Skip to content

Commit

Permalink
Make AllowedUsers configurable in sshd_config (#8094)
Browse files Browse the repository at this point in the history
docker/root/usr/bin/entrypoint already allows for the specification
of USER, USER_UID, USER_GID. But since AllowedUsers is hardcoded in
sshd_config, one cannot log in as a user different ftom git.
This change substitutes ${USER} for git in the sshd_config template.

Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
  • Loading branch information
jpellegrini authored and sapk committed Sep 5, 2019
1 parent 85f5654 commit 852b8e2
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 3 deletions.
2 changes: 1 addition & 1 deletion docker/root/etc/templates/sshd_config
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ ChallengeResponseAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no

AllowUsers git
AllowUsers ${USER}

Banner none
Subsystem sftp /usr/lib/ssh/sftp-server
Expand Down
2 changes: 0 additions & 2 deletions docker/root/usr/bin/entrypoint
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@
if [ "${USER}" != "git" ]; then
# rename user
sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
# switch sshd config to different user
sed -i -e "s/AllowUsers git$/AllowUsers ${USER}/g" /etc/ssh/sshd_config
fi

if [ -z "${USER_GID}" ]; then
Expand Down

0 comments on commit 852b8e2

Please sign in to comment.