First time trying to run stellar docker image in persistence mode and receiving this error after entering & confirming new password:
pq: password authentication failed for user "stellar"
docker cmd
docker run --rm -it -p "8000:8000" -v "/dev/stellar:/opt/stellar" --name stellar stellar/quickstart --testnet
I looked at trying to edit pg_hba.conf but I don't see the stellar user that has been configured.
Also, I verified the stellar-core.cfg has the correct db password as defined during setup.
I had exactly the same issue while I was using a password with special characters (too fancy for sed to process?). Then I recreated the '/opt/stellar' shared volume and used stellarpasswd as a New Postgresql Password. And it worked! :)
Another piece of info, maybe more important. I have also added user stellar to my host machine. When the default configurations get rsynced to '/opt/stellar', this might not have worked properly without that user on my host machine..
Related
I am building a MySQL image using buildah bud -f .podman/MySQL.conf -t localhost/mysql:mushroom and the following dockerfile (located at .podman/MYSQL.conf)
FROM mysql:8.0
ENV MYSQL_ROOT_PASSWORD='password'
EXPOSE 3306
I start the container using:
podman run --rm -v mysql_data:/var/lib/mysql localhost/mysql:mushroom
After starting the container I podman exe -it [ID] /bin/bash into the container cli.
running mysql -p and entering the correct password returns access denied for user 'root'#'localhost' (using password: YES)
I have confirmed that the env var MYSQL_ROOT_PASSWORD is correctly set.
I have tried entering the password in the podman run command (using -e MYSQL_ROOT_PASSWORD=password) I have confirmed that the volume mysql_data doesn't exist when I start the container.
Any suggestions for other things to try?
All I can say is that it seems to work for me.
I used your example Dockerfile (the only thing I did was to trim all the whitespace it seems to have accidentally gained when you pasted it).
I saved it as Dockerfile and then just used podman build ..
Starting the image in one terminal with podman run 8a0516eaa26e prints a load of log lines showing mysql startup and then ends with
[System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.31' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.
In another terminal I ran podman exec -it happy_dijkstra /bin/bash (that was the auto-generated container name I got) and tried to login to mysql with "password" and it worked. I have podman v3.4.2 here, but I would expect something as simple as this to have worked since v1. Are you sure there isn't a space or other odd character that has sneaked into the password you set?
Everything worked after a reboot.
My best guess is that the mysql_data volume still existed somehow, and held default login data.
I have a docker container running and it's exposing port 22 to local host port 1312. I am using the following command to run the container:
docker run -it -d -p 127.0.0.1:1312:22 -v
/workspace/project:/root --name
cpp_dep cpp_dep
Now to build the project in CLion, it need to be able to ssh into the container. I entered the container in interactive mode and ran "service ssh restart".
Now when I try to ssh into root#127.0.0.1:1312, it asks for my password. But when I enter my sudo (root) password, it keeps saying permission denied.
Is it an issue with ssh key? Which password should i use? or is there any way to bypass the password?
I am running a MAC OS.
Thanks in advance.
You may enter the container in interactive mode, use whoami to find the current user while use passwd to change the password of current user, then ssh into it using the updated passwd.
More details if you are interested:
User running the container is decided by
USER config in your Dockerfile: https://docs.docker.com/engine/reference/builder/#user
-u option in docker run command: https://docs.docker.com/engine/reference/run/#user
By default it's root (uid = 0), but it depends on your settings.
User password is stored in /etc/passwd file, which is different inside the container and in the host, so the same uid may have different password inside the container. It's a workaround to mannually reset it using passwd in the interactive mode but your may also set it in Dockerfile like
RUN echo 'root:Docker!' | chpasswd // (NOTICE: unsafe!)
It changes the password for root as "Docker!"
EDIT #1
As emphasized by David Maze in comments, it's unsafe to store plain password in the Dockerfile as it's public to anyone who get the source file, and it's not uncommon source files intended to be private mistakenly submitted to open github repository. If the container needs to provide public service, you must use build args (https://docs.docker.com/engine/reference/commandline/build/#set-build-time-variables---build-arg) so password can be secretly specified at build time.
Dockerfile:
ARG PASSWD
RUN echo 'root:${PASSWD}' | chpasswd
build:
docker build --build-arg PASSWD=<secret stored safely>
I followed instructions at https://wso2.com/integration/install/docker/get-started/. When I try to access
https://localhost:9743/dashboard
as indicated, I get confronted right away with the HTTPS issue in edge, chrome and firefox. After entering login and password (admin, admin), I get a dialogbox as follows
I click on the link I get unable to connect in all browsers
I downloaded the pem certificate in Firefox, added it to trusted store but it did not help
Not sure what is needed to be done
You need to start the MI docker container as follows where it exposes port 9164.
docker run -it -p 8253:8253 -p 8290:8290 -p 9164:9164 docker.wso2.com/wso2mi:1.2.0
Then you can start the MI Dashboard container as below.
docker run -it -p 9743:9743 wso2/wso2mi-dashboard:1.2.0
When you are logging from the MI dashboard server, it calls the MI instance to authenticate the user.
After running the ciphertool.bat or ciphertool.sh script in the bin directory of WSO2 Identity server, the next time the server is started up, you are presented with a prompt that asks you for the keystore and private key password used to configure the WSO2 secure vault. Example:
C:\Program Files\WSO2\Identity Server\5.7.0\bin>wso2server.bat --start
JAVA_HOME environment variable is set to C:\Program Files\Java\jdk1.8.0_181
CARBON_HOME environment variable is set to C:\PROGRA~1\WSO2\IDENTI~1\570D0D~1.0\bin\..
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
[Enter KeyStore and Private Key Password :]
I have a WSO2 identity server instance that is running in a Docker container. My passwords are encrypted so I need to provide a keystore/private key password on startup.
This presents an issue though:
I have to run my docker container with the -it flag in order to create an active bash shell in the container that allows me to type in the keystore and private key password. My docker run command looks like this docker run -p 443:443 -it wso2-test .. If I don't include the -it flag, WSO2 IS will never ask for the password and the passwords won't get resolved, causing everything to fail.
I don't want to use the -it flag because it forces user input and I'd like the containers to run independently.
In order to keep things as automated as possible, I want to provide the keystore and private key password right away when I run the wso2server.sh script (which is the entrypoint of my Dockerfile), rather than when the prompt is presented. Is this possible?
Ideally, a solution would have a Dockerfile entrypoint that looks something like this:
ENTRYPOINT ["wso2server.sh", "run", "KEYSTORE_PASSWORD"]
You should pass the keystore password as an environment variable to the docker run command.
docker run -e KEY_STORE_PASSWORD=wso2carbon secvault-test:latest
This environment variable should be read by ENTRYPOINT command, and written into a file named password-tmp under the $PRODUCT_HOME directory. Here's a sample Dockerfile with ENTRYPOINT:
$> cat Dockerfile
FROM ubuntu:16.04
RUN mkdir /opt/wso2is
WORKDIR /opt/wso2is
ENTRYPOINT ["/bin/sh", "-c", "echo $KEY_STORE_PASSWORD > password-tmp && wso2server.sh run"]
Security check:
Since the password is not baked into the docker image, we can safely push the image to a registry. Further, you'll need to enter environment variable whenever you spin a new container. Note that the environment variables of the containers are visible via docker inspect command.
So using docker I started a private Stellar Network by typing in the below command:
docker run --rm -it -p "8000:8000" --name stellar stellar/quickstart --standalone
Then I opened another terminal and ran the below command to interact with the private network:
docker exec -it stellar /bin/bash
Then I ran the below command to generate a keypair:
stellar-core --genseed
All commands went well. How do I do a transaction now?
My objective is to get 333 coins in one of the accounts.
Stellar has a dedicated stackexchange where questions on Stellar will get more attention.
After you have executed the steps in your question, stellar will be open to receiving transactions at localhost:8000/tx?blob=Base64 (See commands). You can confirm stellar is running with curl localhost:8000.
The base64 blob is the the XDR encoded form of a transaction. In your case you will want that transaction to contain a CreateAccount operation.
It is possible to build this XDR for custom networks with some of the SDKs. It's possible in the Scala SDK (I'm the maintainer) and probably very easy to do in the JavaScript SDK too. But to start with, I suggest building XDR by hand by going to the lab's transaction builder, selecting "custom" network at the top right and building your transaction from there.
You want to populate the network passphrase with Standalone Network ; February 2017. This is the value in the container's file stellar-core.cfg.