forked from RandyMcMillan/docker.shell
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdebian.dockerfile
More file actions
61 lines (52 loc) · 2.16 KB
/
debian.dockerfile
File metadata and controls
61 lines (52 loc) · 2.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
ARG DEBIAN_VERSION=${DEBIAN_VERSION}
FROM debian:${DEBIAN_VERSION} as user
RUN apt install -y apt
RUN apt-get -y upgrade
RUN apt-get -y update
RUN export DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends apt-utils
RUN apt-get update && apt-get upgrade -y && apt-get install --no-install-recommends -y \
apt-utils \
adduser automake \
bash bash-completion binutils bsdmainutils build-essential \
ca-certificates cmake curl doxygen \
# g++-multilib \
git \
#libffi6 \
libtool libffi-dev lbzip2 libssl-dev \
make nsis \
openssh-client openssh-server \
patch pkg-config \
python3 python3-pip \
python3-setuptools \
vim virtualenv \
xz-utils \
quilt parted qemu-user-static debootstrap zerofree zip dosfstools libcap2-bin libarchive-tools rsync kmod bc qemu-utils kpartx libssl-dev sudo
RUN apt-get install debconf --reinstall
RUN mkdir /var/run/sshd
ARG PASSWORD=${PASSWORD}
ENV GIT_DISABLE_UNTRACKED_CACHE=true
ARG HOST_UID=${HOST_UID:-4000}
ARG HOST_USER=${HOST_USER:-nodummy}
USER root
RUN chmod 640 /etc/shadow
RUN chmod 4511 /usr/bin/passwd
RUN mkdir -p /var/cache/debconf
RUN mkdir -p /home/${HOST_USER}
COPY ./whatami /usr/local/bin/
RUN /bin/bash [[ "string1" == "string2" ]] && echo "Equal" || echo "Not equal"
RUN [[ "${HOST_UID}" == "0" ]] && echo "${HOST_UID}" || adduser --system --disabled-password --ingroup sudo --home /home/${HOST_USER} --uid ${HOST_UID} ${HOST_USER}
RUN echo root:${PASSWORD} | chpasswd
RUN echo ${HOST_USER}:${PASSWORD} | chpasswd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
EXPOSE 22
RUN echo "Set disable_coredump false" >> /etc/sudo.conf
RUN mkdir -p /home/${HOST_USER}/.ssh && chmod 700 /home/${HOST_USER}/.ssh
RUN touch /home/${HOST_USER}/.ssh/id_rsa
RUN echo -n ${SSH_PRIVATE_KEY} | base64 --decode > /home/${HOST_USER}/.ssh/id_rsa
RUN chown -R "${HOST_UID}:${HOST_UID}" /home/${HOST_USER}/.ssh
RUN chmod 600 /home/${HOST_USER}/.ssh/id_rsa
USER ${HOST_USER}
WORKDIR /home/${HOST_USER}
CMD ["/usr/sbin/sshd", "-D"]