Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added group creation option and corresponding documentation #76

Merged
merged 2 commits into from
May 31, 2023
Merged

Added group creation option and corresponding documentation #76

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eb9f2d0
Added group creation option and corresponding documentation.
courtarro Feb 10, 2022
1249dea
Remove unused line
macropin May 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ Configure the container with the following environment variables or optionally m

### General Options

- `SSH_USERS` list of user accounts and uids/gids to create. eg `SSH_USERS=www:48:48,admin:1000:1000:/bin/bash`. The fourth argument for specifying the user shell is optional
- `SSH_USERS` list of user accounts and uids/gids to create. eg `SSH_USERS=www:48:48,admin:1000:1000:/bin/bash`. The fourth argument for specifying the user shell is optional. If `SSH_GROUPS` is omitted, a group is created for each user with the same name as the user.
- `SSH_GROUPS` list of groups and gids to create. eg `SSH_GROUPS=guests:1005,other:1006`. Specifying this option disables automatic group creation of user-named groups if you also specify `SSH_USERS`.
- `SSH_ENABLE_ROOT` if "true" unlock the root account
- `SSH_ENABLE_PASSWORD_AUTH` if "true" enable password authentication (disabled by default) (excluding the root user)
- `SSH_ENABLE_ROOT_PASSWORD_AUTH` if "true" enable password authentication for all users including root
Expand Down
16 changes: 15 additions & 1 deletion entry.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,18 @@ if [ -w /etc/authorized_keys ]; then
done
fi

# Add groups if SSH_GROUPS=group:gid set
if [ -n "${SSH_GROUPS}" ]; then
GROUPZ=$(echo $SSH_GROUPS | tr "," "\n")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It took me quite a long time to discover that the natural name for this variable, GROUPS, is a reserved keyword in bash, and assigning to it silently kills the script!

for G in $GROUPZ; do
IFS=':' read -ra GA <<< "$G"
_NAME=${GA[0]}
_GID=${GA[1]}
echo ">> Adding group ${_NAME} with gid: ${_GID}."
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
done
fi

# Add users if SSH_USERS=user:uid:gid set
if [ -n "${SSH_USERS}" ]; then
USERS=$(echo $SSH_USERS | tr "," "\n")
Expand All @@ -99,7 +111,9 @@ if [ -n "${SSH_USERS}" ]; then
else
check_authorized_key_ownership /etc/authorized_keys/${_NAME} ${_UID} ${_GID}
fi
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
if [ -z "${SSH_GROUPS}" ]; then
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
fi
getent passwd ${_NAME} >/dev/null 2>&1 || useradd -r -m -p '' -u ${_UID} -g ${_GID} -s ${_SHELL:-""} -c 'SSHD User' ${_NAME}
done
else
Expand Down