Hi,
I’m trying to set-up a ftp server where external users (not in my domain) can log-in. I’m using oracle linux and attached are my docker file along with config files.
My problem is, I’m unable to start the vsftpd service while I’m building the container. I want this to be a one click solution - when a new user comes in, I want to deploy a container with everything ready. Currently I have to open a bash terminal to the container and restart vsftps service manually. If I don’t restart the service manually, “systemctl status vsftpd” gives output as 0.
Steps I’ve been performing -
docker build --no-cache -t ol7_slim:latest . --progress=plain -t my-image
docker run -dit --privileged --name ol7_slim_con ol7_slim:latest
docker exec -it ol7_slim_con bash
DockerFile
FROM oraclelinux:7-slim
ENV container docker
RUN yum -y update; yum clean all
RUN yum install -y sudo initscripts
RUN mkdir -p /var/config &&
mkdir -p /var/scripts
COPY sshd_config /var/config/sshd_config
COPY vsftpd_config /var/config/vsftpd_config
RUN echo “sftpusersnokey sftpuserswithkey ftpusers” |xargs -n1 groupadd ${g};
RUN rpm -Uvh https://packages.microsoft.com/config/rhel/7/packages-microsoft-prod.rpm
RUN yum -y install blobfuse fuse vsftpd ftp systemd-sysv iptables-services openssh-server
RUN cat /var/config/sshd_config >> /etc/ssh/sshd_config
RUN sed -i ‘s/anonymous_enable=YES/anonymous_enable=NO/; s/listen_ipv6=YES/listen_ipv6=NO/; s/listen=NO/listen=YES/; s/xferlog_std_format=YES/xferlog_std_format=NO/; s/#chroot_local_user=YES/chroot_local_user=YES/;’ /etc/vsftpd/vsftpd.conf
RUN sed -i -r ‘s/auth(\s+)required(\s+)pam_shells.so/#auth\1required\2pam_shells.so/;’ /etc/pam.d/vsftpd
RUN sed -i -r ‘s!^Subsystem(\s+)sftp(\s+)/usr/libexec/openssh/sftp-server!#Subsystem\1sftp\2/usr/libexec/openssh/sftp-server\nSubsystem\1sftp\2internal-sftp!;’ /etc/ssh/sshd_config
RUN cat /var/config/vsftpd_config >> /etc/vsftpd/vsftpd.conf
RUN systemctl enable vsftpd
RUN service iptables stop
RUN service sshd restart
#RUN count=systemctl status sshd.service | grep 'running' | wc -l
RUN service vsftpd restart
#RUN process=systemctl status vsftpd | grep 'running' | wc -l
EXPOSE 20 21
ENTRYPOINT ["/usr/sbin/init"]
SSHD config
Protocol 2
LogLevel INFO
IgnoreRhosts yes
#############################################
Match Group sftpuserswithkey
ChrootDirectory /home/%u/sftp
AllowTcpForwarding no
X11Forwarding no
PermitTunnel no
ForceCommand internal-sftp
AuthenticationMethods publickey,password
Match Group sftpusersnokey
ChrootDirectory /home/%u/sftp
AllowTcpForwarding no
X11Forwarding no
PermitTunnel no
ForceCommand internal-sftp
AuthenticationMethods password
VSFTPD config
userlist_file=/etc/vsftpd/vsftpd.users
userlist_deny=NO
log_ftp_protocol=YES
xferlog_file=/var/log/vsftpd.log
Regards.