switch to emba docker pull

m-1-k-3 · m-1-k-3 · commit 9b8dd5d16367 · 2021-09-02T09:17:59.000+02:00
diff --git a/.dockerignore b/.dockerignore
@@ -7,3 +7,5 @@ documentation
 CONTRIBUTING.md
 LICENSE
 README.md
+log*
+check_project.sh
diff --git a/Dockerfile b/Dockerfile
@@ -1,14 +1,16 @@
 FROM kalilinux/kali-rolling
 
-RUN apt-get update && \ 
-    apt-get -y upgrade && \
-    apt-get -y install wget kmod procps sudo dialog apt-utils
-
 ADD ./installer.sh /
 
 WORKDIR /
 
-RUN yes | sudo /installer.sh -D -F
+# updates system, install EMBA, disable coredumps and final cleanup
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get -y install wget kmod procps sudo dialog apt-utils && \
+    yes | sudo /installer.sh -D -F && \
+    ulimit -c 0 && rm -rf /var/lib/apt/lists/* && \
+    rm /core && rm /pw_hashes.txt
 
 WORKDIR /emba
 
diff --git a/installer.sh b/installer.sh
@@ -143,9 +143,9 @@ download_file()
 print_help()
 {
   echo -e "\\n""$CYAN""USAGE""$NC"
-  echo -e "$CYAN""-F""$NC""         Installation of emba with all dependencies (typical initial installation)"
+  echo -e "$CYAN""-d""$NC""         Installation of all dependencies needed for emba in Docker mode (-D) (typical initial installation)"
+  echo -e "$CYAN""-F""$NC""         Installation of emba with all dependencies"
   echo -e "$CYAN""-c""$NC""         Complements emba dependencies (get/install all missing files/applications)"
-  echo -e "$CYAN""-d""$NC""         Force install of all dependencies needed for emba in Docker mode (-D)"
   echo -e "$CYAN""-h""$NC""         Print this help message"
   echo -e "$CYAN""-l""$NC""         List all dependencies of emba"
   echo
@@ -250,6 +250,44 @@ case ${ANSWER:0:1} in
   ;;
 esac
 
+# download EMBA docker image
+
+echo -e "\\nThe normal EMBA operation mode use a docker image to protect your host. Docker and the EMBA container are required for this."
+INSTALL_APP_LIST=()
+print_tool_info "docker.io" 0 "docker"
+
+if command -v docker > /dev/null ; then
+  echo -e "\\n""$ORANGE""$BOLD""embeddedanalyzer/emba docker image""$NC"
+  export DOCKER_CLI_EXPERIMENTAL=enabled
+  f="$(docker manifest inspect embeddedanalyzer/emba:latest | grep "size" | sed -e 's/[^0-9 ]//g')"
+  echo "Download-Size : ""$(($(( ${f//$'\n'/+} ))/1048576))"" MB"
+  export DOCKER_CLI_EXPERIMENTAL=disabled
+else
+  echo -e "\\n""$ORANGE""$BOLD""embeddedanalyzer/emba docker image""$NC"
+  echo "Download-Size: ~5000 MB"
+fi
+
+if [[ "$FORCE" -eq 0 ]] && [[ "$LIST_DEP" -eq 0 ]] && [[ $DOCKER_SETUP -eq 0 ]]; then
+  echo -e "\\n""$MAGENTA""$BOLD""Do you want to install Docker (if not already on the system) and download the image?""$NC"
+  read -p "(y/N)" -r ANSWER
+elif [[ "$LIST_DEP" -eq 1 ]] || [[ $IN_DOCKER -eq 1 ]]; then
+  ANSWER=("n")
+else
+  echo -e "\\n""$MAGENTA""$BOLD""Docker will be installed (if not already on the system) and the image be downloaded!""$NC"
+  ANSWER=("y")
+fi
+case ${ANSWER:0:1} in
+  y|Y )
+    apt-get install "${INSTALL_APP_LIST[@]}" -y
+    if [[ "$(docker images -q embeddedanalyzer/emba:latest 2> /dev/null)" == "" ]] ; then
+      echo -e "$ORANGE""embeddedanalyzer/emba docker image will be downloaded""$NC"
+      docker pull embeddedanalyzer/emba:latest
+    else
+      echo -e "$ORANGE""embeddedanalyzer/emba docker image is already downloaded""$NC"
+    fi
+  ;;
+esac
+
 # cwe checker docker
 
 echo -e "\\nWith emba you can automatically find vulnerable pattern in binary executables (just start emba with the parameter -c). Docker and the cwe_checker from fkiecad are required for this."
@@ -714,6 +752,7 @@ case ${ANSWER:0:1} in
     fi
 
     cd ../.. || exit 1
+    rm ./external/binwalk -r
 
     if [[ -f "/usr/local/bin/binwalk" && "$BINWALK_PRE_AVAILABLE" -eq 0 ]] ; then
       echo -e "$GREEN""binwalk installed successfully""$NC"
