Skip to content

Commit 37967ed

Browse files
courtarrocourtarro
authored
Added group creation option and corresponding documentation (#76)
* Added group creation option and corresponding documentation.
1 parent 31df9fa commit 37967ed

File tree

2 files changed

+17
-2
lines changed

2 files changed

+17
-2
lines changed

README.md

+2-1
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@ Configure the container with the following environment variables or optionally m
88

99
### General Options
1010

11-
- `SSH_USERS` list of user accounts and uids/gids to create. eg `SSH_USERS=www:48:48,admin:1000:1000:/bin/bash`. The fourth argument for specifying the user shell is optional
11+
- `SSH_USERS` list of user accounts and uids/gids to create. eg `SSH_USERS=www:48:48,admin:1000:1000:/bin/bash`. The fourth argument for specifying the user shell is optional. If `SSH_GROUPS` is omitted, a group is created for each user with the same name as the user.
12+
- `SSH_GROUPS` list of groups and gids to create. eg `SSH_GROUPS=guests:1005,other:1006`. Specifying this option disables automatic group creation of user-named groups if you also specify `SSH_USERS`.
1213
- `SSH_ENABLE_ROOT` if "true" unlock the root account
1314
- `SSH_ENABLE_PASSWORD_AUTH` if "true" enable password authentication (disabled by default) (excluding the root user)
1415
- `SSH_ENABLE_ROOT_PASSWORD_AUTH` if "true" enable password authentication for all users including root

entry.sh

+15-1
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,18 @@ if [ -w /etc/authorized_keys ]; then
7979
done
8080
fi
8181

82+
# Add groups if SSH_GROUPS=group:gid set
83+
if [ -n "${SSH_GROUPS}" ]; then
84+
GROUPZ=$(echo $SSH_GROUPS | tr "," "\n")
85+
for G in $GROUPZ; do
86+
IFS=':' read -ra GA <<< "$G"
87+
_NAME=${GA[0]}
88+
_GID=${GA[1]}
89+
echo ">> Adding group ${_NAME} with gid: ${_GID}."
90+
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
91+
done
92+
fi
93+
8294
# Add users if SSH_USERS=user:uid:gid set
8395
if [ -n "${SSH_USERS}" ]; then
8496
USERS=$(echo $SSH_USERS | tr "," "\n")
@@ -99,7 +111,9 @@ if [ -n "${SSH_USERS}" ]; then
99111
else
100112
check_authorized_key_ownership /etc/authorized_keys/${_NAME} ${_UID} ${_GID}
101113
fi
102-
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
114+
if [ -z "${SSH_GROUPS}" ]; then
115+
getent group ${_NAME} >/dev/null 2>&1 || groupadd -g ${_GID} ${_NAME}
116+
fi
103117
getent passwd ${_NAME} >/dev/null 2>&1 || useradd -r -m -p '' -u ${_UID} -g ${_GID} -s ${_SHELL:-""} -c 'SSHD User' ${_NAME}
104118
done
105119
else

0 commit comments

Comments
 (0)