Skip to content

Instantly share code, notes, and snippets.

@sayurin
Created November 12, 2019 14:01
Show Gist options
  • Save sayurin/8c4fd4742613f27c129efa661b259ffb to your computer and use it in GitHub Desktop.
Save sayurin/8c4fd4742613f27c129efa661b259ffb to your computer and use it in GitHub Desktop.
vsFTPd + OpenSSLの組み合わせ確認
ARG centos=latest
FROM centos:$centos
RUN yum install -x openssl -x openssl-libs -y gcc libcap-devel perl \
&& rm -rf /var/cache/yum/* \
&& useradd -m guest \
&& echo 'guest:guest' | chpasswd
WORKDIR /root/openssl
ARG openssl=https://www.openssl.org/source/old/1.0.2/openssl-1.0.2k.tar.gz
RUN curl $openssl | tar xfz - --strip=1 \
&& ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl \
&& make install
WORKDIR /root/vsftpd
ARG vsftpd=https://security.appspot.com/downloads/vsftpd-3.0.2.tar.gz
RUN curl $vsftpd | tar xfz - --strip=1 \
&& sed -e "s/-O2 -fPIE/-O2 -fPIC/" -e "s/-fPIE -pie/-fPIC/" Makefile | make -f - CC="gcc -DVSF_BUILDDEFS_H -DVSF_BUILD_SSL -I/usr/local/ssl/include -L/usr/local/ssl/lib -ldl -lssl -lcrypto" \
&& make install
RUN /usr/local/ssl/bin/openssl req -x509 -nodes -newkey rsa:2048 -keyout /usr/local/ssl/private/vsftpd.pem -out /usr/local/ssl/private/vsftpd.pem -subj "/C=JP/O=FFFTP Project/CN=sayurin" \
&& echo $'\
pasv_enable=YES\n\
pasv_min_port=21021\n\
pasv_max_port=21029\n\
local_enable=YES\n\
seccomp_sandbox=NO\n\
ssl_enable=YES\n\
rsa_cert_file=/usr/local/ssl/private/vsftpd.pem\n\
' >/etc/vsftpd.conf
EXPOSE 21 21021-21029
VOLUME /home/guest
CMD /usr/local/sbin/vsftpd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment