Skip to content

Instantly share code, notes, and snippets.

@tpokorra
Last active August 19, 2019 20:40
Show Gist options
  • Save tpokorra/19a06c880aed17aabe6d3d42f1e26542 to your computer and use it in GitHub Desktop.
Save tpokorra/19a06c880aed17aabe6d3d42f1e26542 to your computer and use it in GitHub Desktop.
Fedora Docker image with systemd inside
# see https://developers.redhat.com/blog/2016/09/13/running-systemd-in-a-non-privileged-container/
FROM fedora:30
ENV container docker
RUN dnf -y install net-tools openssh-server glibc-locale-source passwd
RUN mkdir /var/run/sshd
# create host ssh key
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
RUN echo "CHANGEME" | passwd root --stdin
RUN systemctl enable sshd
VOLUME [ "/sys/fs/cgroup" ]
EXPOSE 22
STOPSIGNAL SIGRTMIN+3
CMD [ "/sbin/init" ]
#!/bin/bash
# see https://developers.redhat.com/blog/2016/09/13/running-systemd-in-a-non-privileged-container/
image=test.systemd
name=test.systemd
sshport=2008
sudo docker stop $name
sudo docker rm $name
sudo docker build -t $image -f Dockerfile.test . || exit -1
mountcgroup="-v /sys/fs/cgroup:/sys/fs/cgroup:ro"
mount="$mountcgroup"
tmp="-d --tmpfs /tmp --tmpfs /run"
sudo docker run --name $name $tmp $mount -p $sshport:22 -h $name -d -t -i $image || exit -1
sleep 5
echo "Login with initial password for root: CHANGEME"
ssh-keygen -f "$HOME/.ssh/known_hosts" -R "[localhost]:$sshport"
ssh -p 2008 root@localhost
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment