-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathContainerfile
42 lines (35 loc) · 1.74 KB
/
Containerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
FROM rust:slim-bookworm as builder
WORKDIR /usr/src/pam-auth
RUN apt update && apt install -y libpam-dev && rm -rf /var/lib/apt/lists/*
# Setup workspace with dependencies
COPY Cargo.toml Cargo.lock .
COPY pin-data/Cargo.toml pin-data/
COPY pin-gen/Cargo.toml pin-gen/
COPY pam-utils/Cargo.toml pam-utils/
COPY pam-pin/Cargo.toml pam-pin/
COPY pam-direct-fallback/Cargo.toml pam-direct-fallback/
# Setup workspace mock-members & build dependencies
RUN mkdir pam-utils/src pam-pin/src pin-data/src pin-gen/src pam-direct-fallback/src \
&& touch pam-utils/src/lib.rs pam-pin/src/lib.rs pin-data/src/lib.rs pam-direct-fallback/src/lib.rs \
&& echo "fn main() {}" > pin-gen/src/main.rs \
&& cargo build --release
# Use actual workspace members & reset their creation time to after dependency build
COPY pin-data pin-data
COPY pin-gen pin-gen
COPY pam-utils pam-utils
COPY pam-pin pam-pin
COPY pam-direct-fallback pam-direct-fallback
RUN touch pam-utils/src/lib.rs pam-pin/src/lib.rs pin-data/src/lib.rs \
pin-gen/src/main.rs pam-direct-fallback/src/lib.rs
RUN cargo build --release
# RUN cargo build --release --no-default-features
FROM debian:bookworm-slim
RUN apt update && apt install -y pamtester && rm -rf /var/lib/apt/lists/*
RUN mkdir /etc/security/direct-fallback
COPY ressources/pin-test /etc/pam.d/
COPY ressources/direct-fallback-test /etc/pam.d/
COPY ressources/sample-pins.toml /etc/security/pins.toml
COPY ressources/container_sh_history /root/.bash_history
COPY --from=builder /usr/src/pam-auth/target/release/pin-gen /usr/local/bin/
COPY --from=builder /usr/src/pam-auth/target/release/libpam_pin.so /lib/security/pam_pin.so
COPY --from=builder /usr/src/pam-auth/target/release/libpam_direct_fallback.so /lib/security/pam_direct_fallback.so