Ashish Uppala

Product Designer & Software Engineer
Chicago, Illinois

Installing NMAP on Ubuntu with RPM and Alien

There's a network scanning service I built and maintain which serves as a fancy wrapper around nmap, a popular network scanning tool. We used a debian based docker image and needed to get the latest version of nmap available in the container; unfortunately, nmap builds are distributed via RPM -- the debian based ones for our image often lag behind. Let's see how we used the RPM version within our Debian image.

If you look at the nmap changelog, you'll see that the latest (as of writing) is 7.93, released in September 2022. Client was using version 7.80.

One thing to know is that the maintainers make the latest version of nmap available for Linux distributions through the RPM package manager. Reviewing the Linux distro installation instructions, it's clear that the binary for Debian derivatives (like Ubuntu) are maintained by someone else and are acknowledged to sometimes be a year or more behind the current version. In fact, as of writing this, the latest available for Debian is nmap version 7.91, which is two years behind the latest!

Okay, so we have a Debian container that needs the latest nmap, we can't change the image to a different base for reasons I can't divulge, and the latest nmap available via apt-get is roughly two years behind.

Luckily, we can use a nifty tool called Alien to convert our RPM binary to Debian and install it in our container.

Create the docker container with a debian base

      FROM python:3.9-slim AS base

Make sure wget and alien are available in the container

      RUN apt-get update && \
          apt-get -y --no-install-recommends install wget alien gcc && \
          apt-get clean && \
          rm -rf /var/lib/apt/lists/*

Download the RPM binaries

      RUN wget && \
          wget && \
          wget && \

Convert to DEB and install

      RUN alien -i nmap-7.93-1.x86_64.rpm && \
          alien -i zenmap-7.93-1.noarch.rpm && \
          alien -i ncat-7.93-1.x86_64.rpm && \
          alien -i nping-0.7.93-1.x86_64.rpm

Verify it works

      CMD ["sleep", "360000"]

This is a bit of a hack, but for the demo, you can just make the container sleep, that way you can build and run it and then exec in and run your own commands, i.e. --

      $ docker build -t nmap_demo -f ./container/Dockerfile .
      $ docker run nmap_demo
      $ docker exec -it $YOUR_CONTAINER_ID sh
      # You should be in the container now
      $ nmap
      # The above command should execute, indicate the correct version, and execute properly.

That's basically it! In this case, alien works nicely and converts the RPM binaries to DEB for us so we can use the latest nmap within our Debian container.