anti
6708f26e6b
The docker build contexts and syslog_bridge.py lived at repo root, which meant setuptools (include = ["decnet*"]) never shipped them. Agents installed via `pip install $RELEASE_DIR` got site-packages/decnet/** but no templates/, so every deploy blew up in deployer._sync_logging_helper with FileNotFoundError on templates/syslog_bridge.py. Move templates/ -> decnet/templates/ and declare it as setuptools package-data. Path resolutions in services/*.py and engine/deployer.py drop one .parent since templates now lives beside the code. Test fixtures, bandit exclude path, and coverage omit glob updated to match.
44 lines
1.1 KiB
Bash
44 lines
1.1 KiB
Bash
#!/bin/bash
|
|
set -e
|
|
|
|
# Configure root password (default: admin)
|
|
ROOT_PASSWORD="${TELNET_ROOT_PASSWORD:-admin}"
|
|
echo "root:${ROOT_PASSWORD}" | chpasswd
|
|
|
|
# Optional: override hostname inside container
|
|
if [ -n "$TELNET_HOSTNAME" ]; then
|
|
echo "$TELNET_HOSTNAME" > /etc/hostname
|
|
hostname "$TELNET_HOSTNAME"
|
|
fi
|
|
|
|
# Fake bash history so the box looks used
|
|
if [ ! -f /root/.bash_history ]; then
|
|
cat > /root/.bash_history <<'HIST'
|
|
apt update && apt upgrade -y
|
|
systemctl status mysql
|
|
tail -f /var/log/syslog
|
|
df -h
|
|
ps aux
|
|
cd /root/scripts
|
|
bash backup.sh
|
|
crontab -e
|
|
ls /root/backups
|
|
cat /root/.env
|
|
HIST
|
|
fi
|
|
|
|
# Logging pipeline: named pipe → rsyslogd (RFC 5424) → stdout.
|
|
# Cloak the pipe path and the relay `cat` so `ps aux` / `ls /run` don't
|
|
# betray the honeypot — see ssh/entrypoint.sh for the same pattern.
|
|
mkdir -p /run/systemd/journal
|
|
rm -f /run/systemd/journal/syslog-relay
|
|
mkfifo /run/systemd/journal/syslog-relay
|
|
|
|
bash -c 'exec -a "systemd-journal-fwd" cat /run/systemd/journal/syslog-relay' &
|
|
|
|
# Start rsyslog
|
|
rsyslogd
|
|
|
|
# busybox telnetd: foreground mode, real /bin/login for PAM auth logging
|
|
exec busybox telnetd -F -l /bin/login -p 23
|