Always run sshd

2020-03-01 16:13:40 +01:00
parent 259f66693c
commit 7cf3f7a1f9
5 changed files with 10 additions and 16 deletions
--- a/Dockerfile.m4
+++ b/Dockerfile.m4
@@ -404,7 +404,6 @@ ENV UNPRIVILEGED_USER_GROUPS=
 ENV UNPRIVILEGED_USER_SHELL=/bin/bash
 ENV RDP_TLS_KEY_PATH=/etc/xrdp/key.pem
 ENV RDP_TLS_CERT_PATH=/etc/xrdp/cert.pem
-ENV ENABLE_SSHD=false
 ENV ENABLE_VIRTUALGL=false
 ENV PATH=/opt/VirtualGL/bin:${PATH}
 ENV VGL_DISPLAY=:0
@@ -428,14 +427,6 @@ RUN printf '%s\n' "${TZ:?}" > /etc/timezone
 RUN mkdir /run/dbus/ && chown messagebus:messagebus /run/dbus/
 RUN dbus-uuidgen > /etc/machine-id && ln -sf /etc/machine-id /var/lib/dbus/machine-id

-# Forward logs to Docker log collector
-RUN ln -sf /dev/stdout /var/log/xdummy.log
-RUN ln -sf /dev/stdout /var/log/xrdp.log
-RUN ln -sf /dev/stdout /var/log/xrdp-sesman.log
-
-# Create /run/sshd/ directory
-RUN mkdir /run/sshd/
-
 # Create /etc/skel/.xsession file
 RUN printf '%s\n' 'exec xfce4-session' > /etc/skel/.xsession

@@ -463,6 +454,11 @@ RUN mkdir /tmp/.X11-unix/ \
 # Configure server for use with VirtualGL
 RUN vglserver_config -config +s +f -t

+# Forward logs to Docker log collector
+RUN ln -sf /dev/stdout /var/log/xdummy.log
+RUN ln -sf /dev/stdout /var/log/xrdp.log
+RUN ln -sf /dev/stdout /var/log/xrdp-sesman.log
+
 # Copy config
 COPY --chown=root:root ./config/ssh/sshd_config /etc/ssh/sshd_config
 COPY --chown=root:root ./config/xrdp/xrdp.ini /etc/xrdp/xrdp.ini
@@ -470,6 +466,7 @@ COPY --chown=root:root ./config/xrdp/sesman.ini /etc/xrdp/sesman.ini

 # Copy services
 COPY --chown=root:root scripts/service/ /etc/sv/
+RUN ln -sv /etc/sv/sshd /etc/service/
 RUN ln -sv /etc/sv/dbus-daemon /etc/service/
 RUN ln -sv /etc/sv/xrdp /etc/service/
 RUN ln -sv /etc/sv/xrdp-sesman /etc/service/
--- a/README.md
+++ b/README.md
@@ -32,7 +32,6 @@ required for VirtualGL will conflict with the host X server.
 * `UNPRIVILEGED_USER_PASSWORD`: unprivileged user password (`password` by default).
 * `UNPRIVILEGED_USER_GROUPS`: comma-separated list of additional GIDs for the unprivileged user (none by default).
 * `UNPRIVILEGED_USER_SHELL`: unprivileged user shell (`/bin/bash` by default).
-* `ENABLE_SSHD`: enable SSH server in the container (`false` by default).
 * `ENABLE_VIRTUALGL`: enable VirtualGL support in the container (`false` by default).

 ## License
--- a/run-with-virtualgl.sh
+++ b/run-with-virtualgl.sh
@@ -41,7 +41,6 @@ printf -- '%s\n' "Creating \"${CONTAINER_NAME:?}\" container..."
 	--publish 3389:3389/tcp \
 	--shm-size 2g \
 	--privileged \
-	--env ENABLE_SSHD=true \
 	--env ENABLE_VIRTUALGL=true \
 	"${IMAGE_NAME:?}" "$@" >/dev/null

--- a/scripts/bin/container-foreground-cmd
+++ b/scripts/bin/container-foreground-cmd
@@ -44,11 +44,6 @@ unset UNPRIVILEGED_USER_PASSWORD
 # Dump environment variables
 export-env > /etc/profile.d/env.sh

-# Enable sshd service if ENABLE_SSHD is true
-if [ "${ENABLE_SSHD:?}" = 'true' ]; then
-	ln -s /etc/sv/sshd /etc/service/
-fi
-
 # Enable xdummy service if ENABLE_VIRTUALGL is true
 if [ "${ENABLE_VIRTUALGL:?}" = 'true' ]; then
 	ln -s /etc/sv/xdummy /etc/service/
--- a/scripts/service/sshd/run
+++ b/scripts/service/sshd/run
@@ -1,4 +1,8 @@
 #!/bin/sh

+if [ ! -e /run/sshd/ ]; then
+	mkdir /run/sshd/
+fi
+
 exec 2>&1
 exec /usr/sbin/sshd -D