At the following DockerHub address you will find a Docker container that includes a full installation of the infamous and famous DVWA, or Damn Web Vulnerable Application:
This application is very useful to perform a wide variety of penetration tests, SQL code injection, Cross Site Scripting, etc. etc.
And the way to run this container is very simple:
docker run --rm -it -p 80:80 --name dvwa vulnerables/web-dvwa
However, when invoking the previous command, it turns out that the MySQL database does not respond.
To try to analyze the problem, from another terminal I accessed the inside of the container like this:
docker exec -it dvwa bash
And then I ran: cat /var/log/mysql/error.log that allowed me to observe the following:
180804 18:14:21 [ERROR] Fatal error: Can't open and lock privilege tables: Got error 140 from storage engine
Initially, the problem "I fixed it" by executing the following command:
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
But to have a permanent solution, I modified the /main.sh file so that it stayed like this:
#!/bin/bash
echo 'Setting file and directory permissions'
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
echo 'DONE !!!!!!!'
echo '[+] Starting mysql...'
service mysql start
echo '[+] Starting apache'
service apache2 start
while true
do
tail -f /var/log/apache2/*.log
exit 0
done
And finally with docker commit I created a new image that already does everything right.
Question: Does this correspond to correct practice? Is my solution workable? Is there a canonical way to do this? It suits me better to create a Dockerfile and use "docker build" with a new main.sh?