容器入门(8) - 镜像签名_error loading trust policy: open /etc/containers/p

《OpenShift 4.x HOL教程汇总》

说明

本文将对测试镜像签名，然后推送到本地Docker Registry上。当用户有签名对应秘钥时，可以正常从Docker Registry获得该镜像；如果没有合法秘钥，则无法从Docker Registry上获取被签名的镜像。

以下用root用户操作。

准备环境

安装python3

$ yum install python3 -y
1

配置镜像签名

1. 先创建一个GPG密钥对。根据提示提供用户名、邮箱和密码，并接受缺省选项即可。

$ gpg --full-gen-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
 
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
  (14) Existing key from card
Your selection? 
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) y
 
GnuPG needs to construct a user ID to identify your key.
 
Real name: liuxiaoyu
Email address: xiaoyliu@redhat.com
Comment: test
You selected this USER-ID:
    "liuxiaoyu (test) <xiaoyliu@redhat.com>"
 
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key D28961834BC7974B marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/433F149D481E050260F36F88D28961834BC7974B.rev'
public and secret key created and signed.
 
pub   rsa2048 2021-08-11 [SC]
      433F149D481E050260F36F88D28961834BC7974B
uid                      liuxiaoyu (test) <xiaoyliu@redhat.com>
sub   rsa2048 2021-08-11 [E]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

2. 再用“aaa、aaa@redhat.com”创建另一个签名使用的密钥对。
3. 查看刚刚创建的GPG秘钥

$ gpg --list-keys xiaoyliu@redhat.com
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   rsa2048 2021-08-11 [SC]
      433F149D481E050260F36F88D28961834BC7974B
uid           [ultimate] liuxiaoyu (test) <xiaoyliu@redhat.com>
sub   rsa2048 2021-08-11 [E]
1
2
3
4
5
6
7
8

4. 在本地运行一个Docker Registry容器。

$ podman run -d -p 5000:5000 docker.io/registry
Trying to pull docker.io/library/registry:latest...
Getting image source signatures
Copying blob 6eda6749503f done  
Copying blob 12008541203a done  
Copying blob ddad3d7c1e96 done  
Copying blob 363ab70c2143 done  
Copying blob 5b94580856e6 done  
Copying config 1fd8e1b0bb done  
Writing manifest to image destination
Storing signatures
3df860c0e5ef3292d7373e183acedf8c3e8405a98a6c1917d09a89f1d0e4587b
1
2
3
4
5
6
7
8
9
10
11
12

5. pull一个alpine镜像到本地

$ podman pull docker://docker.io/alpine:latest
Trying to pull docker://docker.io/alpine:latest...
Getting image source signatures
Copying blob 29291e31a76a done  
Copying config 021b342311 done  
Writing manifest to image destination
Storing signatures
021b3423115ff662225e83d7e2606475217de7b55fde83ce3447a54019a77aa2
1
2
3
4
5
6
7
8

6. 查看alpine镜像并打标签

$ podman images alpine
REPOSITORY                TAG     IMAGE ID      CREATED     SIZE
docker.io/library/alpine  latest  021b3423115f  4 days ago  5.87 MB
$ podman tag alpine localhost:5000/alpine
$ podman images alpine
REPOSITORY                TAG     IMAGE ID      CREATED     SIZE
docker.io/library/alpine  latest  021b3423115f  4 days ago  5.87 MB
localhost:5000/alpine     latest  021b3423115f  4 days ago  5.87 MB
1
2
3
4
5
6
7
8

7. 修改/etc/containers/registries.d/default.yaml文件，修改其中default-docker下面的sigstore和sigstore-staging为以下内容。

default-docker:
  sigstore: http://localhost:8000 # Added by us
  sigstore-staging: file:///var/lib/containers/sigstore
1
2
3

8. 签名alpine镜像并推送到本地Docker Registry，然后删除本地的alpine镜像。

$ GNUPGHOME=$HOME/.gnupg
$ podman push --tls-verify=false --sign-by xiaoyliu@redhat.com localhost:5000/alpine
Getting image source signatures
Copying blob bc276c40b172 done  
Copying config 021b342311 done  
Writing manifest to image destination
Signing manifest
Storing signatures
$ podman rmi docker.io/alpine localhost:5000/alpine
1
2
3
4
5
6
7
8
9

9. 查看系统签名存储，

$ ls /var/lib/containers/sigstore
'alpine@sha256=864fe88b86abf48d78de06f57cc5c8be02cc907cfb01c54ef4b668db1c8e0056'
1
2

10. 修改/etc/containers/policy.json文件，把以下内容“docker”部分复制到/etc/containers/policy.json文件中的“transports”区域，以强制验证镜像签名必须是合法的。验证签名使用的key是"/tmp/key.gpg"。

{
  "default": [{ "type": "insecureAcceptAnything" }],
  "transports": {
    "docker": {
      "localhost:5000": [
        {
          "type": "signedBy",
          "keyType": "GPGKeys",
          "keyPath": "/tmp/key.gpg"
        }
      ]
    }
  }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14

验证

1. 在本地运行一个临时http服务，监控镜像签名目录。

$ cd /var/lib/containers/sigstore && python3 -m http.server
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
1
2

2. 将xiaoyliu@redhat.com对应的秘钥导出到/tmp/key.gpg文件，然后从Docker Registry上pull已被签名的alpine镜像。由于该镜像签名时就是使用xiaoyliu@redhat.com对应的秘钥，因此可以正常获取该镜像到本地。

$ gpg --output /tmp/key.gpg --armor --export xiaoyliu@redhat.com
$ podman pull --tls-verify=false localhost:5000/alpine
Trying to pull localhost:5000/alpine:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob f0eabd2439ac done  
Copying config 021b342311 done  
Writing manifest to image destination
Storing signatures
021b3423115ff662225e83d7e2606475217de7b55fde83ce3447a54019a77aa2
1
2
3
4
5
6
7
8
9
10

3. 将aaa@redhat.com对应的秘钥导出到/tmp/key.gpg文件，然后从Docker Registry上pull已被签名的alpine镜像。由于该镜像签名时没有使用aaa@redhat.com对应的秘钥，因此无法正常获取该镜像到本地。

$ gpg --output /tmp/key.gpg --armor --export aaa@redhat.com
$ podman pull --tls-verify=false localhost:5000/alpine
Trying to pull localhost:5000/alpine:latest...
  Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"433F149D481E050260F36F88D28961834BC7974B", Status:gpgme.Error{err:0x9}, Timestamp:time.Time{wall:0x0, ext:63764273480, loc:(*time.Location)(0x55f4d64ac040)}, ExpTimestamp:time.Time{wall:0x0, ext:62135596800, loc:(*time.Location)(0x55f4d64ac040)}, WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}
Error: Source image rejected: Invalid GPG signature: gpgme.Signature{Summary:128, Fingerprint:"433F149D481E050260F36F88D28961834BC7974B", Status:gpgme.Error{err:0x9}, Timestamp:time.Time{wall:0x0, ext:63764273480, loc:(*time.Location)(0x55f4d64ac040)}, ExpTimestamp:time.Time{wall:0x0, ext:62135596800, loc:(*time.Location)(0x55f4d64ac040)}, WrongKeyUsage:false, PKATrust:0x0, ChainModel:false, Validity:0, ValidityReason:error(nil), PubkeyAlgo:1, HashAlgo:8}
1
2
3
4
5

参考

https://github.com/containers/podman/blob/main/docs/tutorials/image_signing.md
http://redhatgov.io/workshops/security_container_intro/lab07-signing/