Docker Community Forums

Share and learn in the Docker community.

Issues with vsftpd in Oracle Linux

Hi,

I’m trying to set-up a ftp server where external users (not in my domain) can log-in. I’m using oracle linux and attached are my docker file along with config files.

My problem is, I’m unable to start the vsftpd service while I’m building the container. I want this to be a one click solution - when a new user comes in, I want to deploy a container with everything ready. Currently I have to open a bash terminal to the container and restart vsftps service manually. If I don’t restart the service manually, “systemctl status vsftpd” gives output as 0.

Steps I’ve been performing -

docker build --no-cache -t ol7_slim:latest . --progress=plain -t my-image
docker run -dit --privileged --name ol7_slim_con ol7_slim:latest
docker exec -it ol7_slim_con bash

DockerFile
FROM oraclelinux:7-slim

ENV container docker
RUN yum -y update; yum clean all
RUN yum install -y sudo initscripts

RUN mkdir -p /var/config &&
mkdir -p /var/scripts

COPY sshd_config /var/config/sshd_config
COPY vsftpd_config /var/config/vsftpd_config

RUN echo “sftpusersnokey sftpuserswithkey ftpusers” |xargs -n1 groupadd ${g};
RUN rpm -Uvh https://packages.microsoft.com/config/rhel/7/packages-microsoft-prod.rpm
RUN yum -y install blobfuse fuse vsftpd ftp systemd-sysv iptables-services openssh-server
RUN cat /var/config/sshd_config >> /etc/ssh/sshd_config
RUN sed -i ‘s/anonymous_enable=YES/anonymous_enable=NO/; s/listen_ipv6=YES/listen_ipv6=NO/; s/listen=NO/listen=YES/; s/xferlog_std_format=YES/xferlog_std_format=NO/; s/#chroot_local_user=YES/chroot_local_user=YES/;’ /etc/vsftpd/vsftpd.conf
RUN sed -i -r ‘s/auth(\s+)required(\s+)pam_shells.so/#auth\1required\2pam_shells.so/;’ /etc/pam.d/vsftpd
RUN sed -i -r ‘s!^Subsystem(\s+)sftp(\s+)/usr/libexec/openssh/sftp-server!#Subsystem\1sftp\2/usr/libexec/openssh/sftp-server\nSubsystem\1sftp\2internal-sftp!;’ /etc/ssh/sshd_config
RUN cat /var/config/vsftpd_config >> /etc/vsftpd/vsftpd.conf
RUN systemctl enable vsftpd

RUN service iptables stop
RUN service sshd restart
#RUN count=systemctl status sshd.service | grep 'running' | wc -l
RUN service vsftpd restart
#RUN process=systemctl status vsftpd | grep 'running' | wc -l

EXPOSE 20 21

ENTRYPOINT ["/usr/sbin/init"]

SSHD config
Protocol 2
LogLevel INFO
IgnoreRhosts yes
#############################################
Match Group sftpuserswithkey
ChrootDirectory /home/%u/sftp
AllowTcpForwarding no
X11Forwarding no
PermitTunnel no
ForceCommand internal-sftp
AuthenticationMethods publickey,password
Match Group sftpusersnokey
ChrootDirectory /home/%u/sftp
AllowTcpForwarding no
X11Forwarding no
PermitTunnel no
ForceCommand internal-sftp
AuthenticationMethods password

VSFTPD config
userlist_file=/etc/vsftpd/vsftpd.users
userlist_deny=NO

log_ftp_protocol=YES
xferlog_file=/var/log/vsftpd.log

Regards.

Error that I’m getting now -

#20 [16/18] RUN service iptables stop
#20 sha256:e28ad19d01cd8cc4c4249ed87335d2ba6f1b577cfda545c3f0e0916283e7ca37
#20 0.452 Redirecting to /bin/systemctl stop iptables.service
#20 0.454 Failed to get D-Bus connection: Operation not permitted
#20 ERROR: executor failed running [/bin/sh -c service iptables stop]: exit code: 1