How to use the tern.utils.rootfs.prep_rootfs function in tern
To help you get started, we’ve selected a few tern examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
vmware / tern / tern / tools / container_debug.py View on Github 
def drop_into_layer(image_obj, layer_index):
"""Given the image object and the layer index, mount all the layers
upto the specified layer index and drop into a shell session"""
rootfs.set_up()
if layer_index == 0:
# mount only one layer
target = rootfs.mount_base_layer(
image_obj.layers[layer_index].tar_file)
else:
# mount all layers uptil the provided layer index
target = analyze.mount_overlay_fs(image_obj, layer_index)
# check if there is a shell
shell = check_shell()
if shell:
rootfs.prep_rootfs(target)
print("Done. Run 'sudo chroot . {}' to look around.".format(shell))
else:
print("A shell binary doesn't exist in the filesystem. You're on "
"your own.")
print("Working directory is: {}".format(get_mount_path()))
sys.exit(0)def analyze_subsequent_layers(image_obj, shell, master_list, redo):
# get packages for subsequent layers
curr_layer = 1
while curr_layer < len(image_obj.layers):
if not common.load_from_cache(image_obj.layers[curr_layer], redo):
# get commands that created the layer
# for docker images this is retrieved from the image history
command_list = dhelper.get_commands_from_history(
image_obj.layers[curr_layer])
if command_list:
# mount diff layers from 0 till the current layer
target = mount_overlay_fs(image_obj, curr_layer)
# mount dev, sys and proc after mounting diff layers
rootfs.prep_rootfs(target)
# for each command look up the snippet library
for command in command_list:
pkg_listing = command_lib.get_package_listing(command.name)
if isinstance(pkg_listing, str):
try:
common.add_base_packages(
image_obj.layers[curr_layer], pkg_listing, shell)
except KeyboardInterrupt:
logger.critical(errors.keyboard_interrupt)
abort_analysis()
else:
try:
common.add_snippet_packages(
image_obj.layers[curr_layer], command, pkg_listing,
shell)
except KeyboardInterrupt:image_obj.layers[0].origins.add_notice_to_origins(
origin_command_lib, Notice(no_shell_message, 'warning'))
# add a hint notice to add the shell to the command library
add_shell_message = errors.no_listing_for_base_key.format(
listing_key='shell')
image_obj.layers[0].origins.add_notice_to_origins(
origin_command_lib, Notice(add_shell_message, 'hint'))
shell = constants.shell
# only extract packages if there is a known binary and the layer is not
# cached
if binary:
if not common.load_from_cache(image_obj.layers[0], redo):
# Determine pacakge/os style from binary in the image layer
common.get_os_style(image_obj.layers[0], binary)
# get the packages of the first layer
rootfs.prep_rootfs(target)
common.add_base_packages(image_obj.layers[0], binary, shell)
# unmount proc, sys and dev
rootfs.undo_mount()
else:
logger.warning(errors.no_package_manager)
# /etc/os-release may still be present even if binary is not
common.get_os_style(image_obj.layers[0], None)
image_obj.layers[0].origins.add_notice_to_origins(
origin_first_layer, Notice(errors.no_package_manager, 'warning'))
# no binary means there is no shell so set to default shell
logger.warning('Unknown filesystem. Using default shell')
shell = constants.shell
# unmount the first layer
rootfs.unmount_rootfs()
# populate the master list with all packages found in the first layer
for p in image_obj.layers[0].packages:# populate the master list with all packages found in the first layer
for p in image_obj.layers[0].packages:
master_list.append(p)
# get packages for subsequent layers
curr_layer = 1
while curr_layer < len(image_obj.layers):
if not common.load_from_cache(image_obj.layers[curr_layer], redo):
# get commands that created the layer
# for docker images this is retrieved from the image history
command_list = dhelper.get_commands_from_history(
image_obj.layers[curr_layer])
if command_list:
# mount diff layers from 0 till the current layer
target = mount_overlay_fs(image_obj, curr_layer)
# mount dev, sys and proc after mounting diff layers
rootfs.prep_rootfs(target)
# for each command look up the snippet library
for command in command_list:
pkg_listing = command_lib.get_package_listing(command.name)
if isinstance(pkg_listing, str):
common.add_base_packages(
image_obj.layers[curr_layer], pkg_listing, shell)
else:
common.add_snippet_packages(
image_obj.layers[curr_layer], command, pkg_listing,
shell)
if command_list:
rootfs.undo_mount()
rootfs.unmount_rootfs()
# update the master list
common.update_master_list(master_list, image_obj.layers[curr_layer])
curr_layer = curr_layer + 1def analyze_first_layer(image_obj, master_list, redo):
# find the binary and shell by mounting the base layer
target = rootfs.mount_base_layer(image_obj.layers[0].tar_file)
binary = common.get_base_bin()
shell = get_shell(image_obj, binary)
# set up a notice origin for the first layer
origin_first_layer = 'Layer: ' + image_obj.layers[0].fs_hash[:10]
# only extract packages if there is a known binary and the layer is not
# cached
if binary:
if not common.load_from_cache(image_obj.layers[0], redo):
# Determine pacakge/os style from binary in the image layer
common.get_os_style(image_obj.layers[0], binary)
# get the packages of the first layer
try:
rootfs.prep_rootfs(target)
common.add_base_packages(image_obj.layers[0], binary, shell)
except KeyboardInterrupt:
logger.critical(errors.keyboard_interrupt)
abort_analysis()
# unmount proc, sys and dev
rootfs.undo_mount()
else:
logger.warning(errors.no_package_manager)
# /etc/os-release may still be present even if binary is not
common.get_os_style(image_obj.layers[0], None)
image_obj.layers[0].origins.add_notice_to_origins(
origin_first_layer, Notice(errors.no_package_manager, 'warning'))
# no binary means there is no shell so set to default shell
logger.warning('Unknown filesystem. Using default shell')
shell = constants.shell
# unmount the first layer'execute with. Useful when testing commands in the '
'snippet library')
args = parser.parse_args()
# first, mount all the layers in the image
report.setup(image_tag_string=args.image)
image_obj = report.load_full_image(args.image)
if image_obj.origins.is_empty():
# image loading was successful
# proceed mounting diff filesystems
if len(image_obj.layers) == 1:
# mount only one layer
target = rootfs.mount_base_layer(image_obj.layers[0].tar_file)
else:
report.mount_overlay_fs(image_obj, len(image_obj.layers) - 1)
rootfs.prep_rootfs(target)
# invoke commands in chroot
# if we're looking up the snippets library
# we should see 'snippets' in the keys
if 'snippets' in args.keys and 'packages' in args.keys:
# get the package info that corresponds to the package name
# or get the default
last = args.keys.pop()
info_list = look_up_lib(args.keys)
info_dict = command_lib.check_for_unique_package(
info_list, args.package)[last]
else:
info_dict = look_up_lib(args.keys)
# try to invoke the commands
try:
result = command_lib.get_pkg_attr_list(
args.shell, info_dict, args.package)tern
An inspection tool to find the OSS compliance metadata of the packages installed in a container image.
Package Health Score
72 / 100Popular tern functions
- tern.analyze.common
- tern.classes.notice.Notice
- tern.classes.package.Package
- tern.command_lib.command_lib
- tern.command_lib.command_lib.get_base_listing
- tern.command_lib.command_lib.get_pkg_attr_list
- tern.formats.spdx.formats
- tern.report.errors
- tern.report.errors.no_listing_for_base_key.format
- tern.report.formats
- tern.utils.constants
- tern.utils.constants.logger_name
- tern.utils.constants.shell
- tern.utils.general
- tern.utils.general.get_git_rev_or_version
- tern.utils.rootfs
- tern.utils.rootfs.get_working_dir
- tern.utils.rootfs.mount_base_layer
- tern.utils.rootfs.prep_rootfs
- tern.utils.rootfs.undo_mount