Issues running ansvif on Windows and Ubuntu in a Docker container

[josephmoyer]

When trying to run ansvif in a docker container, I get the error This account is currently not available. Similarly, when trying to run ansvif on Windows, I get the error The process cannot access the file because it is being used by another process.

Code to reproduce error in Docker using a Dockerfile:

FROM ubuntu:16.04

WORKDIR /src

RUN apt update && apt-get --no-install-recommends -yqq install \
	ca-certificates \
	git \
	automake \
	autoconf-archive \
	zlib1g-dev \
	g++ \
	libgcc-4.8-dev \
	gcc \
	gtk2.0

RUN git clone https://github.com/oxagast/ansvif.git
WORKDIR ansvif
RUN	aclocal
RUN autoconf
RUN automake -a
RUN ./configure --disable-gtk
RUN make
CMD make check

Command used to reproduce error in Windows:

.\ansvif.exe -t .\examples\specific\spac
e.txt -c .\notepad.exe -b 2048

I copied notepad into the ansvif folder that was created from the zip on the releases page.

[oxagast]

Hi, The error on Linux is because ansvif tries to drop its privs from root to your user (or nobody), but since Docker containers don't 'see' the host's files the /etc/passwd is not congruent. You can force ansvif to run as root (in Docker, I wouldn't really recommend this otherwise) by passing the -L root option. Another solution would be to add an ansvif user in the Dockerfile. But the easy way would be to change your last line to:

CMD ./ansvif -t examples/specific/flag_chars.txt -c ./generic_buffer_overflow -b 64 -z -L root

This gives ansvif a user that is known to exist, and theoretically Docker prevents ansvif from dorking with files outside the container on the host.