Browse Source

Make AllowedUsers configurable in sshd_config (#8094)

docker/root/usr/bin/entrypoint already allows for the specification
of USER, USER_UID, USER_GID. But since AllowedUsers is hardcoded in
sshd_config, one cannot log in as a user different ftom git.
This change substitutes ${USER} for git in the sshd_config template.

Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
for-closed-social
jpellegrini 5 years ago
committed by Antoine GIRARD
parent
commit
852b8e2d81
2 changed files with 1 additions and 3 deletions
  1. +1
    -1
      docker/root/etc/templates/sshd_config
  2. +0
    -2
      docker/root/usr/bin/entrypoint

+ 1
- 1
docker/root/etc/templates/sshd_config View File

@ -25,7 +25,7 @@ ChallengeResponseAuthentication no
PasswordAuthentication no PasswordAuthentication no
PermitEmptyPasswords no PermitEmptyPasswords no
AllowUsers git
AllowUsers ${USER}
Banner none Banner none
Subsystem sftp /usr/lib/ssh/sftp-server Subsystem sftp /usr/lib/ssh/sftp-server

+ 0
- 2
docker/root/usr/bin/entrypoint View File

@ -3,8 +3,6 @@
if [ "${USER}" != "git" ]; then if [ "${USER}" != "git" ]; then
# rename user # rename user
sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
# switch sshd config to different user
sed -i -e "s/AllowUsers git$/AllowUsers ${USER}/g" /etc/ssh/sshd_config
fi fi
if [ -z "${USER_GID}" ]; then if [ -z "${USER_GID}" ]; then

Loading…
Cancel
Save