docker-compose up fails after "Attaching to vulnerable-node_postgres_db_1, vulnerable-node_vulnerable_node_1"

[sininspira2]

Having an issue starting the container. Here is the output after it tries to start the postgres database

postgres_db_1 | Error: Database is uninitialized and superuser password is not specified. postgres_db_1 | You must specify POSTGRES_PASSWORD to a non-empty value for the postgres_db_1 | superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run". postgres_db_1 | postgres_db_1 | You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all postgres_db_1 | connections without a password. This is *not* recommended. postgres_db_1 | postgres_db_1 | See PostgreSQL documentation about "trust": postgres_db_1 | https://www.postgresql.org/docs/current/auth-trust.html vulnerable-node_postgres_db_1 exited with code 1

I tried adding the postgres_password, then the host auth method trust value to the docker-compose.yaml but then I started getting:

Attaching to vulnerable-node_postgres_db_1, vulnerable-node_vulnerable_node_1 postgres_db_1 | postgres_db_1 | PostgreSQL Database directory appears to contain a database; Skipping initialization postgres_db_1 | postgres_db_1 | 2022-03-26 02:19:48.762 UTC [1] LOG: starting PostgreSQL 14.2 (Debian 14.2-1.pgdg110+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit postgres_db_1 | 2022-03-26 02:19:48.762 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432 postgres_db_1 | 2022-03-26 02:19:48.762 UTC [1] LOG: listening on IPv6 address "::", port 5432 postgres_db_1 | 2022-03-26 02:19:48.764 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" postgres_db_1 | 2022-03-26 02:19:48.767 UTC [26] LOG: database system was shut down at 2022-03-26 02:19:07 UTC postgres_db_1 | 2022-03-26 02:19:48.770 UTC [1] LOG: database system is ready to accept connections vulnerable_node_1 | vulnerable_node_1 | > [email protected] start /app vulnerable_node_1 | > node ./bin/www vulnerable_node_1 | vulnerable_node_1 | Sat, 26 Mar 2022 02:19:49 GMT body-parser deprecated bodyParser: use individual json/urlencoded middlewares at app.js:38:9 vulnerable_node_1 | Sat, 26 Mar 2022 02:19:49 GMT body-parser deprecated undefined extended: provide extended option at node_modules/body-parser/index.js:105:29 vulnerable_node_1 | Sat, 26 Mar 2022 02:19:49 GMT express-session deprecated undefined resave option; provide resave option at app.js:43:9 vulnerable_node_1 | Sat, 26 Mar 2022 02:19:49 GMT express-session deprecated undefined saveUninitialized option; provide saveUninitialized option at app.js:43:9 vulnerable_node_1 | [2022-03-26 02:19:49.472] [INFO] vnode - Building database vulnerable_node_1 | /app/node_modules/pg/lib/connection.js:426 vulnerable_node_1 | throw new Error("Unknown authenticationOk message type" + util.inspect(msg)); vulnerable_node_1 | ^ vulnerable_node_1 | vulnerable_node_1 | Error: Unknown authenticationOk message type{ name: 'authenticationOk', length: 23 } vulnerable_node_1 | at Connection.parseR (/app/node_modules/pg/lib/connection.js:426:9) vulnerable_node_1 | at Connection.parseMessage (/app/node_modules/pg/lib/connection.js:345:17) vulnerable_node_1 | at Socket.<anonymous> (/app/node_modules/pg/lib/connection.js:105:22) vulnerable_node_1 | at emitOne (events.js:77:13) vulnerable_node_1 | at Socket.emit (events.js:169:7) vulnerable_node_1 | at readableAddChunk (_stream_readable.js:146:16) vulnerable_node_1 | at Socket.Readable.push (_stream_readable.js:110:10) vulnerable_node_1 | at TCP.onread (net.js:523:20) postgres_db_1 | 2022-03-26 02:19:49.497 UTC [36] LOG: could not receive data from client: Connection reset by peer postgres_db_1 | 2022-03-26 02:19:49.498 UTC [35] LOG: could not receive data from client: Connection reset by peer vulnerable_node_1 | vulnerable_node_1 | npm ERR! Linux 5.16.0-kali5-amd64 vulnerable_node_1 | npm ERR! argv "/usr/bin/nodejs" "/usr/bin/npm" "start" vulnerable_node_1 | npm ERR! node v4.2.6 vulnerable_node_1 | npm ERR! npm v3.5.2 vulnerable_node_1 | npm ERR! code ELIFECYCLE vulnerable_node_1 | npm ERR! [email protected] start: node ./bin/www vulnerable_node_1 | npm ERR! Exit status 1 vulnerable_node_1 | npm ERR! vulnerable_node_1 | npm ERR! Failed at the [email protected] start script 'node ./bin/www'. vulnerable_node_1 | npm ERR! Make sure you have the latest version of node.js and npm installed. vulnerable_node_1 | npm ERR! If you do, this is most likely a problem with the vulnerable-node-source package, vulnerable_node_1 | npm ERR! not with npm itself. vulnerable_node_1 | npm ERR! Tell the author that this fails on your system: vulnerable_node_1 | npm ERR! node ./bin/www vulnerable_node_1 | npm ERR! You can get information on how to open an issue for this project with: vulnerable_node_1 | npm ERR! npm bugs vulnerable-node-source vulnerable_node_1 | npm ERR! Or if that isn't available, you can get their info via: vulnerable_node_1 | npm ERR! npm owner ls vulnerable-node-source vulnerable_node_1 | npm ERR! There is likely additional logging output above. vulnerable_node_1 | vulnerable_node_1 | npm ERR! Please include the following file with any support request: vulnerable_node_1 | npm ERR! /app/npm-debug.log

Not really sure where to go here. Any help is greatly appreciated! docker-compose is version 1.29.2

[nanioo]

docker-compose version 1.25.5, build unknown is ok..

[cr0hn]

Hi! Thanks for the report. Just fixed at https://github.com/cr0hn/vulnerable-node/commit/5d6206462f93b9243cf5ef44ca7e5b1dd3b6bf4e