Giter VIP home page Giter VIP logo

docker-sftp's People

Contributors

maelstromeous avatar markusmcnugen avatar phendryx avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

zeroinputctrl phendryx snpster yradunchev sure-hand 2ramiro

docker-sftp's Issues

issue adding more users

Hi
I was wondering if someone else has had this issue before,
Currently this is my docker compose

sftp:
    image: markusmcnugen/sftp
    volumes:
        - /files:/files
    ports:
        - "3544:22"
    command: user0:xxx:::files
                     user1:xxxx:1001:100
                     user2:xxxx:1002:100

and its working with the user0 but the other users can login but cant see the files folder any ideas why?

Thank you

Container doesn't stop gracefully

Hey, I'm using this container on Unraid, and for some reason when I choose "Stop" it doesn't just stop the container, but it times out after 1 minute and then an error appears saying "Command execution error".
How could I investigate to see what the problem is?

Unable to pull from dockerhub

At some point I have lost the ability to pull this from docker hub, it's the only image I have a problem with.

I see the following message when attempting to start the container.

docker: Error response from daemon: manifest for markusmcnugen/sftp:latest not found: manifest unknown: manifest unknown.

Shell for rsync

This image contains rsync but does not configure a usable shell for a user to actually use it.
Is this intended?
gangefors/docker-rssh seems to implement this but is horrible outdated.

SSH-keys not working

I tried to add SSH-key to the userkeys folder (in my case /home/docker/sftp/userkeys/foo.pub), but this results in no .ssh-folder is created in the user folder when I run ls -lah in /home/foo/.

As a temporary solution I did manage to make it work if i mounted a volume in the .ssh/keys folder manually (-v /home/docker/sftp/userkeys/:/home/foo/.ssh/keys/:ro).

I think the issue is createUser()with authorized_keys generation:

docker-sftp/entrypoint

Lines 119 to 126 in b6c5765

# Add SSH keys to authorized_keys with valid permissions
if [ -d /home/$user/.ssh/keys ]; then
for publickey in /home/$user/.ssh/keys/*; do
cat $publickey >> /home/$user/.ssh/authorized_keys
done
chown $uid /home/$user/.ssh/authorized_keys
chmod 600 /home/$user/.ssh/authorized_keys
fi

...is executed before the userkeys folder copy script:

docker-sftp/entrypoint

Lines 201 to 218 in b6c5765

# Copy user keys if any
if [[ -f "$userConfFinalPath" && "$(cat "$userConfFinalPath" | wc -l)" > 0 ]]; then
# Read users from config
IFS=$'\r\n' GLOBIGNORE='*' command eval 'USERRAY=($(cat /var/run/sftp/users.conf))'
for i in "${USERRAY[@]}"
do
# Get user name from array
IFS=':' read -a usrconfig <<< $i
user=usrconfig[0]
for file in /config/userkeys/*
do
if [[ $file = "$user.pub" ]]; then
echo "Copying key for $user"
cp "/config/userkeys/$file" "/home/$user/.ssh/keys/$file"
fi
done
done
fi

If I had the time, I wolud gladly help you out by do a pull request of the issue instead.

fail2ban is unable to execute iptables rules

The container starts without errors. The fail2ban process starts but cannot execute any bans because it doesn't appear to have permissions to call iptables:

2019-06-15 14:03:07,667 fail2ban.action         [171]: ERROR   iptables -w -N f2b-sshd
iptables -w -A f2b-sshd -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 22 -j f2b-sshd -- stdout: b''
2019-06-15 14:03:07,668 fail2ban.action         [171]: ERROR   iptables -w -N f2b-sshd
iptables -w -A f2b-sshd -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 22 -j f2b-sshd -- stderr: b"iptables v1.6.0: can't initialize iptables
 table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\ngetsockopt failed strangely: Operation not permitted\n"
2019-06-15 14:03:07,668 fail2ban.action         [171]: ERROR   iptables -w -N f2b-sshd
iptables -w -A f2b-sshd -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 22 -j f2b-sshd -- returned 1
2019-06-15 14:03:07,668 fail2ban.actions        [171]: ERROR   Failed to start jail 'sshd' action 'iptables-multiport': Error starting action
2019-06-15 14:08:51,080 fail2ban.filter         [171]: INFO    [sshd] Found 123.456.789.123
2019-06-15 14:08:52,053 fail2ban.actions        [171]: NOTICE  [sshd] Ban 123.456.789.123
2019-06-15 14:08:52,156 fail2ban.action         [171]: ERROR   iptables -w -n -L INPUT | grep -q 'f2b-sshd[ \t]' -- stdout: b''
2019-06-15 14:08:52,156 fail2ban.action         [171]: ERROR   iptables -w -n -L INPUT | grep -q 'f2b-sshd[ \t]' -- stderr: b"iptables v1.6.0: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\n"
2019-06-15 14:08:52,157 fail2ban.action         [171]: ERROR   iptables -w -n -L INPUT | grep -q 'f2b-sshd[ \t]' -- returned 1
2019-06-15 14:08:52,157 fail2ban.CommandAction  [171]: ERROR   Invariant check failed. Trying to restore a sane environment
2019-06-15 14:08:52,259 fail2ban.action         [171]: ERROR   iptables -w -D INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
iptables -w -F f2b-sshd
iptables -w -X f2b-sshd -- stdout: b''
2019-06-15 14:08:52,259 fail2ban.action         [171]: ERROR   iptables -w -D INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
iptables -w -F f2b-sshd
iptables -w -X f2b-sshd -- stderr: b"getsockopt failed strangely: Operation not permitted\niptables v1.6.0: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\n"

(I've redacted the IPs included here)

Any ideas?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.