Dockerfile for building a working version of Autopsy for Linux. Unfotunately, their guidance for installing sucks and misses a lot of problems. This dockerfile successfully builds and runs as of writing.
Note: The xhost + command is in the documentation for convienience. It is a security risk (https://laurentschneider.com/wordpress/2007/03/xhost-is-a-huge-security-hole.html). If you have concerns about your X security, please using xauth instead.
$ xhost +
$ docker run \
-d \
-it \
--shm-size 2G \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v $(pwd)/case/:/root/case \
-e DISPLAY=$DISPLAY \
-e JAVA_TOOL_OPTIONS='-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel' \
--network host \
--device /dev/dri \
bannsec/autopsy
Just run:
$ xhost + && docker-compose up -d
The volume mounted in the local folder ./case/ should be used to share disk
images and cases files, so put here your evidence and load it in the Autopsy
wizard.