1.) Upstream update to install: 6df6cc79bc0dbbc0307d57767ac47c09f1a0bf1c - Added ssdeep install and php module. 2.) Updated README for Mac Docker users to clear up confusion around mount directories, thanks to Toby @datasci4security for bringing it up 3.) Added Latest Update date and Latest Upstream hash included

README.md

@@ -1,11 +1,17 @@
 Docker MISP Container
 =====================
+### Latest Update: 3-7-2018
+
+Latest Upstream Change Included: 6df6cc79bc0dbbc0307d57767ac47c09f1a0bf1c
+
+Github repo + build script here:
+https://github.com/harvard-itsecurity/docker-misp
+(note: after a git pull, update ```build.sh``` with your own passwords/FQDN, and then build the image)
+
 NOTE: Cannot autobuild on DockerHub due to size+time limit, and we
 refuse to break this up into multiple images and chain them just to
 get around the tiny resources that DockerHub provides!
 
-Github repo + build script here:
-https://github.com/harvard-itsecurity/docker-misp
 
 # What is this?
 This is an easy and highly customizable Docker container with MISP -
@@ -54,11 +60,15 @@ This will produce an image called: ```harvarditsecurity/docker-misp```
 
 # How to run it in 3 steps:
 
+About ```$docker-root``` - If you are running Docker on a Mac, there are some mount directory restrictions by default (see: https://docs.docker.com/docker-for-mac/osxfs/#namespaces). Your ```$docker-root``` needs to be either one of the supported defaults ("Users", "Volumes", "private", or "tmp"), otherwise, you must go to "Preferences" -> "File Sharing" and add your chosen $docker-root to the list.
+
+We would suggest using ```/docker``` for your ```$docker-root```, and if using a Mac, adding that to the File Sharing list.
+
 ## 1. Initialize Database
 
 ```
 docker run -it --rm \
-    -v /misp-db:/var/lib/mysql \
+    -v $docker-root/misp-db:/var/lib/mysql \
     harvarditsecurity/misp /init-db
 ```
 
@@ -68,7 +78,7 @@ docker run -it -d \
     -p 443:443 \
     -p 80:80 \
     -p 3306:3306 \
-    -v /misp-db:/var/lib/mysql \
+    -v $docker-root/misp-db:/var/lib/mysql \
     harvarditsecurity/misp
 ```
 
@@ -101,8 +111,8 @@ docker run -it -d \
     -p 443:443 \
     -p 80:80 \
     -p 3306:3306 \
-    -v /certs:/etc/ssl/private \
+    -v $docker-root/certs:/etc/ssl/private \
-    -v /misp-db:/var/lib/mysql \
+    -v $docker-root/misp-db:/var/lib/mysql \
     harvarditsecurity/misp
 ```
 

container/Dockerfile

@@ -73,7 +73,7 @@ RUN mkdir /var/www/.composer && chown -R www-data:www-data /var/www/.composer ;
     sudo -u www-data -H php composer.phar require kamisama/cake-resque:4.1.2 ; \
     sudo -u www-data -H php composer.phar config vendor-dir Vendor ; \
     sudo -u www-data -H php composer.phar install ; \
-    phpenmod redis ; \
+    sudo phpenmod redis ; \
     sudo -u www-data -H cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php ; \
     sudo chown -R www-data:www-data /var/www/MISP ; \
     sudo chmod -R 750 /var/www/MISP ; \
@@ -122,6 +122,11 @@ RUN sed -i -e 's/db login/misp/g' /var/www/MISP/app/Config/database.php ; \
     sudo pip install --upgrade pip ; \
     sudo pip install pyzmq ; \
     sudo pip install redis ; \
+    sudo -u www-data -H wget http://downloads.sourceforge.net/project/ssdeep/ssdeep-2.13/ssdeep-2.13.tar.gz ; \
+    tar zxvf ssdeep-2.13.tar.gz && cd ssdeep-2.13 && ./configure && make && sudo make install ; \
+    sudo pecl install ssdeep ; \
+    sudo echo "extension=ssdeep.so" > /etc/php/7.0/mods-available/ssdeep.ini ; \
+    sudo phpenmod ssdeep ; \
     echo "#!/bin/bash" > /init-db ; \
     echo "if [ ! -f /var/lib/mysql/.db_initialized ]; then" >> /init-db ; \
     echo "sudo chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \