From 9a37a51760c27f15c227c578948754942cbc1ef2 Mon Sep 17 00:00:00 2001 From: T145 Date: Fri, 20 Sep 2024 17:20:09 -0400 Subject: [PATCH] chore(docker): Updated Perl & Debian pkgs --- Dockerfile | 19 +++++++++++-------- README.md | 16 +++++++--------- scripts/v2/apply_filters.bash | 12 ++++++------ scripts/v2/build_lists.bash | 2 +- scripts/v2/check_cidrs.pl | 2 +- scripts/v2/check_domains.pl | 2 +- scripts/v3/check_hosts.pl | 2 +- 7 files changed, 28 insertions(+), 27 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1131d7f6..0ccfcc1c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ RUN git config --global advice.detachedHead false; \ go install -v github.com/johnkerl/miller/cmd/mlr; \ rm -rf ./*; \ # https://github.com/mikefarah/yq/ - go install -v github.com/mikefarah/yq/v4@v4.44.2; \ + go install -v github.com/mikefarah/yq/v4@v4.44.3; \ # https://github.com/ipinfo/cli go install -v github.com/ipinfo/cli/ipinfo@ipinfo-3.3.1; \ # https://github.com/projectdiscovery/dnsx @@ -59,7 +59,7 @@ RUN apt-get -yq update --no-allow-insecure-repositories; \ # https://hub.docker.com/r/parrotsec/core FROM docker.io/parrotsec/core:base-lts-amd64 LABEL maintainer="T145" \ - version="6.4.5" \ + version="6.5.0" \ description="Runs the \"Black Mirror\" project! Check it out GitHub!" \ org.opencontainers.image.description="https://github.com/T145/black-mirror#-docker-usage" @@ -132,16 +132,16 @@ RUN apt-get -q update --no-allow-insecure-repositories; \ bc=1.07.1-3+b1 \ build-essential=12.9 \ csvkit=1.0.7-1 \ - curl=7.88.1-10+deb12u6 \ + curl=7.88.1-10+deb12u7 \ debsums=3.0.2.1 \ dos2unix=7.4.3-1 \ gawk=1:5.2.1-2 \ - git=1:2.39.2-1.1 \ + git=1:2.39.5-0+deb12u1 \ grepcidr=2.0-2 \ html-xml-utils=7.7-1.1 \ libc-ares2=1.18.1-3 \ libpsl5=0.21.2-1 \ - libssl3=3.0.13-1~deb12u1 \ + libssl3=3.0.14-1~deb12u2 \ localepurge=* \ lynx=2.9.0dev.12-1 \ nodejs=18.19.0+dfsg-6~deb12u2 \ @@ -183,8 +183,9 @@ RUN apt-get -q update --no-allow-insecure-repositories; \ # Upgrade Perl # https://github.com/Perl/docker-perl -RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.1.tar.gz; \ - echo '7dee38af601b0ba3f3730cb812cdbc799c921da440cb0ce96dd7a4f508b1a6f8 *perl-5.41.1.tar.gz' | sha256sum --strict --check -; \ +# Threaded Bookworm +RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.3.tar.gz; \ + echo '7b9cd0f84a5350ea485ae6c57f3231d338f8a00c23f193db3964a60d38cf8850 *perl-5.41.3.tar.gz' | sha256sum --strict --check -; \ tar --strip-components=1 -xzf perl-*.tar.gz; \ cat *.patch | patch -p1 || :; \ ./Configure -Darchname=x86_64-linux-gnu -Duse64bitall -Dusethreads -Duseshrplib -Dvendorprefix=/usr/local -Dusedevel -Dversiononly=undef -des; \ @@ -196,6 +197,8 @@ RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.1.tar.gz; \ wget -q https://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7047.tar.gz; \ echo '963e63c6e1a8725ff2f624e9086396ae150db51dd0a337c3781d09a994af05a5 *App-cpanminus-1.7047.tar.gz' | sha256sum --strict --check -; \ tar --strip-components=1 -xzf App-cpanminus-*.tar.gz; \ + perl -pi -E 's{http://(www\.cpan\.org|backpan\.perl\.org|cpan\.metacpan\.org|fastapi\.metacpan\.org|cpanmetadb\.plackperl\.org)}{https://$1}g' bin/cpanm; \ + perl -pi -E 's{try_lwp=>1}{try_lwp=>0}g' bin/cpanm; \ perl bin/cpanm .; \ wget -q 'https://www.cpan.org/authors/id/C/CH/CHRISN/Net-SSLeay-1.94.tar.gz'; \ echo '9d7be8a56d1bedda05c425306cc504ba134307e0c09bda4a788c98744ebcd95d *Net-SSLeay-1.94.tar.gz' | sha256sum --strict --check -; \ @@ -233,4 +236,4 @@ RUN chown 0:0 /usr/bin/as; \ RUN adduser --disabled-password --gecos "" admin USER admin -HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "cpanm --version && cpm --version && command -v ipinfo && command -v ghosts && command -v parsort && command -v yq && command -v mlr" ] +HEALTHCHECK NONE diff --git a/README.md b/README.md index 63620d30..25cae197 100644 --- a/README.md +++ b/README.md @@ -263,31 +263,29 @@ Leverage the [`ADGUARD_SOURCES.txt`](https://github.com/T145/black-mirror/blob/m ## 🐋 Docker Usage -To provide a temporary container to experiment with `Black Mirror` scripts and the CLI utilities it uses, run the following: +### Temporary Container ```bash -docker container run -it --rm -h black-mirror ghcr.io/t145/black-mirror +docker container run -u 0 -it --rm -h black-mirror ghcr.io/t145/black-mirror ``` -For a persistant container, use something like what's given below: +### Persistant Container ```bash -docker container run -it --name black-mirror -h black-mirror ghcr.io/t145/black-mirror +docker container run -u 0 -it --name black-mirror -h black-mirror ghcr.io/t145/black-mirror ``` Then to access the container at a later date, run: ```bash docker start black-mirror -docker exec -it black-mirror /bin/bash +docker exec -u 0 -it black-mirror /bin/bash ``` -To use the root user just append `-u 0`. - -NOTE: Before using `rkhunter`, be sure to run: +### Building the Image ```bash -rkhunter --update +docker build --no-cache --progress=plain -t black-mirror . ``` ## 👨‍💻 Development diff --git a/scripts/v2/apply_filters.bash b/scripts/v2/apply_filters.bash index ac1fb1c9..e3470676 100755 --- a/scripts/v2/apply_filters.bash +++ b/scripts/v2/apply_filters.bash @@ -18,11 +18,11 @@ get_ipv6_cidrs() { } get_domains_from_urls() { - perl5.41.1 -MData::Validate::Domain=is_domain -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_domain($3, { domain_private_tld => { onion => 1 } })}' + perl5.41.3 -MData::Validate::Domain=is_domain -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_domain($3, { domain_private_tld => { onion => 1 } })}' } get_ipv4s_from_urls() { - perl5.41.1 -MData::Validate::IP=is_ipv4 -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_ipv4($3)}' + perl5.41.3 -MData::Validate::IP=is_ipv4 -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_ipv4($3)}' } hostsblock() { @@ -200,22 +200,22 @@ process_list() { 'IPV4') case "$LIST_METHOD" in 'BLOCK') - perl5.41.1 -MData::Validate::IP=is_public_ipv4 -nE 'chomp; if(defined($_) and is_public_ipv4($_)) {say $_;}' + perl5.41.3 -MData::Validate::IP=is_public_ipv4 -nE 'chomp; if(defined($_) and is_public_ipv4($_)) {say $_;}' ;; # Ensure bogons get whitelisted 'ALLOW') - perl5.41.1 -MData::Validate::IP=is_ipv4 -nE 'chomp; if(defined($_) and is_ipv4($_)) {say $_;}' + perl5.41.3 -MData::Validate::IP=is_ipv4 -nE 'chomp; if(defined($_) and is_ipv4($_)) {say $_;}' ;; esac ;; 'IPV6') case "$LIST_METHOD" in 'BLOCK') - perl5.41.1 -MData::Validate::IP=is_public_ipv6 -nE 'chomp; if(defined($_) and is_public_ipv6($_)) {say $_;}' + perl5.41.3 -MData::Validate::IP=is_public_ipv6 -nE 'chomp; if(defined($_) and is_public_ipv6($_)) {say $_;}' ;; # Ensure bogons get whitelisted 'ALLOW') - perl5.41.1 -MData::Validate::IP=is_ipv6 -nE 'chomp; if(defined($_) and is_ipv6($_)) {say $_;}' + perl5.41.3 -MData::Validate::IP=is_ipv6 -nE 'chomp; if(defined($_) and is_ipv6($_)) {say $_;}' ;; esac ;; diff --git a/scripts/v2/build_lists.bash b/scripts/v2/build_lists.bash index 9c0f68f7..24fc9c96 100755 --- a/scripts/v2/build_lists.bash +++ b/scripts/v2/build_lists.bash @@ -29,7 +29,7 @@ readonly -a FORMATS # https://github.com/ildar-shaimordanov/perl-utils#sponge sponge() { - perl5.41.1 -ne ' + perl5.41.3 -ne ' push @lines, $_; END { open(OUT, ">$file") diff --git a/scripts/v2/check_cidrs.pl b/scripts/v2/check_cidrs.pl index 9ff1438b..0fef6228 100644 --- a/scripts/v2/check_cidrs.pl +++ b/scripts/v2/check_cidrs.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl -use 5.41.1; +use 5.41.3; use warnings; use strict; use open ':std', ':encoding(UTF-8)'; diff --git a/scripts/v2/check_domains.pl b/scripts/v2/check_domains.pl index c188d7de..667f621b 100644 --- a/scripts/v2/check_domains.pl +++ b/scripts/v2/check_domains.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl -use 5.41.1; +use 5.41.3; use warnings; use strict; use open ':std', ':encoding(UTF-8)'; diff --git a/scripts/v3/check_hosts.pl b/scripts/v3/check_hosts.pl index 2cb3f079..2243f46b 100644 --- a/scripts/v3/check_hosts.pl +++ b/scripts/v3/check_hosts.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl -use 5.41.1; +use 5.41.3; use feature 'say'; use utf8;