Increase the default Node.js heap memory.

Improved Kibana Image to include all Dependencies

README.md

@@ -1,5 +1,10 @@
 # Wazuh containers for Docker
 
+[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://goo.gl/forms/M2AoZC4b2R9A9Zy12)
+[![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh)
+[![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com)
+[![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com)
+
 In this repository you will find the containers to run:
 
 * wazuh: It runs the Wazuh manager, Wazuh API and Filebeat (for integration with Elastic Stack)
@@ -10,7 +15,7 @@ In addition, a docker-compose file is provided to launch the containers mentione
 
 ## Current release
 
-Containers are currently tested on Wazuh version 2.0 and Elastic Stack version 5.5.2. We will do our best to keep this repository updated to latest versions of both Wazuh and Elastic Stack.
+Containers are currently tested on Wazuh version 3.1.0 and Elastic Stack version 6.1.0. We will do our best to keep this repository updated to latest versions of both Wazuh and Elastic Stack.
 
 ## Installation notes
 

docker-compose.yml

@@ -13,8 +13,8 @@ services:
     networks:
         - docker_elk
 #    volumes:
-#      - my-path:/var/ossec/data
+#      - my-path:/var/ossec/data:Z
-#      - my-path:/etc/postfix
+#      - my-path:/etc/postfix:Z
     depends_on:
       - elasticsearch
   logstash:
@@ -23,7 +23,7 @@ services:
     restart: always
     command: -f /etc/logstash/conf.d/
 #    volumes:
-#      - my-path:/etc/logstash/conf.d
+#      - my-path:/etc/logstash/conf.d:Z
     links:
      - kibana
      - elasticsearch:elasticsearch
@@ -37,7 +37,7 @@ services:
       - LS_HEAP_SIZE=2048m
       - XPACK_MONITORING_ENABLED=false
   elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:5.6.4
+    image: docker.elastic.co/elasticsearch/elasticsearch:6.1.3
     hostname: elasticsearch
     restart: always
     ports:
@@ -60,7 +60,7 @@ services:
         hard: -1
     mem_limit: 2g
 #    volumes:
-#      - my-path:/usr/share/elasticsearch/data
+#      - my-path:/usr/share/elasticsearch/data:Z
     networks:
         - docker_elk
   kibana:
@@ -69,16 +69,16 @@ services:
     restart: always
 #    ports:
 #      - "5601:5601"
+    environment:
+      - "NODE_OPTIONS=--max-old-space-size=3072"
     networks:
-        - docker_elk
+      - docker_elk
     depends_on:
       - elasticsearch
     links:
       - elasticsearch:elasticsearch
       - wazuh
     entrypoint: /wait-for-it.sh elasticsearch
-#    environment:
-#      - "WAZUH_KIBANA_PLUGIN_URL=http://your.repo/wazuhapp-2.1.0-5.5.1.zip"
   nginx:
     image: wazuh/wazuh-nginx
     hostname: nginx
@@ -89,6 +89,8 @@ services:
     ports:
       - "80:80"
       - "443:443"
+#    volumes:
+#      - my-path:/etc/nginx/conf.d:Z
     networks:
       - docker_elk
     depends_on:

kibana/Dockerfile

@@ -1,4 +1,4 @@
-FROM docker.elastic.co/kibana/kibana:5.6.4
+FROM docker.elastic.co/kibana/kibana:6.1.3
 
 USER root
 
@@ -6,4 +6,16 @@ COPY ./config/kibana.yml /usr/share/kibana/config/kibana.yml
 
 COPY config/wait-for-it.sh /wait-for-it.sh
 
+ADD https://packages.wazuh.com/wazuhapp/wazuhapp-3.1.0_6.1.3.zip /tmp
+
+ADD https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/wazuh-elastic6-template-alerts.json /usr/share/kibana/config
+
+ADD https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/wazuh-elastic6-template-monitoring.json /usr/share/kibana/config
+
+ADD https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/alert_sample.json /usr/share/kibana/config
+
+RUN /usr/share/kibana/bin/kibana-plugin install file:///tmp/wazuhapp-3.1.0_6.1.3.zip
+
+RUN rm -rf /tmp/*
+
 RUN chmod 755 /wait-for-it.sh

kibana/config/wait-for-it.sh

@@ -5,7 +5,6 @@ set -e
 host="$1"
 shift
 cmd="kibana"
-WAZUH_KIBANA_PLUGIN_URL=${WAZUH_KIBANA_PLUGIN_URL:-https://packages.wazuh.com/wazuhapp/wazuhapp-2.1.1_5.6.4.zip}
 
 until curl -XGET $host:9200; do
   >&2 echo "Elastic is unavailable - sleeping"
@@ -14,39 +13,42 @@ done
 
 >&2 echo "Elastic is up - executing command"
 
-if /usr/share/kibana/bin/kibana-plugin list | grep wazuh; then
+sleep 5
-  echo "Wazuh APP already installed"
+#Insert default templates
-else
+cat /usr/share/kibana/config/wazuh-elastic6-template-alerts.json | curl -XPUT 'http://elasticsearch:9200/_template/wazuh' -H 'Content-Type: application/json' -d @-
-  /usr/share/kibana/bin/kibana-plugin install ${WAZUH_KIBANA_PLUGIN_URL}
-fi
 
-sleep 30
+sleep 5
+#Insert default templates
+cat /usr/share/kibana/config/wazuh-elastic6-template-monitoring.json | curl -XPUT 'http://elasticsearch:9200/_template/wazuh-agent' -H 'Content-Type: application/json' -d @-
 
-echo "Configuring defaultIndex to wazuh-alerts-*"
+#Insert sample alert:
-
+sleep 5
-curl -s -XPUT http://$host:9200/.kibana/config/5.6.4 -H 'Content-Type: application/json' -d '{"defaultIndex" : "wazuh-alerts-*"}' > /dev/null
+cat /usr/share/kibana/config/alert_sample.json | curl -XPUT "http://elasticsearch:9200/wazuh-alerts-3.x-"`date +%Y.%m.%d`"/wazuh/sample" -H 'Content-Type: application/json' -d @-
 
+sleep 5
 echo "Setting API credentials into Wazuh APP"
-
+CONFIG_CODE=$(curl -s -o /dev/null -w "%{http_code}" -XGET http://$host:9200/.wazuh/wazuh-configuration/1513629884013)
-CONFIG_CODE=$(curl -s -o /dev/null -w "%{http_code}" -XGET http://$host:9200/.wazuh/wazuh-configuration/apiconfig)
 if [ "x$CONFIG_CODE" = "x404" ]; then
-  curl -s -XPOST http://$host:9200/.wazuh/wazuh-configuration/apiconfig -H 'Content-Type: application/json' -d'
+  curl -s -XPOST http://$host:9200/.wazuh/wazuh-configuration/1513629884013 -H 'Content-Type: application/json' -d'
-  {
+    {
-    "api_user": "foo",
+      "api_user": "foo",
-    "api_password": "YmFy",
+      "api_password": "YmFy",
-    "url": "https://wazuh",
+      "url": "https://wazuh",
-    "api_port": "55000",
+      "api_port": "55000",
-    "insecure": "true",
+      "insecure": "true",
-    "component": "API",
+      "component": "API",
-    "active": "true",
+      "cluster_info": {
-    "manager": "wazuh-manager",
+        "manager": "wazuh-manager",
-    "extensions": {
+        "cluster": "Disabled",
-      "oscap": true,
+        "status": "disabled"
-      "audit": true,
+       },
-      "pci": true
+      "extensions": {
+        "oscap": true,
+        "audit": true,
+        "pci": true
+      }
     }
-  }
+    ' > /dev/null
-  ' > /dev/null
 else
   echo "Wazuh APP already configured"
 fi

logstash/Dockerfile

@@ -1,4 +1,3 @@
-FROM docker.elastic.co/logstash/logstash:5.6.4
+FROM docker.elastic.co/logstash/logstash:6.1.3
 
 COPY config/logstash.conf /etc/logstash/conf.d/logstash.conf
-COPY config/wazuh-elastic5-template.json /etc/logstash/wazuh-elastic5-template.json

logstash/config/logstash.conf

@@ -4,22 +4,26 @@ input {
     beats {
         port => 5000
         codec => "json_lines"
-#        ssl => true
+#       ssl => true
-#        ssl_certificate => "/etc/logstash/logstash.crt"
+#       ssl_certificate => "/etc/logstash/logstash.crt"
-#        ssl_key => "/etc/logstash/logstash.key"
+#       ssl_key => "/etc/logstash/logstash.key"
+    }
+}
+filter {
+    if [data][srcip] {
+        mutate {
+            add_field => [ "@src_ip", "%{[data][srcip]}" ]
+        }
+    }
+    if [data][aws][sourceIPAddress] {
+        mutate {
+            add_field => [ "@src_ip", "%{[data][aws][sourceIPAddress]}" ]
+        }
     }
 }
-## Local Wazuh Manager - JSON file input
-#input {
-#   file {
-#       type => "wazuh-alerts"
-#       path => "/var/ossec/logs/alerts/alerts.json"
-#       codec => "json"
-#   }
-#}
 filter {
     geoip {
-        source => "srcip"
+        source => "@src_ip"
         target => "GeoLocation"
         fields => ["city_name", "continent_code", "country_code2", "country_name", "region_name", "location"]
     }
@@ -28,16 +32,13 @@ filter {
         target => "@timestamp"
     }
     mutate {
-        remove_field => [ "timestamp", "beat", "fields", "input_type", "tags", "count", "@version", "log", "offset", "type"]
+        remove_field => [ "timestamp", "beat", "input_type", "tags", "count", "@version", "log", "offset", "type","@src_ip"]
     }
 }
 output {
     elasticsearch {
         hosts => ["elasticsearch:9200"]
-        index => "wazuh-alerts-%{+YYYY.MM.dd}"
+        index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}"
         document_type => "wazuh"
-        template => "/etc/logstash/wazuh-elastic5-template.json"
-        template_name => "wazuh"
-        template_overwrite => true
     }
 }

logstash/config/wazuh-elastic5-template.json

@@ -1,620 +0,0 @@
-{
-  "order": 0,
-  "template": "wazuh*",
-  "settings": {
-    "index.refresh_interval": "5s"
-  },
-  "mappings": {
-    "wazuh": {
-      "dynamic_templates": [
-        {
-          "string_as_keyword": {
-            "match_mapping_type": "string",
-            "mapping": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        }
-      ],
-      "properties": {
-        "@timestamp": {
-          "type": "date",
-          "format": "dateOptionalTime"
-        },
-        "@version": {
-          "type": "text"
-        },
-        "agent": {
-          "properties": {
-            "ip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "manager": {
-          "properties": {
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "dstuser": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "AlertsFile": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "full_log": {
-          "type": "text"
-        },
-        "previous_log": {
-          "type": "text"
-        },
-        "GeoLocation": {
-          "properties": {
-            "area_code": {
-              "type": "long"
-            },
-            "city_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "continent_code": {
-              "type": "text"
-            },
-            "coordinates": {
-              "type": "double"
-            },
-            "country_code2": {
-              "type": "text"
-            },
-            "country_code3": {
-              "type": "text"
-            },
-            "country_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dma_code": {
-              "type": "long"
-            },
-            "ip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "latitude": {
-              "type": "double"
-            },
-            "location": {
-              "type": "geo_point"
-            },
-            "longitude": {
-              "type": "double"
-            },
-            "postal_code": {
-              "type": "keyword"
-            },
-            "real_region_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "region_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "timezone": {
-              "type": "text"
-            }
-          }
-        },
-        "host": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "syscheck": {
-          "properties": {
-            "path": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "sha1_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "sha1_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uid_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uid_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gid_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gid_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "perm_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "perm_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "md5_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "md5_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gname_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gname_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "inode_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "inode_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "mtime_after": {
-              "type": "date",
-              "format": "dateOptionalTime",
-              "doc_values": "true"
-            },
-            "mtime_before": {
-              "type": "date",
-              "format": "dateOptionalTime",
-              "doc_values": "true"
-            },
-            "uname_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uname_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "size_before": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "size_after": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "diff": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "event": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "location": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "message": {
-          "type": "text"
-        },
-        "offset": {
-          "type": "keyword"
-        },
-        "rule": {
-          "properties": {
-            "description": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "groups": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "level": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "cve": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "info": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "frequency": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "firedtimes": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "cis": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "pci_dss": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "decoder": {
-          "properties": {
-            "parent": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "ftscomment": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "fts": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "accumulate": {
-              "type": "long",
-              "doc_values": "true"
-            }
-          }
-        },
-        "srcip": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "protocol": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "action": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "dstip": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "dstport": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "srcuser": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "program_name": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "id": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "status": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "command": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "url": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "data": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "system_name": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "type": {
-          "type": "text"
-        },
-        "title": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "oscap": {
-          "properties": {
-            "check.title": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "check.id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "check.result": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "check.severity": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "check.description": {
-              "type": "text"
-            },
-            "check.rationale": {
-              "type": "text"
-            },
-            "check.references": {
-              "type": "text"
-            },
-            "check.identifiers": {
-              "type": "text"
-            },
-            "check.oval.id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.content": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.benchmark.id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.profile.title": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.profile.id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "scan.score": {
-              "type": "double",
-              "doc_values": "true"
-            },
-            "scan.return_code": {
-              "type": "long",
-              "doc_values": "true"
-            }
-          }
-        },
-        "audit": {
-          "properties": {
-            "type": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "syscall": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "exit": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "ppid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "pid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "auid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "euid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "suid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "fsuid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "egid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "sgid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "fsgid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "tty": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "session": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "command": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "exe": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "key": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "cwd": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "directory.name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "directory.inode": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "directory.mode": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "file.name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "file.inode": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "file.mode": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "acct": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dev": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "enforcing": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "list": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "old-auid": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "old-ses": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "old_enforcing": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "old_prom": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "op": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "prom": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "res": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "srcip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "subj": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "success": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        }
-      }
-    },
-    "agent": {
-      "properties": {
-        "@timestamp": {
-          "type": "date",
-          "format": "dateOptionalTime"
-        },
-        "status": {
-          "type": "keyword"
-        },
-        "ip": {
-          "type": "keyword"
-        },
-        "host": {
-          "type": "keyword"
-        },
-        "name": {
-          "type": "keyword"
-        },
-        "id": {
-          "type": "keyword"
-        }
-      }
-    }
-  }
-}

wazuh/Dockerfile

@@ -1,5 +1,5 @@
 FROM phusion/baseimage:latest
-ARG FILEBEAT_VERSION=5.6.4
+ARG FILEBEAT_VERSION=6.1.3
 
 RUN apt-get update; apt-get -y dist-upgrade
 RUN apt-get -y install openssl postfix bsd-mailx curl apt-transport-https lsb-release
@@ -8,11 +8,12 @@ RUN useradd -u 1000 -g 1000 ossec
 RUN curl --silent --location https://deb.nodesource.com/setup_6.x | bash - &&\
     apt-get install -y nodejs
 RUN curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
-RUN echo "deb https://packages.wazuh.com/apt $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/wazuh.list
+RUN echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
 RUN apt-get update && apt-get -y install wazuh-manager wazuh-api expect
 
 ADD config/data_dirs.env /data_dirs.env
 ADD config/init.bash /init.bash
+
 # Sync calls are due to https://github.com/docker/docker/issues/9547
 RUN chmod 755 /init.bash &&\
   sync && /init.bash &&\