mir/spoofident
2
0
Fork 0
mirror of https://github.com/flotwig/spoofident synced 2025-08-22 01:57:44 +00:00
Code Issues Projects Releases Wiki Activity

Add Dockerfile + instructions

Browse Source
This commit is contained in:
Zach Bloomquist 2019-10-26 21:05:52 -04:00
parent 0b6525b9a0
commit 2e327a473a
No known key found for this signature in database
GPG Key ID: DF3FE4F59D7B3361
2 changed files with 54 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile Normal file
View File

@ -0,0 +1,7 @@
FROM python:3.6
COPY . /app
WORKDIR /app
CMD python spoofident.py

61
README.md
View File

@ -1,18 +1,51 @@
spoofident
==========
# spoofident
Spoof ident daemon. Nimble Pythonic spoof identd. Please note that this is not a "real" identd -- it will not return correct information for which user is using which port. Instead, it will reply with a username and OS of your choice to all requests.
## Installation
1. git clone the repo
`git clone git@github.com:flotwig/spoofident.git`
`cd ./spoofident/`
2. Copy the spoofident.json.example file to spoofident.json and fill out the settings. Here follows an explanation for the various settings:
* **listeners**: An array of two-value arrays -- host/port pairs which spoofident will listen on. By default, it is set to ["::",113]; that is, the identd port on all IPv4 and IPv6 interfaces. You may need to set it to ["0.0.0.0",113] if your system lacks IPv6 support.
* **setuid**: Very important. This is the user ID which spoofident will drop down to. Because ident runs on a port <1000, it requires root privileges to bind to that port. Even though spoofident is a very secure daemon, it's poor practice to run any server as root, so spoofident will drop to this uid immediately after binding to the listeners specified. Please note that this is a uid, not a username - it is a numerical ID for a user on your system. By default it is 65534, the standard ID for "nobody" on Linux.
* **setgid**: Same as **setuid** but for group ID. By default 65534 for nogroup.
* **user**: This is the username which will be returned for all requests to spoofident. Keep it display-safe ASCII.
* **os**: This is the OS string. The RFC defines it as an uppercase display-safe ASCII string. It doesn't really matter what you set this to. I advise setting it to some jibberish or keeping it as "SPOOF" as to avoid disclosing information about your system.
3. Run spoofident.py as root to start the daemon.
`sudo python spoofident.py &`
## Docker Setup
There is a `Dockerfile` that sets up and runs this service.
Docker Hub: https://hub.docker.com/r/flotwig/spoofident
To configure spoofident in Docker, you can pass in a `spoofident.json` based on `spoofident.json.example`, see below for details on the configuration keys and the volume syntax.
### Sample `docker run`
```shell
docker run -p 113:113 \
--restart=always \
-v /my/spoofident.json:/app/spoofident.json
flotwig/spoofident:latest
```
### Sample `docker-compose.yml`
```yml
ci-status-checks:
image: 'flotwig/spoofident:latest'
restart: always
volumes:
- /my/spoofident.json:/app/spoofident.json
ports:
- '113:113'
```
## Non-Docker Installation
1. git clone the repo
```
git clone git@github.com:flotwig/spoofident.git
cd ./spoofident/
```
2. Copy the spoofident.json.example file to spoofident.json and fill out the settings. Here follows an explanation for the various settings:
* **listeners**: An array of two-value arrays -- host/port pairs which spoofident will listen on. By default, it is set to ["::",113]; that is, the identd port on all IPv4 and IPv6 interfaces. You may need to set it to ["0.0.0.0",113] if your system lacks IPv6 support.
* **setuid**: Very important. This is the user ID which spoofident will drop down to. Because ident runs on a port <1000, it requires root privileges to bind to that port. Even though spoofident is a very secure daemon, it's poor practice to run any server as root, so spoofident will drop to this uid immediately after binding to the listeners specified. Please note that this is a uid, not a username - it is a numerical ID for a user on your system. By default it is 65534, the standard ID for "nobody" on Linux.
* **setgid**: Same as **setuid** but for group ID. By default 65534 for nogroup.
* **user**: This is the username which will be returned for all requests to spoofident. Keep it display-safe ASCII.
* **os**: This is the OS string. The RFC defines it as an uppercase display-safe ASCII string. It doesn't really matter what you set this to. I advise setting it to some jibberish or keeping it as "SPOOF" as to avoid disclosing information about your system.
3. Run spoofident.py as root to start the daemon.
```
sudo python spoofident.py &
```
4. Add `python /path/to/spoofident.py` to /etc/rc.local to start spoofident on system startup.