运行linux的机器死机了_如何在任何机器上轻松运行任何Linux工具

运行linux的机器死机了

by Flavio De Stefano

由弗拉维奥·德·斯特凡诺(Flavio De Stefano)

如何在任何机器上轻松运行任何Linux工具 (How to easily run any Linux tool on any machine)

Have you ever encountered a situation like the ones below?

您是否遇到过以下情况？

Situation 1: You’re on your Linux workstation, and there is a PHP code that you must execute. But this code only runs under PHP 7, and your workstation only has PHP 5.

情况1 ：您在Linux工作站上，必须执行一个PHP代码。 但是此代码仅在PHP 7下运行，而您的工作站只有PHP 5。

Situation 2: You’re working on your MacBook laptop, and you desperately need your sqlmap tool from your Kali Linux distribution. But you don’t have access to your Virtual Machine.

情况2 ：您正在使用MacBook笔记本电脑，并且迫切需要Kali Linux发行版中的sqlmap工具。 但是您无权访问虚拟机。

Situation 3: You’re on your Windows PC, and you immediately need an NGINX server that serves your static files from a directory.

情况3 ：您在Windows PC上，立即需要一台NGINX服务器，该服务器可从目录中提供静态文件。

Situation 4: No matter which platform, you have to start your Node.js 10 project. But you don’t have Node.js installed on your platform.

情况4 ：无论使用哪个平台，都必须启动Node.js 10项目。 但是您没有在平台上安装Node.js。

Or, in general, have you ever been a situation like this:

或者，总的来说，您是否遇到过以下情况：

Situation X: you are on one platform, and you immediately need a specific Linux tool, without altering your configuration or installing additional software.

情况X：您处于一个平台上，并且立即需要特定的Linux工具，而无需更改配置或安装其他软件。

All these situations can be easily solved with a single tool you may have already heard about. It works without messing up your computer by installing additional software, or editing configurations that worked for a long time.

使用您可能已经听说过的单个工具，可以轻松解决所有这些情况。 它可以通过安装其他软件或编辑长时间运行的配置而不会干扰计算机的工作。

Docker is an OS-level virtualization system. It can potentially run any binary you have in mind. Furthermore, it can run it in an isolated system, so it can’t touch your files and your precious working configurations.

Docker是操作系统级别的虚拟化系统。 它可以潜在地运行您想到的任何二进制文件。 此外，它可以在隔离的系统中运行它，因此它不会影响您的文件和宝贵的工作配置。

All you need is for someone to have already containerized your binary so that you can simply download it as an image. There are already a ton of Docker-built images out there waiting for you.

您需要做的就是让某人已经将您的二进制文件容器化，以便您可以简单地将其下载为映像。 已经有大量Docker构建的映像在等着您。

Docker does do more than this. It is a platform for developers and system administrators to develop, deploy, and run applications with containers. If you use it only to run your preferred binary, you’re using 1% of its features.

Docker所做的不只是此事。 它是开发人员和系统管理员使用容器开发，部署和运行应用程序的平台。 如果仅使用它来运行首选的二进制文件，则使用的是其功能的1％。

But let’s start from the beginning.

但是，让我们从头开始。

You can install Docker on your machine by clicking this link and selecting your platform from left menu. Then, follow the guide.

您可以通过单击此链接并从左侧菜单选择平台来在您的计算机上安装Docker。 然后，按照指南进行操作。

Once you have installed Docker, open your preferred Terminal or Command Prompt.

安装Docker后，打开您的首选终端或命令提示符。

基本概念 (Basic concepts)

First of all, let’s test if your Docker configuration is working correctly. From the terminal:

首先，让我们测试一下您的Docker配置是否正常工作。 从终端：

> docker --version
Docker version 18.03.0-ce, build 0520e24

If Docker is up and running, you should see your version number.

如果Docker已启动并正在运行，则应该看到您的版本号。

All you need now is the docker run command.

您现在所需要的就是docker run命令。

The first thing to know is the name of the image you want to use. For official images, you usually have the name of the binary with no additions.

首先要知道的是您要使用的图像的名称。 对于官方图像，通常使用二进制名称，且不添加任何名称。

For example, in the case of PHP, the image name is simply php. And what about the version? Simple as well, just add the version number (e.g., 7).

例如，对于PHP，映像名称就是php。 那版本呢？ 同样简单，只需添加版本号(例如7)。

Now let’s run our first container.

现在让我们运行第一个容器。

情况1 (Situation 1)

You’re on your Linux workstation, and there is a PHP code that you must execute. But this code only runs under PHP 7, and your workstation only has PHP 5.

您在Linux工作站上，必须执行一个PHP代码。 但是此代码仅在PHP 7下运行，而您的工作站只有PHP 5。

Ok, now let’s imagine we have this simple code. It only works under PHP 7, because of the spaceship operator:

好的，现在让我们假设我们有这个简单的代码。 由于太空飞船，它只能在PHP 7下工作 操作员：

<?php echo 1 <=> 0;

How we can execute this code with Docker? Let’s build our docker run command.

我们如何使用Docker执行此代码？ 让我们构建我们的docker run命令。

> docker run -it php:7
Interactive shell
php > echo 1<=>0;
1

Yes — that’s all we need!

是的，这就是我们所需要的！

The extra part is the -it flag, but that’s not difficult. Since we are in the interactive shell, it simply specifies that this container should:

额外的部分是-it标志，但这并不困难。 由于我们位于交互式外壳中，因此只需指定该容器应：

• -t ( — tty): allocate a pseudo-TTY

  -t ( — tty) ：分配一个伪TTY

• -i ( — interactive): keep STDIN open, even if not attached

  -i ( — interactive) ：保持STDIN处于打开状态，即使未连接也是如此

You should use them most of the time, with some exceptions.

除了某些例外，您应该大部分时间都使用它们。

情况二 (Situation 2)

You’re working on your MacBook laptop, and you desperately need your sqlmap tool from your Kali Linux distribution. But you don’t have access to your Virtual Machine.

您正在使用MacBook笔记本电脑，并且迫切需要Kali Linux发行版中的sqlmap工具。 但是您无权访问虚拟机。

Unfortunately, sqlmap doesn’t have an official simple image name. But maybe someone else has created an image. Let’s search for it.

不幸的是，sqlmap没有正式的简单映像名称。 但是也许其他人创造了形象。 让我们搜索一下。

> docker search sqlmap
NAME                     DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
paoloo/sqlmap            Dockered sqlmap. Build instructions: https:/…   6
k0st/alpine-sqlmap       sqlmap on alpine (size: ~113 MB)                3                                       [OK]
jdecool/sqlmap           sqlmap (Automatic SQL injection) in a contai…   2                                       [OK]
harshk13/kali-sqlmap     Kali Linux base image with Sqlmap               1
marcomsousa/sqlmap       Simple image that execute Automatic SQL inje…   1                                       [OK]
....

We have several choices. This can happen often. For most cases, the image should be the first one (or the one with the greater star count).

我们有几种选择。 这可能经常发生。 在大多数情况下，该图像应该是第一个(或具有较多星数的图像)。

Let’s use it.

让我们使用它。

> docker run -it paoloo/sqlmap --url http://localhost
         _
 ___ ___| |_____ ___ ___  {1.0.9.32#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org
      
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
...

All arguments that are after [docker run -it {image}] are passed to the binary executed in Docker, which is sqlmap in this case.

[docker run -it {image}]之后的所有参数 传递给在Docker中执行的二进制文件，在这种情况下为sqlmap。

Easy enough, right? Yes, but there is a con.

很容易，对吧？ 是的，但是有一个缺点。

sqlmap writes log files onto the disk in the ~/.sqlmap path. But since Docker containers run in an isolated environment, we lose everything!!

sqlmap将日志文件写到~/.sqlmap路径中的磁盘上。 但是由于Docker容器在隔离的环境中运行，我们将失去一切！！

This is a feature, but in this case represents a bug for us — let’s fix it.

这是一项功能，但在这种情况下，对我们来说是一个错误-让我们对其进行修复。

To enable persistence so that we don’t lose that log file, we have to create a bind mount between our workstation (host) and the Docker container.

为了启用持久性以便不丢失该日志文件，我们必须在工作站(主机)和Docker容器之间创建绑定安装。

Let’s decide that our host bind mount directory is /tmp/sqlmap. This should be an empty directory created only for this purpose!

让我们决定我们的主机绑定安装目录是/tmp/sqlmap 。 这应该是一个仅为此目的而创建的空目录！

> docker run -it -v \
  /tmp/sqlmap:/root/.sqlmap \
  paoloo/sqlmap \
  --url http://localhost

With the -v option we’ll create a bind mount. The first argument is the host path, and the second is the path on the container that we want to map.

使用-v选项，我们将创建绑定安装。 第一个参数是主机路径，第二个参数是我们要映射的容器上的路径。

And, in fact, everything has been saved — including our reports.

而且，实际上，所有内容都已保存-包括我们的报告。

情况3 (Situation 3)

You’re on your Windows PC, and you immediately need an NGINX server that serves your static files from a directory.

您在Windows PC上，立即需要一台NGINX服务器，该服务器可从目录中提供静态文件。

As you may have noticed, the first time you run docker run, it downloads the images from the Docker Hub.

您可能已经注意到，第一次运行docker run ，它将从Docker Hub下载映像。

This could be hundreds of hundreds gigabytes. This is because we downloaded the tag latest of the image (the default).

这可能是数百个千兆字节。 这是因为我们下载了图像的最新标签(默认)。

But most images have also an ‘alpine’ version of the same image. It uses Linux Alpine OS. This is an optimized version of Linux, which occupies about 130MB.

但是大多数图像也具有相同图像的“高山”版本。 它使用Linux Alpine OS。 这是Linux的优化版本，占用约130MB。

Let’s use it in this situation. We know that image name upfront is nginx (since it is an official image).

让我们在这种情况下使用它。 我们知道，图像名称的前期是nginx (因为它是官方图像)。

So the final image name will be nginx:alpine. If you want a specific version (such as 1.14), use nginx:1.14-alpine.

因此，最终的图像名称将为nginx:alpine 。 如果需要特定版本(例如1.14)，请使用nginx:1.14-alpine.

You may have more questions. How do we know which directory the NGINX container uses to serve our files? How we know which port it exposes?

您可能还有其他问题。 我们如何知道NGINX容器使用哪个目录来提供文件？ 我们如何知道它暴露哪个端口？

Luckily, the answers to all your questions are in the Docker Hub.

幸运的是，所有问题的答案都在Docker Hub中 。

So, to recap:

因此，回顾一下：

• We have to share our directory to serve into the container. Again, this can be done using bind mounts: -v $(pwd):/usr/share/nginx/html

  我们必须共享目录才能投放到容器中。 同样，这可以使用绑定挂载完成： -v $(pwd):/usr/share/nginx/html

• By adding :ro at the end, we are sure that container uses our files in read-only mode.

  通过在末尾添加:ro ，可以确保容器以只读模式使用文件。

• We must bind the port exposed by the container to the host, and then communicate via TCP on our host: -p 80:80

  我们必须将容器公开的端口绑定到主机，然后在主机上通过TCP进行通信-p 80:80

> docker run \
  -v $(pwd):/usr/share/nginx/html:ro \
  -p 80:80 \
  nginx:alpine

情况4 (Situation 4)

No matter which platform, you have to start your Node.js 10 project. But you don’t have Node.js installed on your platform.

无论使用哪种平台，都必须启动Node.js 10项目。 但是您没有在平台上安装Node.js。

Perhaps you now understand how it works. Here, we have to share our content and bind ports.

也许您现在了解它是如何工作的。 在这里，我们必须共享我们的内容并绑定端口。

However, we don’t know the container working directory. Instead, we’re gonna explicitly set it with the -w flag to a custom directory of our choice. For example, you might choose/src — just don’t override an existing directory!

但是，我们不知道容器的工作目录。 相反，我们将使用-w标志将其显式设置为我们选择的自定义目录。 例如，您可以选择/src只是不覆盖现有目录！

> docker run \
  -p 3000:3000 \
  -v $(pwd):/src \
  -w /src \
  node:10-alpine \
  node main.js
Example app listening on port 3000!
...

Simple and powerful enough?

简单而强大？

Additionally, do you want a ‘shortcut’ to just execute binaries without searching for third-party images?

另外，您是否希望“快捷方式”仅执行二进制文件而不搜索第三方图像？

Why don’t you try my simple tool DR?

您为什么不尝试使用我的简单工具DR ？

I hope that you’re gonna use Docker for all your future binaries! :)

希望您将来使用Docker编写所有二进制文件！ :)

翻译自: https://www.freecodecamp.org/news/how-to-run-any-binary-of-any-platform-without-messing-up-with-your-workstation-dade18c18801/

运行linux的机器死机了