Public | Automated Build

Last pushed: 2 years ago
Short Description
Create a Debian base system at a specific time in the past
Full Description

#+TITLE: timemachine-debian

  • What is timemachine?

=timemachine= is a tool that automatically creates a Docker image of a Debian base
system at a specific time in the past.

  • Why do we need timemachine?

=timemachine= is used to reproduce security vulnerabilities. In order to do so,
a system with a specific package version, e.g., the vulnerable =glibc 2.9= in
the CVE-2015-7547, and more importantly its dependencies must be constructed.
However, the current Debian package repositories are always up-to-date, e.g.,
containing the patched version of =glibc=.

  • How does it work?

timemachine uses the Debian's =debootstrap= utility to create a Docker image of
a base Debian system at a specific time in the past, e.g, 20151231, such that
the base system contains the vulnerable version of a specific package, e.g.,
=glibc 2.9=. To make sure dependencies of the package are consistent, the base
system is configured to fetch dependencies from a Debian snapshot repository.

#+CAPTION: timemachine

#+NAME: fig:timemachine

  • Usage
    timemachine can run on any host supporting docker.

** Generate a Docker image of a base Debian system
Three required parameters are:

  1. Output directory on the host holding the generated Docker image, e.g., =/tmp/timemachine=
  2. Debian distribution such as =jessie, wheezy, squeeze, lenny=
  3. datetime in YYYYMMDD format, e.g., =20151231=

Example usage:

#+begin_src sh
$ docker run -t --rm --privileged \
-v /tmp/timemachine/:/tmp/timemachine/ \
csldepend/timemachine \
jessie \

Image created! Import by: docker import /tmp/timemachine/jessie-20151231.tar jessie:20151231


The resulting docker image =jessie-20151231.tar= is stored in a mounted
directory on the host, e.g., /tmp/timemachine. Note: if you need to change the output
directory on the host, use the =-v= flag as folows: =-v <output dir on the host>:/tmp/timemachine/= (Don't modify the part after the colon!).

** Import the image into Docker

Example usage:

#+begin_src sh
$ docker import /tmp/timemachine/jessie-20151231.tar jessie:20151231



** Run the created image

#+begin_src sh
$ docker run -ti jessie:20151231 cat /etc/apt/sources.list

deb jessie main


  • Contributors

Phuong Cao <pcao3 at illinois dot edu>

Docker Pull Command
Source Repository