SIFT workstation in a container

Quick how-to

##buildah bud --cap-add=sys_admin,mknod --device=/dev/fuse --security-opt label=disable --security-opt seccomp=unconfined --volume /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro -t docker.io/digitalforensic/sift-distro .
FROM docker.io/ubuntu
RUN export VERSION_ID=20.04; export DEBIAN_FRONTEND=noninteractive; echo "-- Install base pkgs"; apt-get -qq update && apt-get -qq install curl sudo ca-certificates gnupg2 wget -y && echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list; curl -L "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/Release.key" | apt-key add -; echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | tee /etc/apt/sources.list.d/docker.list; curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -; export TZ="Etc/UTC"; ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime; apt-get -qq update && echo "-- Install ext pkgs" && apt-get -qq install docker-ce podman mc ht gcc wine python3 python3-pip python3-boto3 python-wheel-common python3-testresources dbus python2 -y; pip install boto3; pip install wheel; mv /usr/bin/docker /usr/bin/docker.byebye; ln -s /usr/bin/podman /usr/bin/docker; apt-mark manual docker-ce; curl -L https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli-linux -o /usr/local/bin/sift && chmod +x /usr/local/bin/sift && useradd -m sift && echo "sift ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/sift && su -c "sudo /usr/local/bin/sift install --mode=server --verbose | tee /tmp/sift.log" sift; STATUS=`cat /tmp/sift.log | grep -c "COMPLETED SUCCESS"`; test $STATUS -eq 0 && echo "-=-=-=-=-=-=-=-=-" && (cat /var/cache/sift/cli/*/*.log | grep -A 5 ERROR) && echo "-=-=-=-=-=-=-=-=-" && exit 1; echo "Finished";