42 lines
1.1 KiB
Docker
42 lines
1.1 KiB
Docker
|
FROM debian:stable
|
||
|
|
MAINTAINER busti <oss@busti.cool>
|
||
|
|
|
||
|
|
ENV DEBIAN_FRONTEND noninteractive
|
||
|
|
|
||
|
|
RUN apt-get update && apt install -y --no-install-recommends \
|
||
|
|
openssh-server \
|
||
|
|
sssd \
|
||
|
|
sssd-ldap \
|
||
|
|
libnss-sss \
|
||
|
|
libpam-sss \
|
||
|
|
libpam-modules \
|
||
|
|
gettext \
|
||
|
|
&& apt-get autoclean \
|
||
|
|
&& apt-get autoremove \
|
||
|
|
&& rm -rf /var/lib/apt/lists/*
|
||
|
|
|
||
|
|
RUN mkdir /var/run/sshd
|
||
|
|
RUN passwd --lock root
|
||
|
|
RUN sed -i 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' /etc/pam.d/sshd
|
||
|
|
RUN sed -i 's/#*PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
||
|
|
RUN echo "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys" >> /etc/ssh/sshd_config
|
||
|
|
RUN echo "AuthorizedKeysCommandUser nobody" >> /etc/ssh/sshd_config
|
||
|
|
RUN echo "session optional pam_mkhomedir.so" >> /etc/pam.d/common_session
|
||
|
|
|
||
|
|
RUN echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab
|
||
|
|
|
||
|
|
WORKDIR /home
|
||
|
|
|
||
|
|
EXPOSE 22
|
||
|
|
|
||
|
|
COPY sssd.conf /etc/sssd/sssd.conf.env
|
||
|
|
COPY nsswitch.conf /etc/nsswitch.conf
|
||
|
|
COPY common-session /etc/pam.d/common-session
|
||
|
|
COPY skel /etc/skel
|
||
|
|
|
||
|
|
COPY startup.sh /root/startup.sh
|
||
|
|
|
||
|
|
VOLUME /home
|
||
|
|
|
||
|
|
CMD ["/bin/bash", "/root/startup.sh"]
|