Skip to content

Docker registry with native basic auth not working #106

Open
@maxsuelmarinho

Description

Hi guys

I have been trying to get docker registry with native basic authentication working with the new image tag (2.7.1) without success.
Doc -> https://docs.docker.com/registry/deploying/#native-basic-auth

Specifically when I execute this command:

$ docker run --entrypoint htpasswd registry:2 -Bbn testuser testpassword > auth/htpasswd

This is the error I get:

docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"htpasswd\": executable file not found in $PATH": unknown. ERRO[0001] error waiting for container: context canceled

Investigating a little further, seems that the "htpasswd" was removed in the image tag 2.7.1.

$ docker run -it --rm registry:2.7.1 find / -name "htpasswd"

Although, looking in the previous version (tag 2.6.2) the file is there:

$ docker run -it --rm registry:2.6.2 find / -name "htpasswd" /usr/bin/htpasswd

And the initial command works was expected was well:

$ docker run --entrypoint htpasswd registry:2.6.2 -Bbn testuser testpassword testuser:$2y$05$KiRgtd4w8zO7ucC7LX8zguW58DBlm8E0yZ5gI64NXypIVtsosNvMu

Activity

avelytchko

avelytchko commented on Jun 22, 2020

@avelytchko

As I can see it has been removed from container in this commit due to CVE-2020-1927 and CVE-2020-1934.

edsantiago

edsantiago commented on Jun 22, 2020

@edsantiago

This is a regression, and is inconsistent with published documentation. It breaks CI processes which rely on the --entrypoint htpasswd behavior (still) documented in docs.docker.com. If that is to be deprecated, it would be courteous to (1) indicate so in the documentation, and (2) offer a grace period. Please consider both.

chanseokoh

chanseokoh commented on Jun 22, 2020

@chanseokoh

We are affected. We'd like to see a resolution (whatever it is) and correct docs. Also a migration path if htpasswd is going to be permanent removed.

anonymouse64

anonymouse64 commented on Jun 22, 2020

@anonymouse64

If the decision is to not support htpasswd in the container, then there needs to be a docs change on the website: https://docs.docker.com/registry/deploying/#native-basic-auth

dejo1307

dejo1307 commented on Jun 28, 2020

@dejo1307

This broke lot of everyone's automation, and it is a problem fixing it without at least docs being updated since no one is 100% sure what is going to be fix.

5 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      Docker registry with native basic auth not working Β· Issue #106 Β· distribution/distribution-library-image