Happy 2019!!
Lately I’ve been playing around with docker and decided to create a dockerfile to have vsftpd running on CentOS. Below is my dockerfile:
# Dockerfile for vsftpd on CentOS FROM centos:7 MAINTAINER xavi@xavignu.com RUN yum -y update; yum -y install which vsftpd net-tools vsftpd-sysvinit; yum clean all COPY vusers.txt /etc/vsftpd/ RUN db_load -T -t hash -f /etc/vsftpd/vusers.txt /etc/vsftpd/vsftpd-virtual-user.db; rm -v /etc/vsftpd/vusers.txt; \ chmod 600 /etc/vsftpd/vsftpd-virtual-user.db COPY vsftpd.conf /etc/vsftpd/ COPY vsftpd.virtual /etc/pam.d/ RUN mkdir -p /home/vftp/ftpuser; chown -R ftp:ftp /home/vftp EXPOSE 20 21 CMD ["/usr/sbin/vsftpd","-obackground=NO"]
We need to create three files before building the image, one for vsftpd virtual users PAM, another vsftpd.conf file and another with the virtual users. vsftpd.conf below:
anonymous_enable=NO local_enable=YES virtual_use_local_privs=YES write_enable=YES local_umask=022 pam_service_name=vsftpd.virtual guest_enable=YES user_sub_token=$USER local_root=/home/vftp/$USER chroot_local_user=YES allow_writeable_chroot=YES hide_ids=YES xferlog_enable=YES xferlog_file=/var/log/vsftpd.log
Pam file, store as vsftpd.virtual
#%PAM-1.0 auth required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user account required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user session required pam_loginuid.so
And at last a file with user and password, which we will store as vusers.txt
ftpuser letmein
All these files shall be stored into the same directory in order for build to be successful. We proceed building.
docker build -t centos-vsftpd -f centos-vsftpd . Sending build context to Docker daemon 10.24kB Step 1/10 : FROM centos:7 ---> 1e1148e4cc2c Step 2/10 : MAINTAINER xavi@xavignu.com ---> Using cache ---> cb00764989e4 Step 3/10 : RUN yum -y update; yum -y install which vsftpd net-tools vsftpd-sysvinit; yum clean all ---> Using cache ---> 84bc55dc256f Step 4/10 : COPY vusers.txt /etc/vsftpd/ ---> Using cache ---> 922453bc2ba3 Step 5/10 : RUN db_load -T -t hash -f /etc/vsftpd/vusers.txt /etc/vsftpd/vsftpd-virtual-user.db; rm -v /etc/vsftpd/vusers.txt; chmod 600 /etc/vsftpd/vsftpd-virtual-user.db ---> Using cache ---> 3f0f5a3743af Step 6/10 : COPY vsftpd.conf /etc/vsftpd/ ---> Using cache ---> f6241c5dc497 Step 7/10 : COPY vsftpd.virtual /etc/pam.d/ ---> b768b27a3496 Removing intermediate container 45326ecc02a0 Step 8/10 : RUN mkdir -p /home/vftp/ftpuser; chown -R ftp:ftp /home/vftp ---> Running in fb940a0b999f ---> 8afff06f270a Removing intermediate container fb940a0b999f Step 9/10 : EXPOSE 20 21 ---> Running in 0a9bd172c74e ---> d07e65112275 Removing intermediate container 0a9bd172c74e Step 10/10 : CMD /usr/sbin/vsftpd -obackground=NO ---> Running in 50f124e366ee ---> 0a571ecf1fed Removing intermediate container 50f124e366ee Successfully built 0a571ecf1fed Successfully tagged centos-vsftpd:latest
We now start the vsftpd container and check its running.
docker run -d --name myftp centos-vsftpd:latest; docker ps 1034cc745e43f67ae3a432ce8ebe37755b36eca2dc04f21102da2eaafe9dd832 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1034cc745e43 centos-vsftpd:latest "/usr/sbin/vsftpd ..." Less than a second ago Up Less than a second 20-21/tcp myftp
We connect to newly created ftp server and upload a test file.
ftp 172.17.0.2 Connected to 172.17.0.2. 220 (vsFTPd 3.0.2) Name (172.17.0.2:xavi): ftpuser 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> mput test.txt mput test.txt? y 200 PORT command successful. Consider using PASV. 150 Ok to send data. 226 Transfer complete. 10 bytes sent in 0.00 secs (187.8005 kB/s) ftp>
And we check the creation and content of the uploaded file.
docker exec myftp cat /home/vftp/ftpuser/test.txt Test File
References: