|Mai Lapyst 59ffbfc936|
A login shell to forward a user's ssh session into a docker container
This project is licensed under AGPL-3.0-or-later. See the
LICENSE file for more informations.
Currently, only one docker image can be used; you'll need to create it beforehand:
build/containersh_stage2to the same directory on your server
docker build -f Dockerfile.alpine -t containersh:alpine-3.18.4 .
- Enjoy your container image!
To use containersh itself:
- Install / upload
build/containershto your server; preferabliy to a location such as
- Set the root user as owner:
chown root:root /usr/local/bin/containersh
- Set the suid bit:
chmod +s /usr/local/bin/containersh; this is required in order for the binary to run docker commands
- Use the binary as login chell for any user you want:
chsh -s /usr/local/bin/containersh <user>
- Verify it is working by logging in one time
- cleaning up the code from TODO's
initgroupswith static-linkable equivalents
- better shell escapeing of inputs for
- do not only rely on
SSH_TTYto know if we're in a tty and can use
-itin the docker command
- forward user's home dir & mount it in the container
- forward ALL of the user's groups into the container
- make everything configureable
- allow to use a 'in-between' shell for usecases where we want the connecting user decide what to do
- allow connecting to containers instead of creating new ones
- allow specifing the container name; also helps with persistency!
- allow for persistence containers
and so much more I propably can't think of right now!