foster/atmoz-sftp
0
0
Fork 0
mirror of https://github.com/atmoz/sftp.git synced 2024-12-08 13:05:39 -05:00
Code Packages 2 Activity

Merge branch 'master' into alpine-3.5

Browse source
This commit is contained in:
Adrian Dvergsdal 2018-01-17 22:42:28 +01:00
commit d990faa216
No known key found for this signature in database
GPG key ID: C1E9E2D9552A42D2
3 changed files with 32 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -18,13 +18,14 @@ This is an automated build linked with the [debian](https://hub.docker.com/_/deb
# Usage # Usage
- Required: define users in command arguments or in file mounted as `/etc/sftp/users.conf` - Define users in (1) command arguments, (2) `SFTP_USERS` environment variable
(syntax: `user:pass[:e][:uid[:gid[:dir1[,dir2]...]]]...`). or (3) in file mounted as `/etc/sftp/users.conf` (syntax:
`user:pass[:e][:uid[:gid[:dir1[,dir2]...]]] ...`, see below for examples)
- Set UID/GID manually for your users if you want them to make changes to - Set UID/GID manually for your users if you want them to make changes to
your mounted volumes with permissions matching your host filesystem. your mounted volumes with permissions matching your host filesystem.
- Add directory names at the end, if you want to create them under the user's - Directory names at the end will be created under user's home directory with
home directory. Perfect when you just want a fast way to upload something. write permission, if they aren't already present.
- Optional (but recommended): mount volumes. - Mount volumes
- The users are chrooted to their home directory, so you can mount the - The users are chrooted to their home directory, so you can mount the
volumes in separate directories inside the user's home directory volumes in separate directories inside the user's home directory
(/home/user/**mounted-directory**) or just mount the whole **/home** directory. (/home/user/**mounted-directory**) or just mount the whole **/home** directory.

32
entrypoint
View file

@ -37,27 +37,28 @@ function createUser() {
log "Parsing user data: \"$@\"" log "Parsing user data: \"$@\""
IFS=':' read -a args <<< $@ IFS=':' read -a args <<< $@
index=0
skipIndex=0
chpasswdOptions=""
useraddOptions="--no-user-group"
user="${args[0]}"; validateArg "username" "$user" "$reUser" || return 1 user="${args[0]}"; validateArg "username" "$user" "$reUser" || return 1
pass="${args[1]}"; validateArg "password" "$pass" "$rePass" || return 1 pass="${args[1]}"; validateArg "password" "$pass" "$rePass" || return 1
if [ "${args[2]}" == "e" ]; then if [ "${args[2]}" == "e" ]; then
chpasswdOptions="-e" chpasswdOptions="-e"
index=1 skipIndex=1
fi fi
uid="${args[$[$index+2]]}"; validateArg "UID" "$uid" "$reUid" || return 1 uid="${args[$[$skipIndex+2]]}"; validateArg "UID" "$uid" "$reUid" || return 1
gid="${args[$[$index+3]]}"; validateArg "GID" "$gid" "$reGid" || return 1 gid="${args[$[$skipIndex+3]]}"; validateArg "GID" "$gid" "$reGid" || return 1
dir="${args[$[$index+4]]}"; validateArg "dirs" "$dir" "$reDir" || return 1 dir="${args[$[$skipIndex+4]]}"; validateArg "dirs" "$dir" "$reDir" || return 1
if getent passwd $user > /dev/null; then if getent passwd $user > /dev/null; then
log "WARNING: User \"$user\" already exists. Skipping." log "WARNING: User \"$user\" already exists. Skipping."
return 0 return 0
fi fi
useraddOptions="--no-user-group"
if [ -n "$uid" ]; then if [ -n "$uid" ]; then
useraddOptions="$useraddOptions --non-unique --uid $uid" useraddOptions="$useraddOptions --non-unique --uid $uid"
fi fi
@ -130,18 +131,17 @@ if [ ! -f "$userConfFinalPath" ]; then
cat "$userConfPath" | grep -v -E "$reArgSkip" > "$userConfFinalPath" cat "$userConfPath" | grep -v -E "$reArgSkip" > "$userConfFinalPath"
fi fi
# Append users from STDIN to final config if $startSshd; then
# DEPRECATED on 2017-10-08, DO NOT USE # Append users from arguments to final config
# TODO: Remove code after 6-12 months for user in "$@"; do
if [ ! -t 0 ]; then
while IFS= read -r user || [[ -n "$user" ]]; do
echo "$user" >> "$userConfFinalPath" echo "$user" >> "$userConfFinalPath"
done done
fi fi
if $startSshd; then if [ -n "$SFTP_USERS" ]; then
# Append users from arguments to final config # Append users from environment variable to final config
for user in "$@"; do usersFromEnv=($SFTP_USERS) # as array
for user in "${usersFromEnv[@]}"; do
echo "$user" >> "$userConfFinalPath" echo "$user" >> "$userConfFinalPath"
done done
fi fi
@ -172,6 +172,8 @@ if [ -d /etc/sftp.d ]; then
if [ -x "$f" ]; then if [ -x "$f" ]; then
log "Running $f ..." log "Running $f ..."
$f $f
else
log "Could not run $f, because it's missing execute permission (+x)."
fi fi
done done
unset f unset f

9
tests/run
View file

@ -52,10 +52,12 @@ function beforeTest() {
$sudo docker run \ $sudo docker run \
-v "$tmpDir/users:/etc/sftp/users.conf:ro" \ -v "$tmpDir/users:/etc/sftp/users.conf:ro" \
-v "$scriptDir/id_rsa.pub":/home/test/.ssh/keys/id_rsa.pub:ro \ -v "$scriptDir/id_rsa.pub":/home/test/.ssh/keys/id_rsa.pub:ro \
-v "$scriptDir/id_rsa.pub":/home/userFromEnv/.ssh/keys/id_rsa.pub:ro \
-v "$scriptDir/id_rsa.pub":/home/user.with.dot/.ssh/keys/id_rsa.pub:ro \ -v "$scriptDir/id_rsa.pub":/home/user.with.dot/.ssh/keys/id_rsa.pub:ro \
-v "$tmpDir":/home/test/share \ -v "$tmpDir":/home/test/share \
--name "$sftpContainerName" \ --name "$sftpContainerName" \
--expose 22 \ --expose 22 \
-e "SFTP_USERS=userFromEnv::$(id -u):$(id -g) userFromEnv2::$(id -u):$(id -g)" \
-d "$sftpImageName" \ -d "$sftpImageName" \
> "$redirect" > "$redirect"
@ -145,6 +147,13 @@ function testUserWithDotLogin() {
assertReturn $? 0 assertReturn $? 0
} }
function testLoginUsingUserFromEnv() {
$skipAllTests && skip && return 0
runSftpCommands "$sftpContainerName" "userFromEnv" "exit"
assertReturn $? 0
}
function testWritePermission() { function testWritePermission() {
$skipAllTests && skip && return 0 $skipAllTests && skip && return 0