uphold / docker-litecoin-core Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
docker run --rm --user litecoin -it --name litecoin-server uphold/litecoin-core:latest litecoind -daemon
Gives me a tonne of errors then exits:
chmod: changing permissions of '/home/litecoin/.litecoin': Operation not permitted
Could not chmod /home/litecoin/.litecoin (may not have appropriate permissions)
chown: changing ownership of '/home/litecoin/.litecoin': Operation not permitted
Could not chown /home/litecoin/.litecoin (may not have appropriate permissions)
/entrypoint.sh: setting data directory to /home/litecoin/.litecoin
Error: Failed saving settings file:
- Error: Unable to open settings file /home/litecoin/.litecoin/settings.json.tmp for writing
Opening new issue due to some confusion in the prior issue that I recently closed. This is a follow up with hopefully a more concise description of the issue and resolution.
In the Dockerfile for the litecoin-0.17 daemon, the Litecoin maintainers public key is downloaded and added to GPG, the tarball is downloaded, and then the checksum file is verified against the public key. There is no verification of the tarball's sha256sum() to verify that the download has not been tampered with.
I have added a line to pull a sha256sum of the tarball, and compare it with the checksums listed in the sig file to ensure file integrity.
Here is a sample of the current Dockerfile's logic, and an example of how the binary can be modified and not detected with the current build process:
root@dee5ed122b3c:/# LITECOIN_VERSION=0.17.1
root@dee5ed122b3c:/# curl -O https://download.litecoin.org/litecoin-${LITECOIN_VERSION}/linux/litecoin-${LITECOIN_VERSION}-x86_64-linux-gnu.tar.gz
root@dee5ed122b3c:/# curl 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xFE3348877809386C' | gpg --import
... truncated ...
root@dee5ed122b3c:/# sha256sum litecoin-0.17.1-x86_64-linux-gnu.tar.gz
9cab11ba75ea4fb64474d4fea5c5b6851f9a25fe9b1d4f7fc9c12b9f190fed07 litecoin-0.17.1-x86_64-linux-gnu.tar.gz
root@dee5ed122b3c:/# curl https://download.litecoin.org/litecoin-${LITECOIN_VERSION}/linux/litecoin-${LITECOIN_VERSION}-linux-signatures.asc | gpg --verify - && echo "verified" || "unverified"
... truncated ...
verified
root@dee5ed122b3c:/# curl https://download.litecoin.org/litecoin-${LITECOIN_VERSION}/linux/litecoin-${LITECOIN_VERSION}-linux-signatures.asc | grep $(sha256sum litecoin-${LITECOIN_VERSION}-x86_64-linux-gnu.tar.gz | awk '{ print $1 }') && echo "verified" || echo "unverified"
... truncated ...
verified
root@dee5ed122b3c:/# echo "random string" >> litecoin-0.17.1-x86_64-linux-gnu.tar.gz
root@dee5ed122b3c:/# sha256sum litecoin-0.17.1-x86_64-linux-gnu.tar.gz
da3ad3a7565a4b4fb415e67ef119c54cc14f4d3c9490a0be85817848c8fba075 litecoin-0.17.1-x86_64-linux-gnu.tar.gz
root@dee5ed122b3c:/# curl https://download.litecoin.org/litecoin-${LITECOIN_VERSION}/linux/litecoin-${LITECOIN_VERSION}-linux-signatures.asc | gpg --verify - && echo "verified" || "unverified"
... truncated ...
verified
root@dee5ed122b3c:/# curl https://download.litecoin.org/litecoin-${LITECOIN_VERSION}/linux/litecoin-${LITECOIN_VERSION}-linux-signatures.asc | grep $(sha256sum litecoin-${LITECOIN_VERSION}-x86_64-linux-gnu.tar.gz | awk '{ print $1 }') && echo "verified" || echo "unverified"
... truncated ...
unverified
As you can see, the current operation will complete successfully, even with a bad checksum. I am submitting a PR that should add the additional step of checking the actual sha256sum and comparing it to the checksums listed in the verified sig file.
I'm trying to run the litcoin-core docker container on a Mac with an M1 chip. I tried the following command:
docker run --platform=linux/amd64 --rm uphold/litecoin-core \
-printtoconsole \
-regtest=1 \
-rpcallowip=172.17.0.0/16 \
-rpcauth='foo:1e72f95158becf7170f3bac8d9224$957a46166672d61d3218c167a223ed5290389e9990cc57397d24c979b4853f8e'
However I got an error:
/entrypoint.sh: assuming arguments for litecoind
/entrypoint.sh: setting data directory to /home/litecoin/.litecoin
runtime: failed to create new OS thread (have 2 already; errno=22)
fatal error: newosproc
runtime stack:
runtime.throw(0x4cb21f, 0x9)
/usr/local/go/src/runtime/panic.go:566 +0x95
runtime.newosproc(0xc420028000, 0xc420037fc0)
/usr/local/go/src/runtime/os_linux.go:160 +0x194
runtime.newm(0x4d6db8, 0x0)
/usr/local/go/src/runtime/proc.go:1572 +0x132
runtime.main.func1()
/usr/local/go/src/runtime/proc.go:126 +0x36
runtime.systemstack(0x53ae00)
/usr/local/go/src/runtime/asm_amd64.s:298 +0x79
runtime.mstart()
/usr/local/go/src/runtime/proc.go:1079
goroutine 1 [running]:
runtime.systemstack_switch()
/usr/local/go/src/runtime/asm_amd64.s:252 fp=0xc420022768 sp=0xc420022760
runtime.main()
/usr/local/go/src/runtime/proc.go:127 +0x6c fp=0xc4200227c0 sp=0xc420022768
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:2086 +0x1 fp=0xc4200227c8 sp=0xc4200227c0
Any suggestions? Thanks!
Hi
first of all, I feel grateful for the docker images you guys provide for litecoin
I noticed that you maintain 2 docker image repos, litecoin-core and litecoind respectively. Looks that with everything else the same, litcoin-core is more up-to-date with the version 0.15, while litecoind is at version 0.14, even though the info page for litecoind says it's at 0.15.
Curious what's the plan with these 2 repos? do you guys plan to keep one and retire the other?
thanks.
0.18 version does not synchronize anymore.
Just stuck on 2364581 block.
I guess it is hardfork / new block version.
Anyway the docker containers latest/0.18 do not work anymore
docker run --rm -it -p 19332:19332 -p 19444:19444 uphold/litecoin-core -printtoconsole -regtest=1 -rpcallowip=172.17.0.0/16 -rpcauth='foo:1e72f95158becf7170f3bac8d9224$957a46166672d61d3218c167a223ed5290389e9990cc57397d24c979b4853f8e'
then
curl --data-binary '{"jsonrpc":"1.0","id":"1","method":"getnetworkinfo","params":[]}' http://foo:[email protected]:19332/
curl: (56) Recv failure: Connection reset by peer
Hello,
Thanks for a wonderful tool.
Today I tried
$ docker pull uphold/litecoin-core:0.16.0
Error response from daemon: manifest for uphold/litecoin-core:0.16.0 not found
I then noticed that at
There is no such tag, despite it being listed in the documentation (https://github.com/uphold/docker-litecoin-core#tags)
What do you think?
James
The Dockerfile is downloading the checksum file, and verifying the signature via Litecoin's public keys, but is not verifying that the checksum of the tarball matches. I have added a line to compare the checksum to what is listed in the file.
https://github.com/uphold/docker-litecoin-core/pull/23/files
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.