{"id":13416356,"url":"https://github.com/marty90/multidocker","last_synced_at":"2025-03-14T23:31:41.421Z","repository":{"id":91821359,"uuid":"95304830","full_name":"marty90/multidocker","owner":"marty90","description":"Creates a system where users are forced to login in dedicated independent docker containers.","archived":false,"fork":false,"pushed_at":"2018-11-27T15:12:56.000Z","size":18,"stargazers_count":50,"open_issues_count":0,"forks_count":9,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-07-31T21:56:14.915Z","etag":null,"topics":["docker","docker-image","multiuser","virtual-machine"],"latest_commit_sha":null,"homepage":null,"language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marty90.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2017-06-24T15:07:05.000Z","updated_at":"2024-06-06T23:00:27.000Z","dependencies_parsed_at":null,"dependency_job_id":"1f17b793-890a-4aca-a0db-fdc267da4aa3","html_url":"https://github.com/marty90/multidocker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marty90%2Fmultidocker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marty90%2Fmultidocker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marty90%2Fmultidocker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marty90%2Fmultidocker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marty90","download_url":"https://codeload.github.com/marty90/multidocker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243663516,"owners_count":20327300,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-image","multiuser","virtual-machine"],"created_at":"2024-07-30T21:00:57.602Z","updated_at":"2025-03-14T23:31:38.391Z","avatar_url":"https://github.com/marty90.png","language":"Dockerfile","readme":"[![](https://dockerbuildbadges.quelltext.eu/status.svg?organization=martino90\u0026repository=multidocker\n)](https://hub.docker.com/r/martino90/multidocker/builds/)  \n\n# MultiDocker\nThis container creates a system where each new user is forced to login into an independent docker container.\nThe obtained scenario is similar to a setup where each user is provided a **virtual machine**, but it is implemented with **docker**.\n\nEach user has `root` access within her container and **cannot** access the physical machine nor other users' containers. Thus, this tool is useful to share a machine across different users that need to be root, but need to be isolated eachothers. Compared to per-user virtual machines, `multidocker` has few limitations: (i) users cannot interact with the kernel, (ii) users cannot create other users (only admin can). \n\nUnder the hood it leverages the key ideas of [docker-in-docker](https://github.com/jpetazzo/dind) and [dockersh](https://github.com/Yelp/dockersh).\n\n**Warning**:\nIt has not been designed for being deployed in the wild, nor has been tested by independent auditors.\n\n## 1. Run\nJust run.\n```\nsudo docker run  -d --privileged --name multidocker martino90/multidocker\n```\nThe `--privileged` flag is needed as new containers are spawned within this one.\nAnd ssh to the container with:\n```\nssh root@\u003cIPADDRESS\u003e\n```\n`\u003cIPADDRESS\u003e` is the containers's ip address. You can get it with:\n``` \n docker inspect --format '{{ .NetworkSettings.IPAddress }}' multidocker\n```\nDefault password is `toor`. You may want to change it.\nWithin the container, you are in a standard Ubuntu image with few packets already installed.\n\n**Note 1:** You may want to `run` the container with the `-p [external_port]:22` to make the docker reachable from outside your machine via ssh on the port `[external_port]`.\n\n**Note 2:** If you want to persist the home directory of users on you host machine, you can `run` the container with the `-v \u003clocal_dir\u003e:/home` parameter. In this way, all the home dirs of users are saved in `\u003clocal_dir\u003e`, and, if you kill and run again `multidocker`, the users will find their files in their home directory.\n\n## 2. Add users\nTo add a user in the system, ssh as root to the container (see previous point), and type:\n```\nadduser_docker \u003cUSERNAME\u003e\n```\nAlternatively you can run on the host:\n```\ndocker exec -i multidocker adduser_docker \u003cUSERNAME\u003e\n```\nThis will create a new user. You have to specify the user's password.\nYou can manipulate the created user with normal bash tool (e.g., `deluser`).\n`adduser_docker` is a simple macro that creates a user, and does some magic to force it to login in an independent container.\n\n## 3. Connect as a user\nTo login as user in the system, ssh to the container:\n```\nssh \u003cUSERNAME\u003e@\u003cIPADDRESS\u003e\n```\nThe user is prompted in **its own** docker container. The base image is `ubuntu`.\nThis is an independent container, where the user can play and install whatever she wants.\nThe user has almost the same freedom as in a virtual machine (few limitations are imposed by docker).\nYou may want to add your ssh public key in `~/.ssh/authorized_keys` to autologin in the shell.\n\nYou can logout from the shell, and then login again; the container is **persistent**!\n\n## 4. Resume if the container stops\nIf the container stops for any reason (the host machine restarted, docker daemon crashed), you can restart `multidocker` with:\n```\ndocker start multidocker\n```\nIf this does not solve, the docker and ssh deamons might be down. Restart them with:\n```\ndocker exec -d multidocker /opt/start_daemons.sh\n```\n\n\n\n","funding_links":[],"categories":["Container Operations","Dockerfile","Hypervisors","docker"],"sub_categories":["User Interface"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarty90%2Fmultidocker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarty90%2Fmultidocker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarty90%2Fmultidocker/lists"}