From cbf2fadc4d00beed7c98a53eaa473fb5305df00c Mon Sep 17 00:00:00 2001 From: Mathieu Virbel Date: Tue, 1 Apr 2025 17:08:52 -0600 Subject: [PATCH] fix(ssh): do not enable ssh automatically --- README.md | 3 +++ mcontainer/cli.py | 2 ++ mcontainer/container.py | 6 ++++++ mcontainer/drivers/goose/mc-init.sh | 10 +++++++--- mcontainer/models.py | 1 + mcontainer/user_config.py | 2 +- 6 files changed, 20 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c20164d..d2f4093 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,9 @@ mcx https://github.com/username/repo --mcp github # Shorthand with an initial command mcx . --run "apt-get update && apt-get install -y my-package" + +# Enable SSH server in the container +mcx --ssh ``` ## Driver Management diff --git a/mcontainer/cli.py b/mcontainer/cli.py index b31b131..0ac49d1 100644 --- a/mcontainer/cli.py +++ b/mcontainer/cli.py @@ -163,6 +163,7 @@ def create_session( gid: Optional[int] = typer.Option( None, "--gid", help="Group ID to run the container as (defaults to host user)" ), + ssh: bool = typer.Option(False, "--ssh", help="Start SSH server in the container"), ) -> None: """Create a new MC session @@ -267,6 +268,7 @@ def create_session( run_command=run_command, uid=target_uid, gid=target_gid, + ssh=ssh, ) if session: diff --git a/mcontainer/container.py b/mcontainer/container.py index 201df0a..1e5bed3 100644 --- a/mcontainer/container.py +++ b/mcontainer/container.py @@ -148,6 +148,7 @@ class ContainerManager: run_command: Optional[str] = None, uid: Optional[int] = None, gid: Optional[int] = None, + ssh: bool = False, ) -> Optional[Session]: """Create a new MC session @@ -163,6 +164,7 @@ class ContainerManager: mcp: Optional list of MCP server names to attach to the session uid: Optional user ID for the container process gid: Optional group ID for the container process + ssh: Whether to start the SSH server in the container (default: False) """ try: # Validate driver exists @@ -188,6 +190,9 @@ class ContainerManager: if gid is not None: env_vars["TARGET_GID"] = str(gid) + # Set SSH environment variable + env_vars["MC_SSH_ENABLED"] = "true" if ssh else "false" + # Pass API keys from host environment to container for local development api_keys = [ "OPENAI_API_KEY", @@ -596,6 +601,7 @@ class ContainerManager: run_command=run_command, # Store the command uid=uid, gid=gid, + ssh=ssh, # Store SSH setting ) # Save session to the session manager diff --git a/mcontainer/drivers/goose/mc-init.sh b/mcontainer/drivers/goose/mc-init.sh index 0f98774..be87139 100755 --- a/mcontainer/drivers/goose/mc-init.sh +++ b/mcontainer/drivers/goose/mc-init.sh @@ -45,9 +45,13 @@ chown $MC_USER_ID:$MC_GROUP_ID /home/mcuser mkdir -p /app chown $MC_USER_ID:$MC_GROUP_ID /app -# Start SSH server as root before switching user -echo "Starting SSH server..." -/usr/sbin/sshd +# Start SSH server only if explicitly enabled +if [ "$MC_SSH_ENABLED" = "true" ]; then + echo "Starting SSH server..." + /usr/sbin/sshd +else + echo "SSH server disabled (use --ssh flag to enable)" +fi # --- END INSERTED BLOCK --- diff --git a/mcontainer/models.py b/mcontainer/models.py index a2762c3..1580931 100644 --- a/mcontainer/models.py +++ b/mcontainer/models.py @@ -108,6 +108,7 @@ class Session(BaseModel): run_command: Optional[str] = None # Command executed on start uid: Optional[int] = None # Store UID used gid: Optional[int] = None # Store GID used + ssh: bool = False # Whether SSH server is enabled class Config(BaseModel): diff --git a/mcontainer/user_config.py b/mcontainer/user_config.py index b37b994..f52fa59 100644 --- a/mcontainer/user_config.py +++ b/mcontainer/user_config.py @@ -93,7 +93,7 @@ class UserConfigManager: "mount_local": True, "networks": [], # Default networks to connect to (besides mc-network) "volumes": [], # Default volumes to mount, format: "source:dest" - "mcps": [], # Default MCP servers to connect to + "mcps": [], # Default MCP servers to connect to }, "services": { "langfuse": {},