Docker/baseimage-docker
1
0
Fork 1
mirror of https://github.com/phusion/baseimage-docker.git synced 2026-03-26 12:29:07 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: Docker:rel-0.9.10
Branches Tags
Docker:master Docker:copilot/fix-gh-release-403-error Docker:copilot/create-gh-releases-for-images Docker:gh-pages
Docker:noble-1.0.2 Docker:noble-1.0.1 Docker:noble-1.0.0 Docker:jammy-1.0.4 Docker:jammy-1.0.3 Docker:jammy-1.0.2 Docker:jammy-1.0.1 Docker:dev-jammy-1.1.0 Docker:jammy-1.0.0 Docker:focal-1.2.0 Docker:focal-1.0.0 Docker:focal-1.0.0-alpha1 Docker:focal-1.0.0alpha1 Docker:18.04-1.0.0 Docker:bionic-1.0.0 Docker:0.11 Docker:0.10.2 Docker:0.9.19-armhf Docker:0.10.1 Docker:0.10.0 Docker:0.9.22 Docker:0.9.21 Docker:0.9.20 Docker:rel-0.9.19 Docker:rel-0.9.18 Docker:rel-0.9.17 Docker:rel-0.9.16 Docker:rel-0.9.15 Docker:rel-0.9.14 Docker:rel-0.9.13 Docker:rel-0.9.12 Docker:rel-0.9.11 Docker:rel-0.9.10 Docker:rel-0.9.9 Docker:rel-0.9.8 Docker:rel-0.9.7 Docker:rel-0.9.6 Docker:rel-0.9.5 Docker:rel-0.9.4 Docker:rel-0.9.3 Docker:rel-0.9.2 Docker:rel-0.9.1 Docker:rel-0.9.0
..
compare: Docker:rel-0.9.11
Branches Tags
Docker:master Docker:copilot/fix-gh-release-403-error Docker:copilot/create-gh-releases-for-images Docker:gh-pages
Docker:noble-1.0.2 Docker:noble-1.0.1 Docker:noble-1.0.0 Docker:jammy-1.0.4 Docker:jammy-1.0.3 Docker:jammy-1.0.2 Docker:jammy-1.0.1 Docker:dev-jammy-1.1.0 Docker:jammy-1.0.0 Docker:focal-1.2.0 Docker:focal-1.0.0 Docker:focal-1.0.0-alpha1 Docker:focal-1.0.0alpha1 Docker:18.04-1.0.0 Docker:bionic-1.0.0 Docker:0.11 Docker:0.10.2 Docker:0.9.19-armhf Docker:0.10.1 Docker:0.10.0 Docker:0.9.22 Docker:0.9.21 Docker:0.9.20 Docker:rel-0.9.19 Docker:rel-0.9.18 Docker:rel-0.9.17 Docker:rel-0.9.16 Docker:rel-0.9.15 Docker:rel-0.9.14 Docker:rel-0.9.13 Docker:rel-0.9.12 Docker:rel-0.9.11 Docker:rel-0.9.10 Docker:rel-0.9.9 Docker:rel-0.9.8 Docker:rel-0.9.7 Docker:rel-0.9.6 Docker:rel-0.9.5 Docker:rel-0.9.4 Docker:rel-0.9.3 Docker:rel-0.9.2 Docker:rel-0.9.1 Docker:rel-0.9.0

32 Commits
rel-0.9.10 ... rel-0.9.11

Author SHA1 Message Date
Hongli Lai (Phusion)
f58282d4d3 Note release date 2014-06-24 16:40:22 +02:00
Hongli Lai (Phusion)
e6258b37b5 Give credit to Brant Fitzsimmons 2014-06-24 16:39:56 +02:00
Hongli Lai
71ce2a6d9d Merge pull request #98 from bfitzsimmons/patch-1 
Fixed typo.
 2014-06-23 19:09:11 +02:00
Brant Fitzsimmons
08d5b93095 Fixed typo. 2014-06-23 12:56:26 -04:00
Hongli Lai
d0e63da07b Merge pull request #86 from imanel/patch-2 
Don't write HOME env variable
 2014-06-20 13:45:36 +02:00
Bernard Potocki
2beb0e253e Change break to continue 2014-06-20 12:38:17 +02:00
Hongli Lai (Phusion)
0302713554 Update documentation 2014-06-20 11:33:10 +02:00
Hongli Lai
7ac6795aa5 Merge pull request #84 from imanel/patch-1 
Preserve ENV variables for SSH client
 2014-06-20 11:28:27 +02:00
Hongli Lai
feab2fce75 Merge pull request #94 from pda/stderr-not-proctitle 
my_init: runsvdir no longer redirects stderr to proctitle.
 2014-06-20 11:26:39 +02:00
Paul Annesley
3019bbf09b my_init: runsvdir no longer redirects stderr to proctitle. 
As described at http://smarden.org/runit/runsvdir.8.html passing a log
option to runsvdir causes stderr to be redirected to the proctitle.

That prevents stderr from reaching docker logs, which is a big problem.
 2014-06-18 09:38:52 -07:00
Bernard Potocki
18a7fe26ec Add USER, GROUP, UID, GID and SHELL to restricted env variables 2014-06-18 17:29:02 +02:00
Bernard Potocki
b9d788611a Update readme 2014-06-18 17:13:44 +02:00
Bernard Potocki
1357e9399e Add docker_env group and make container_environment scripts group-readable 2014-06-18 17:10:35 +02:00
Hongli Lai (Phusion)
ba1e1ffbf5 Fix an anchor in the README 2014-06-17 17:41:20 +02:00
Hongli Lai (Phusion)
0b468fb61b Introduce the docker-bash tool. 
This is a shortcut tool for logging into a container using SSH. Usage: `docker-bash <CONTAINER_ID>`.
 2014-06-17 17:40:34 +02:00
Hongli Lai
9db4f43b74 Merge pull request #93 from qerub/ipaddress 
Use Go template instead of grep to extract container IP address
 2014-06-17 14:40:05 +02:00
Hongli Lai (Phusion)
5806f51ea3 Fixed various process waiting issues in my_init. 
Closes GH-27. Closes GH-82. Closes GH-83.
Thanks to André Luiz dos Santos and Paul Annesley.
 2014-06-17 14:35:05 +02:00
Hongli Lai (Phusion)
c431f2d151 Update Changelog 2014-06-17 13:27:03 +02:00
Hongli Lai
76100b639a Merge pull request #88 from jeckhart/fix-syslogng-runit-run 
Missing target of chown in syslog-ng runit run file
 2014-06-17 13:15:20 +02:00
Hongli Lai
ecf6e6b226 Merge pull request #90 from yebyen/patch-1 
needed for insecure key usage
 2014-06-17 13:03:48 +02:00
Hongli Lai (Phusion)
92c2ea22ed Install add-apt-repository. 
Closes GH-74.
 2014-06-17 12:46:14 +02:00
Hongli Lai (Phusion)
436be20ff0 Bump version to 0.9.11 2014-06-17 12:45:24 +02:00
Christoffer Sawicki
f445cafe03 Use Go template instead of grep to extract container IP address 2014-06-16 14:20:46 +02:00
Hongli Lai
93572a5698 Update CONTRIBUTING.md 
Fix link
 2014-06-16 12:41:42 +02:00
Hongli Lai
f5efca365c Create CONTRIBUTING.md 2014-06-16 12:41:13 +02:00
yebyen
949bd1d89f needed for insecure key usage 
`chmod 600` is for the benefit of ssh client, which will otherwise spew:

```
chmod 600 image/insecure_key.pub
SSHing into 172.17.0.2
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for 'image/insecure_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: image/insecure_key
```

As you can see though, the wrong file is `chmod`'ed -- it's the private key that SSH will insist should be protected with a more restrictive mode.

After this, `CMD ["/sbin/my_init", "--enable-insecure-key"]` works as expected.
 2014-06-09 12:32:52 -04:00
John Eckhart
2b339a3344 Missing target of chown 2014-06-04 02:10:00 -04:00
Bernard Potocki
b665b78454 Make container_envoriments.sh and .json readable by other users 
Prevents bug when loading env variables on non-root user login.
 2014-06-02 15:06:02 +02:00
Bernard Potocki
5b403fe06c Don't write HOME env variable 
Loading HOME variable breaks multi-user container (i.e. logging as postgres user) if you try to load variables via `/etc/container_environment.sh`.
 2014-06-02 15:03:49 +02:00
Bernard Potocki
1a6c43b8d7 Preserve ENV variables for SSH client 
Currently when you ssh to host you will not see ENV variables set. This was mentioned earlier in #54 and solution is tested.

Additional rationale: currently you can't see docker link ENV variables inside ssh, so you need to load this file every time you connect to container. I would say that expected behavior is to preserve them in services that are provided at default (cron/ssh)
 2014-06-02 00:11:24 +02:00
Hongli Lai
0325abf74e Changelog.md now explicitly mentions that the latest version is not yet released 2014-05-16 14:17:15 +02:00
Hongli Lai (Phusion)
22c3d60d94 Install ca-certificates package by default. 
This is because we include `apt-transport-https`, but Ubuntu 14.04 no longer
installs `ca-certificates` by default anymore. Closes GH-73.
 2014-05-12 23:07:17 +02:00
10 changed files with 178 additions and 19 deletions
Expand all files Collapse all files

5
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,5 @@
Hey, thanks for wanting to contribute to baseimage-docker. :)
If you have a question, please use the [discussion forum](https://groups.google.com/d/forum/passenger-docker). The Github issue tracker is only for **bug reports and feature requests**.
If you want to develop baseimage-docker, use the Vagrantfile in the repository. It will setup an Ubuntu VM with Docker installed in it. Use the Makefile to build the image.

10
Changelog.md
View File

@@ -1,3 +1,13 @@
## 0.9.11 (release date: 2014-06-24)
* Introduced the `docker-bash` tool. This is a shortcut tool for logging into a container using SSH. Usage: `docker-bash <CONTAINER ID>`. See the README for details.
* Fixed various process waiting issues in `my_init`. Closes GH-27, GH-82 and GH-83. Thanks to André Luiz dos Santos and Paul Annesley.
* The `ca-certificates` package is now installed by default. This is because we include `apt-transport-https`, but Ubuntu 14.04 no longer installs `ca-certificates` by default anymore. Closes GH-73.
* Output print by Runit services are now redirected to the Docker logs instead of to proctitle. Thanks to Paul Annesley.
* Container environment variables are now made available to SSH root shells. If you login with SSH through a non-root account, then container environment variables are only made available if that user is a member of the `docker_env` group. Thanks to Bernard Potocki.
* `add-apt-repository` is now installed by default. Closes GH-74.
* Various minor fixes and contributions thanks to yebyen, John Eckhart, Christoffer Sawicki and Brant Fitzsimmons.
## 0.9.10 (release date: 2014-05-12) ## 0.9.10 (release date: 2014-05-12)
* Upgraded to Ubuntu 14.04 (Trusty). We will no longer release images based on 12.04. * Upgraded to Ubuntu 14.04 (Trusty). We will no longer release images based on 12.04.

4
Makefile
View File

@@ -1,5 +1,5 @@
NAME = phusion/baseimage NAME = phusion/baseimage
VERSION = 0.9.10 VERSION = 0.9.11
.PHONY: all build test tag_latest release ssh .PHONY: all build test tag_latest release ssh
@@ -20,7 +20,7 @@ release: test tag_latest
@echo "*** Don't forget to create a tag. git tag rel-$(VERSION) && git push origin rel-$(VERSION)" @echo "*** Don't forget to create a tag. git tag rel-$(VERSION) && git push origin rel-$(VERSION)"
ssh: ssh:
chmod 600 image/insecure_key.pub chmod 600 image/insecure_key
@ID=$$(docker ps | grep -F "$(NAME):$(VERSION)" | awk '{ print $$1 }') && \ @ID=$$(docker ps | grep -F "$(NAME):$(VERSION)" | awk '{ print $$1 }') && \
if test "$$ID" = ""; then echo "Container is not running."; exit 1; fi && \ if test "$$ID" = ""; then echo "Container is not running."; exit 1; fi && \
IP=$$(docker inspect $$ID | grep IPAddr | sed 's/.*: "//; s/".*//') && \ IP=$$(docker inspect $$ID | grep IPAddr | sed 's/.*: "//; s/".*//') && \

32
README.md
View File

@@ -50,6 +50,7 @@ You can configure the stock `ubuntu` image yourself from your Dockerfile, so why
* [Using the insecure key for one container only](#using_the_insecure_key_for_one_container_only) * [Using the insecure key for one container only](#using_the_insecure_key_for_one_container_only)
* [Enabling the insecure key permanently](#enabling_the_insecure_key_permanently) * [Enabling the insecure key permanently](#enabling_the_insecure_key_permanently)
* [Using your own key](#using_your_own_key) * [Using your own key](#using_your_own_key)
* [The `docker-bash` tool](#docker_bash)
* [Disabling SSH](#disabling_ssh) * [Disabling SSH](#disabling_ssh)
* [Building the image yourself](#building) * [Building the image yourself](#building)
* [Conclusion](#conclusion) * [Conclusion](#conclusion)
@@ -150,7 +151,7 @@ Note that the shell script must run the daemon **without letting it daemonize/fo
The baseimage-docker init system, `/sbin/my_init`, runs the following scripts during startup, in the following order: The baseimage-docker init system, `/sbin/my_init`, runs the following scripts during startup, in the following order:
* All executable scripts in `/etc/my_init.d`, if this directory exists. The scripts are run during in lexicographic order. * All executable scripts in `/etc/my_init.d`, if this directory exists. The scripts are run in lexicographic order.
* The script `/etc/rc.local`, if this file exists. * The script `/etc/rc.local`, if this file exists.
All scripts must exit correctly, e.g. with exit code 0. If any script exits with a non-zero exit code, the booting will fail. All scripts must exit correctly, e.g. with exit code 0. If any script exits with a non-zero exit code, the booting will fail.
@@ -287,7 +288,9 @@ But note that:
<a name="envvar_security"></a> <a name="envvar_security"></a>
#### Security #### Security
Because environment variables can potentially contain sensitive information, `/etc/container_environment` and its Bash and JSON dumps are by default owned by root, and root-accessible only. If you are sure that your environment variables don't contain sensitive data, then you can relax the permissions on that directory and those files by making them world-readable: Because environment variables can potentially contain sensitive information, `/etc/container_environment` and its Bash and JSON dumps are by default owned by root, and accessible only by the `docker_env` group (so that any user added this group will have these variables automatically loaded).
If you are sure that your environment variables don't contain sensitive data, then you can also relax the permissions on that directory and those files by making them world-readable:
RUN chmod 755 /etc/container_environment RUN chmod 755 /etc/container_environment
RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json
@@ -314,7 +317,7 @@ Find out the ID of the container that you just ran:
Once you have the ID, look for its IP address with: Once you have the ID, look for its IP address with:
docker inspect <ID> | grep IPAddress docker inspect -f "{{ .NetworkSettings.IPAddress }}" <ID>
Now SSH into the container as follows: Now SSH into the container as follows:
@@ -352,12 +355,33 @@ Find out the ID of the container that you just ran:
Once you have the ID, look for its IP address with: Once you have the ID, look for its IP address with:
docker inspect <ID> | grep IPAddress docker inspect -f "{{ .NetworkSettings.IPAddress }}" <ID>
Now SSH into the container as follows: Now SSH into the container as follows:
ssh -i /path-to/your_key root@<IP address> ssh -i /path-to/your_key root@<IP address>
<a name="docker_bash"></a>
#### The `docker-bash` tool
Looking up the IP of a container and running an SSH command quickly becomes tedious. Luckily, we provide the `docker-bash` tool which automates this process. This tool is to be run on the *Docker host*, not inside a Docker container.
First, install the tool on the Docker host:
curl --fail -L -O https://github.com/phusion/baseimage-docker/archive/master.tar.gz && \
tar xzf master.tar.gz && \
sudo ./baseimage-docker-master/install-tools.sh
Then run the tool as follows to login to a container using SSH:
docker-bash YOUR-CONTAINER-ID
You can lookup `YOUR-CONTAINER-ID` by running `docker ps`.
By default, `docker-bash` will open a Bash session. You can also tell it to run a command, and then exit:
docker-bash YOUR-CONTAINER-ID echo hello world
<a name="building"></a> <a name="building"></a>
## Building the image yourself ## Building the image yourself

41
image/my_init
View File

@@ -11,6 +11,8 @@ LOG_LEVEL_DEBUG = 3
log_level = None log_level = None
terminated_child_processes = {}
class AlarmException(Exception): class AlarmException(Exception):
pass pass
@@ -73,6 +75,8 @@ def import_envvars(clear_existing_environment = True, override_existing_environm
def export_envvars(to_dir = True): def export_envvars(to_dir = True):
shell_dump = "" shell_dump = ""
for name, value in os.environ.items(): for name, value in os.environ.items():
if name in ['HOME', 'USER', 'GROUP', 'UID', 'GID', 'SHELL']:
continue
if to_dir: if to_dir:
with open("/etc/container_environment/" + name, "w") as f: with open("/etc/container_environment/" + name, "w") as f:
f.write(value) f.write(value)
@@ -95,19 +99,36 @@ def shquote(s):
# the string $'b is then quoted as '$'"'"'b' # the string $'b is then quoted as '$'"'"'b'
return "'" + s.replace("'", "'\"'\"'") + "'" return "'" + s.replace("'", "'\"'\"'") + "'"
# Waits for the child process with the given PID, while at the same time
# reaping any other child processes that have exited (e.g. adopted child
# processes that have terminated).
def waitpid_reap_other_children(pid): def waitpid_reap_other_children(pid):
global terminated_child_processes
status = terminated_child_processes.get(pid)
if status:
# A previous call to waitpid_reap_other_children(),
# with an argument not equal to the current argument,
# already waited for this process. Return the status
# that was obtained back then.
del terminated_child_processes[pid]
return status
done = False done = False
status = None status = None
try:
this_pid, status = os.waitpid(pid, os.WNOHANG)
except OSError as e:
if e.errno == errno.ECHILD or e.errno == errno.ESRCH:
return None
else:
raise
while not done: while not done:
this_pid, status = os.waitpid(-1, 0) try:
done = this_pid == pid this_pid, status = os.waitpid(-1, 0)
if this_pid == pid:
done = True
else:
# Save status for later.
terminated_child_processes[this_pid] = status
except OSError as e:
if e.errno == errno.ECHILD or e.errno == errno.ESRCH:
return None
else:
raise
return status return status
def stop_child_process(name, pid, signo = signal.SIGTERM, time_limit = KILL_PROCESS_TIMEOUT): def stop_child_process(name, pid, signo = signal.SIGTERM, time_limit = KILL_PROCESS_TIMEOUT):
@@ -200,7 +221,7 @@ def run_startup_files():
def start_runit(): def start_runit():
info("Booting runit daemon...") info("Booting runit daemon...")
pid = os.spawnl(os.P_NOWAIT, "/usr/bin/runsvdir", "/usr/bin/runsvdir", pid = os.spawnl(os.P_NOWAIT, "/usr/bin/runsvdir", "/usr/bin/runsvdir",
"-P", "/etc/service", "log: %s" % ('.' * 395)) "-P", "/etc/service")
info("Runit started as PID %d" % pid) info("Runit started as PID %d" % pid)
return pid return pid

5
image/prepare.sh
View File

@@ -31,7 +31,10 @@ dpkg-divert --local --rename --add /usr/bin/ischroot
ln -sf /bin/true /usr/bin/ischroot ln -sf /bin/true /usr/bin/ischroot
## Install HTTPS support for APT. ## Install HTTPS support for APT.
$minimal_apt_get_install apt-transport-https $minimal_apt_get_install apt-transport-https ca-certificates
## Install add-apt-repository
$minimal_apt_get_install software-properties-common
## Upgrade all packages. ## Upgrade all packages.
apt-get dist-upgrade -y --no-install-recommends apt-get dist-upgrade -y --no-install-recommends

2
image/runit/syslog-ng
View File

@@ -24,7 +24,7 @@ esac
if [ ! -e /dev/xconsole ] if [ ! -e /dev/xconsole ]
then then
mknod -m 640 /dev/xconsole p mknod -m 640 /dev/xconsole p
chown root:adm chown root:adm /dev/xconsole
[ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE [ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE
fi fi

6
image/system_services.sh
View File

@@ -10,7 +10,11 @@ mkdir -p /etc/container_environment
touch /etc/container_environment.sh touch /etc/container_environment.sh
touch /etc/container_environment.json touch /etc/container_environment.json
chmod 700 /etc/container_environment chmod 700 /etc/container_environment
chmod 600 /etc/container_environment.sh /etc/container_environment.json
groupadd docker_env
chown :docker_env /etc/container_environment.sh /etc/container_environment.json
chmod 640 /etc/container_environment.sh /etc/container_environment.json
ln -s /etc/container_environment.sh /etc/profile.d/
## Install runit. ## Install runit.
$minimal_apt_get_install runit $minimal_apt_get_install runit

10
install-tools.sh Executable file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
set -e
dir=`dirname "$0"`
cd "$dir"
set -x
cp tools/* /usr/local/bin/
mkdir -p /usr/local/share/baseimage-docker
cp image/insecure_key /usr/local/share/baseimage-docker/
chmod 644 /usr/local/share/baseimage-docker/insecure_key

82
tools/docker-bash Executable file
View File

@@ -0,0 +1,82 @@
#!/bin/bash
set -e
set -o pipefail
KNOWN_HOSTS_FILE=
IP=
function usage()
{
echo "Usage: docker-bash <CONTAINER_ID> [COMMAND...]"
echo "Login to a Baseimage-based Docker container using SSH."
echo "If COMMAND is not given, opens an interactive shell."
echo "Otherwise, runs COMMAND inside the container."
}
function cleanup()
{
local pids=`jobs -p`
if [[ "$pids" != "" ]]; then
kill $pids
fi
if [[ "$KNOWN_HOSTS_FILE" != "" ]]; then
rm -f "$KNOWN_HOSTS_FILE"
fi
}
if [[ $# = 0 ]]; then
usage
exit
fi
CONTAINER_ID="$1"
shift
trap cleanup EXIT
if ! [[ -e ~/.baseimage_docker_insecure_key ]]; then
if [[ -e /usr/local/share/baseimage-docker/insecure_key ]]; then
cp /usr/local/share/baseimage-docker/insecure_key ~/.baseimage_docker_insecure_key
else
dir=`dirname "$0"`
dir=`cd "$dir/.." && pwd`
if [[ -e "$dir/image/insecure_key" ]]; then
cp "$dir/image/insecure_key" ~/.baseimage_docker_insecure_key
else
echo "*** ERROR ***: Baseimage-docker insecure key not found." >&2
echo "You probably didn't install docker-bash properly. Please reinstall it:" >&2
echo "" >&2
echo " curl --fail -L -O https://github.com/phusion/baseimage-docker/archive/master.tar.gz && \\" >&2
echo " tar xzf master.tar.gz && \\" >&2
echo " sudo ./baseimage-docker-master/install-tools.sh" >&2
exit 1
fi
fi
chown "`whoami`": ~/.baseimage_docker_insecure_key
chmod 600 ~/.baseimage_docker_insecure_key
fi
KNOWN_HOSTS_FILE=`mktemp /tmp/docker-bash.XXXXXXXXX`
IP=`docker inspect -f "{{ .NetworkSettings.IPAddress }}" "$CONTAINER_ID"`
# Prevent SSH from warning about adding a host to the known_hosts file.
ssh-keyscan "$IP" >"$KNOWN_HOSTS_FILE" 2>&1
if ! ssh -i ~/.baseimage_docker_insecure_key \
-o UserKnownHostsFile="$KNOWN_HOSTS_FILE" \
-o StrictHostKeyChecking=no \
-o PasswordAuthentication=no \
-o KbdInteractiveAuthentication=no \
-o ChallengeResponseAuthentication=no \
"root@$IP" "$@"
then
STATUS=$?
if [[ $# = 0 ]]; then
echo "----------------"
echo "It appears that login to the Docker container failed. This could be caused by the following reasons:"
echo "- The Docker container you're trying to login to is not based on Baseimage-docker. The docker-bash tool only works with Baseimage-docker-based containers."
echo "- You did not enable the the insecure key inside the container. Please read https://github.com/phusion/baseimage-docker/blob/master/README.md#login to learn how to enable the insecure key."
fi
exit $STATUS
fi