|
|
|
@ -24,27 +24,35 @@ FROM centos:7
|
|
|
|
|
RUN yum clean all && \
|
|
|
|
|
yum -y install -y python2.7 openssh-server sudo rsync git strace sudo && \
|
|
|
|
|
yum clean all && \
|
|
|
|
|
groupadd sudo
|
|
|
|
|
groupadd sudo && \
|
|
|
|
|
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
|
|
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
DOCKERFILE = r"""
|
|
|
|
|
COPY data/001-mitogen.sudo /etc/sudoers.d/001-mitogen
|
|
|
|
|
RUN \
|
|
|
|
|
mkdir /var/run/sshd && \
|
|
|
|
|
echo '%mitogen__sudo_nopw ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/001-mitogen__sudo_nopw && \
|
|
|
|
|
mkdir -p /var/run/sshd && \
|
|
|
|
|
echo i-am-mitogen-test-docker-image > /etc/sentinel && \
|
|
|
|
|
groupadd mitogen__sudo_nopw && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__has_sudo -G SUDO_GROUP && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__has_sudo_pubkey -G SUDO_GROUP && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__has_sudo_nopw -G mitogen__sudo_nopw && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__webapp && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__pw_required && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__require_tty && \
|
|
|
|
|
useradd -s /bin/bash -m mitogen__require_tty_pw_required && \
|
|
|
|
|
{ for i in `seq 1 21`; do useradd -s /bin/bash -m mitogen__user$i; done; } && \
|
|
|
|
|
( echo 'root:rootpassword' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__has_sudo:has_sudo_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__has_sudo_pubkey:has_sudo_pubkey_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__has_sudo_nopw:has_sudo_nopw_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__webapp:webapp_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__pw_required:pw_required_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__require_tty:require_tty_password' | chpasswd; ) && \
|
|
|
|
|
( echo 'mitogen__require_tty_pw_required:require_tty_pw_required_password' | chpasswd; ) && \
|
|
|
|
|
mkdir ~mitogen__has_sudo_pubkey/.ssh && \
|
|
|
|
|
{ echo '#!/bin/bash\nexec strace -ff -o /tmp/pywrap$$.trace python2.7 "$@"' > /usr/local/bin/pywrap; chmod +x /usr/local/bin/pywrap; } && \
|
|
|
|
|
{ for i in `seq 1 21`; do useradd -s /bin/bash -m mitogen__user$i; done; }
|
|
|
|
|
{ echo '#!/bin/bash\nexec strace -ff -o /tmp/pywrap$$.trace python2.7 "$@"' > /usr/local/bin/pywrap; chmod +x /usr/local/bin/pywrap; }
|
|
|
|
|
|
|
|
|
|
COPY data/docker/mitogen__has_sudo_pubkey.key.pub /home/mitogen__has_sudo_pubkey/.ssh/authorized_keys
|
|
|
|
|
RUN \
|
|
|
|
|