-
Copy the file from the container.
docker cp logstash:/usr/share/logstash/logstash-core/lib/jars/log4j-core-2.13.3.jar patched/.
-
Delete the JndiLookup.class from the JAR.
zip -d patched/log4j-core-2.13.3.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
-
Update
docker-compose.yml
to hard link the patched file.version: '3.2' services: logstash: ... volumes: ... - type: bind source: ./patched/log4j-core-2.13.3.jar target: /usr/share/logstash/logstash-core/lib/jars/log4j-core-2.13.3.jar read_only: true ...
-
Re-create the container.
docker-compose up -d logstash
Created
February 1, 2022 15:08
-
-
Save TaylorBurnham/d4da5a7286ef29384562b0e7f9ac9b48 to your computer and use it in GitHub Desktop.
Demonstration of patching a specific file in a container, then mapping it with a hard link. This should only be done when upgrading isn't possible.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment