bramvdk
Reputation: 1557
How to run vsftpd as non root in an ubuntu container?
I am trying to rebuild bogem/ftp to make the container run as non root. I created my own repo where you can find all the files.
I build it locally:
docker build -t bram_ftp:v0.4 .
Sending build context to Docker daemon 8.704kB
Step 1/17 : FROM ubuntu:latest
---> f643c72bc252
Step 2/17 : RUN apt-get update && apt-get install -y --no-install-recommends vsftpd db-util sudo && apt-get clean
---> Using cache
---> 8ab5e8a0d3d7
Step 3/17 : RUN useradd -m ftpuser
---> Using cache
---> 179c738d8a8b
Step 4/17 : ENV FTP_USER admin
---> Using cache
---> 3f55c42bccda
Step 5/17 : ENV FTP_PASS admin
---> Using cache
---> a44874a4d54e
Step 6/17 : ENV PASV_ADDRESS=127.0.0.1
---> Using cache
---> 824c15835a7f
Step 7/17 : COPY vsftpd_virtual /etc/pam.d/
---> Using cache
---> 5045135bb1ca
Step 8/17 : COPY run-vsftpd.sh /usr/sbin/
---> Using cache
---> 30bd2be7d610
Step 9/17 : COPY config-vsftpd.sh /usr/sbin/
---> Using cache
---> 8347833c2f63
Step 10/17 : RUN /usr/sbin/config-vsftpd.sh
---> Using cache
---> 58237fe9a8be
Step 11/17 : COPY vsftpd.conf /etc/vsftpd/
---> Using cache
---> 92c9cbc75356
Step 12/17 : RUN chown -R ftpuser:ftpuser /etc/vsftpd/ && chown ftpuser:ftpuser /usr/sbin/*-vsftpd.sh && chmod +x /usr/sbin/*-vsftpd.sh && mkdir -p /var/run/vsftpd/empty
---> Running in 91f03e3198df
Removing intermediate container 91f03e3198df
---> 94cfaf7209a9
Step 13/17 : VOLUME /home/ftpuser/vsftpd
---> Running in cfdf44372c17
Removing intermediate container cfdf44372c17
---> 5d7416bd2844
Step 14/17 : VOLUME /var/log/vsftpd
---> Running in c2b5121adb49
Removing intermediate container c2b5121adb49
---> 620cc085a235
Step 15/17 : EXPOSE 20 21
---> Running in f12d22af36cc
Removing intermediate container f12d22af36cc
---> 1dd7698c18b3
Step 16/17 : USER ftpuser
---> Running in d7a2cdcc3aa1
Removing intermediate container d7a2cdcc3aa1
---> 3a88a4a89ac8
Step 17/17 : CMD ["/usr/sbin/run-vsftpd.sh"]
---> Running in 86f5dec18f71
Removing intermediate container 86f5dec18f71
---> 50fdae730864
Successfully built 50fdae730864
Successfully tagged bram_ftp:v0.4
When I run it locally as described in the README then the container just keeps restarting and I do not see any logs/errors. When I run the container interactively (so -it instead of -d) instead of as daemon I get this error:
docker run -it -v /tmp/vsftpd:/home/ftpuser/vsftpd \
-p 20:20 -p 21:21 -p 47400-47470:47400-47470 \
-e FTP_USER=admin \
-e FTP_PASS=admin \
-e PASV_ADDRESS=127.0.0.1 \
--name ftp \
--restart=always \bram_ftp:v0.4
500 OOPS: config file not owned by correct user, or not a file
But when I check with what user the container is running and the vsftpd.conf permissions are everything seems to be fine:
docker run bram_ftp:v0.4 id
uid=1000(ftpuser) gid=1000(ftpuser) groups=1000(ftpuser)
docker run bram_ftp:v0.4 ls -la /etc/vsftpd
total 28
drwxr-xr-x 1 ftpuser ftpuser 4096 Dec 31 13:12 .
drwxr-xr-x 1 root root 4096 Dec 31 14:28 ..
-rw-r--r-- 1 ftpuser ftpuser 12288 Dec 31 13:12 virtual_users.db
-rw-r--r-- 1 ftpuser ftpuser 12 Dec 31 13:12 virtual_users.txt
-rw-r--r-- 1 ftpuser ftpuser 1734 Dec 31 13:09 vsftpd.conf
When I run the container like below I can get in the container wothout issues:
docker run -it bram_ftp:v0.4 bash
ftpuser@5358b2368c55:/$
I then start vsftpd manually:
docker run -it bram_ftp:v0.4 bash
ftpuser@5358b2368c55:/$ vsftpd /etc/vsftpd/vsftpd.conf
If I then check what processes are running in the container I see this:
docker exec 5358b2368c55 ps -ef
UID PID PPID C STIME TTY TIME CMD
ftpuser 1 0 0 14:31 pts/0 00:00:00 bash
ftpuser 10 1 0 14:32 pts/0 00:00:00 vsftpd /etc/vsftpd/vsftpd.conf
ftpuser 11 0 0 14:33 ? 00:00:00 ps -ef
I don't have any experience with vsftpd so I have no clue what I am doing wrong here. Hope someone can help me out.
Upvotes: 2
Views: 988
Answers (0)
Related Questions
- How to configure vsftpd with docker
- Docker container does not run with a non-root user
- Run docker inside docker as non root user
- Running non-root Docker within Ubuntu Docker container
- How to run docker image as a non-root user?
- How to run my container as a nonRoot user
- How to run docker container from non-root user?
- How to execute Docker container as root
- FTP access inside docker for a PHP envrionnement
- Docker: How to deploy a vsftpd instance?