Download Our Free Benchmark PDFs
The CIS Benchmarks are distributed free of charge in PDF format to propagate their worldwide use and adoption as user-originated, de facto standards. CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.
View Our Extensive Benchmark List:
- Docker run -p 5900 creack/firefox-vnc x11vnc -forever -usepw -create Share. Improve this answer. Follow edited Apr 15 '19 at 22:26.
- The build docker command also has the –shm-size for the purpose of the building process not changing the default shared memory size in the containers based on the image afterward. Author neoX Posted on September 29, 2020 Categories tips, Uncategorized Tags /dev/shm, firefox, mount.
Ffdocker - Firefox-in-a-Docker for desktop use. The goal was to isolate Firefox from as much of the hardware and filesystem as seemed “reasonable” to me. My reasonable may not be yours.
Desktops & Web Browsers:
- Apple Desktop OSX
- Apple Safari Browser
- Google Chrome
- Microsoft Internet Explorer
- Microsoft Windows Desktop XP/NT
- Mozilla Firefox Browser
- Opera Browser
Mobile Devices
- Apple Mobile Platform iOS
- Google Mobile Platform
Network Devices
- Agnostic Print Devices
- Checkpoint Firewall
- Cisco Firewall Devices
- Cisco Routers/Switches IOS
- Cisco Wireless LAN Controller
- Juniper Routers/Switches JunOS
Security Metrics
- Quick Start Guide
- Security Metrics
Servers – Operating Systems
- Amazon Linux
- CentOS
- Debian Linux Server
- IBM AIX Server
- Microsoft Windows Server
- Novell Netware
- Oracle Linux
- Oracle Solaris Server
- Red Hat Linux Server
- Slackware Linux Server
- SUSE Linux Enterprise Server
- Ubuntu LTS Server
Servers – Other
- Apache HTTP Server
- Apache Tomcat Server
- BIND DNS Server
- FreeRADIUS
- Microsoft IIS Server
- IBM DB2 Server
- Microsoft Exchange
- Microsoft SharePoint Server
- Microsoft SQL Server
- MIT Kerberos
- MySQL Database Server
- Novell eDirectory
- OpenLDAP Server
- Oracle Database Server
- Sybase Database Server
Virtualization Platforms & Cloud
- Agnostic VM Server
- AWS Foundations
- AWS Three-Tier Web Architecture
- Docker
- Kubernetes
- VMware Server
- Xen Server
Other
- Microsoft Access
- Microsoft Excel
- Microsoft Office
- Microsoft Outlook
- Microsoft PowerPoint
- Microsoft Word
Mind you, if you're a webdev or a desktop hacker, this would be a good way to launch various hacked versions of Firefox without messing with the browser you need every day. There's four basic steps here:
- build a Firefox image
- authorize X11 connections from containers
- enable Firefox connections in SELinux
- run the container
#!/bin/bash
FROM fedora
# install firefox
RUN dnf install -y firefox
# install dependancies
RUN dnf install -y libcanberra-gtk3 PackageKit-gtk3-module
dbus dbus-devel dbus-x11
RUN dbus-uuidgen --ensure
# make uid and gid match inside and outside the container
# replace 1000 with your gid/uid, find them by running
# the id command
RUN export uid=1000 gid=1000 &&
mkdir -p /home/firefox &&
echo 'firefox:x:${uid}:${gid}:Developer,:/home/firefox:/bin/bash' >> /etc/passwd &&
echo 'firefox:x:${uid}:' >> /etc/group &&
echo 'firefox ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers &&
chmod 0440 /etc/sudoers &&
chown ${uid}:${gid} -R /home/firefox
#remove cache from the image to shrink it a bit
RUN dnf clean all
# set up and run firefox
USER firefox
ENV HOME /home/firefox
CMD /usr/bin/firefox -no-remote
Then you can build your image by running:
docker build -t username/firefox .
Next we need to make sure that the docker container is allowed to run X11 apps on your desktop machine, so that Firefox can run inside the container but be displayed on your desktop. This is a simple command, allowing anyone on localhost to run X apps:
xhost + 127.0.0.1
Thirdly we'll need to also make that work with SELinux. The simplest way to do this is to try it, have SELinux block, and then enable it. So try launching the Firefox container with the command in the step below. It should fail with some kind of 'could not connect to display' error. Then run these commands, as root:
Docker Firefox Sync
grep firefox /var/log/audit/audit.log | audit2allow -M mypol
Finally, your Firefox container should be ready to go. Except you need to add some flags, due to the need to share the X11 socket between the container and the desktop. Here's what I use:
docker run -it -e DISPLAY --net=host jberkus/firefox
This should bring up Firefox in a window on your desktop, under a profile and cache which exists only in the container. If you want to always dispose of this Firefox without saving anything, add an --rm flag to the above.