cgi script (as that causes your foswiki images and css to load incredibly slowly), and here’s the howto I answered with:

I coded foswiki 1.0’s viewfile script to work as an apache ErrorDocument, so If you can find a way to trigger a 404 or 401 error, you can get apache to run viewfile –

ErrorDocument 404 /foswiki/bin/viewfile
ErrorDocument 401 /foswiki/bin/viewfile

If you place your pub dir somewhere outside where apache serves files and then softlink the non-protected webs into apache’s path (so it serves them full speed), then the secured webs will generate a 404, triggering the viewfile ErrorDocument – which will thus serve the file only to authenticated users

This will work irrespective of the authentication choices in your foswiki setup – and as the files that require securing are outside apache’s file serving areas, can be considered as secure as possible.

As an added bonus, any request to a file that does not exist will show a foswiki error page, rather than a static html.

Debian TWiki repository now with 212 TWiki Plugins, Contribs, Skins and more.

I’ve just updated the Experimental TWiki and Plugins repository. It now contains TWiki 4.2.0 and 212 Plugins, Contribs and Skins that you can simply apt-get install

To use them, add the following 2 lines to your /etc/apt/sources.list

deb http://distributedinformation.com/experimental/ experimental main contrib
deb-src http://distributedinformation.com/experimental/ experimental main contrib

then type

apt-get update

to update the available packages.

you can now see all 212 packages with apt-cache search twiki-

and install (assuming you don’t have twiki installed yet)

apt-get install apache2 twiki

and TWiki Contrib installation is as easy as

apt-get install twiki-bugscontrib

You will still need to use configure to enable Plugins.

Please report your experiences to me – bugs, gripes, you name it – its a work in progress. and I need your help!

Simple things you can do to save the planet.

Bloggers Unite - Blog Action Day

The obvious one is …

Work from home.

In one fell swoop, you reduce the impact on the transport system, remove the duplication of building works like highrise office buildings and cube farms, and reduce the electricity impact, by using your windows to make environmentally friendly light and air conditioning.

There are other indirect benefits – by working in your local area, you will keep your local area alive, by buying lunch locally, and buying your coffee from the local shop (hi Bubba 🙂 ).

The second, is to work on or support the use of open source software.

Closed source is based on restricting access to software, which inevitably leads to pointless, non-innovative duplication of efforts. I’m not talking about the duplication of competitive features, or key differentiators that make your business a success either. There are a myriad of tiny internal tools written in every company or project, to just get stuff done, which if shared could improve your bottom line, just by sharing the code amongst all the other companies in the world that do a similar thing.

Do something for the environment today. Share.