Added Samba docker container to allow for easier deployment of smb service

Dockerfile.smb

@@ -0,0 +1,23 @@
+FROM debian:stable
+
+# Download cache lists and install minimal versions
+RUN apt-get update && apt-get -yq install --no-install-recommends \
+	# Required linux dependencies
+	sudo vim samba samba-vfs-modules smbclient rsyslog && \
+	# Remove cache lists and clean up anything not needed to minimize image size
+	apt-get autoremove -yq && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /samba
+COPY data/smb /samba/
+RUN touch /var/log/samba/audit.log
+RUN echo "local7.*        /var/log/samba/audit.log" >> /etc/rsyslog.conf
+
+# Create and set the working directory
+WORKDIR /srv
+
+# Copy only the files needed to install dependencies
+COPY run-smb.sh .
+
+# Set the default application we are running
+ENTRYPOINT [ "/srv/run-smb.sh" ]
+

data/.opencanary.conf

@@ -77,7 +77,7 @@
     "portscan.nmaposrate": 5,
     "portscan.lorate": 3,
     "portscan.ignore_ports": [ ],
-    "smb.auditfile": "/var/log/samba-audit.log",
+    "smb.auditfile": "/var/log/samba/audit.log",
     "smb.enabled": false,
     "mysql.enabled": false,
     "mysql.port": 3306,

data/smb.conf

@@ -0,0 +1,28 @@
+[global]
+   workgroup = WORKGROUP
+   server string = NBDocs
+   netbios name = SRV01
+   dns proxy = no
+   log file = /var/log/samba/log.all
+   log level = 0
+   max log size = 100
+   panic action = /usr/share/samba/panic-action %d
+   server role = standalone
+   passdb backend = tdbsam
+   obey pam restrictions = yes
+   unix password sync = no
+   map to guest = bad user
+   usershare allow guests = yes
+   load printers = no
+   vfs object = full_audit
+   full_audit:prefix = %U|%I|%i|%m|%S|%L|%R|%a|%T|%D
+   full_audit:success = flistxattr
+   full_audit:failure = none
+   full_audit:facility = local7
+   full_audit:priority = notice
+[myshare]
+   comment = All the stuff!
+   path = /samba
+   guest ok = yes
+   read only = yes
+   browseable = yes

data/smb/README.txt

@@ -0,0 +1 @@
+All files in this directory are copied and shared via Samba. Keep in mind that this share will allow guest access.

docker-compose.yml

@@ -1,11 +1,10 @@
-version: "3.4"
 
 x-common: &common
   restart: unless-stopped
   volumes:
     - ./data/.opencanary.conf:/root/.opencanary.conf
     # uncomment below if running Samba
-    # - /var/log/samba-audit.log:/var/log/samba-audit.log
+    # - audit-log:/var/log/samba
   image: "opencanary"
   network_mode: "host"
   ports:
@@ -44,17 +43,37 @@ x-common: &common
     # - "9418:9418"
 
 services:
-  latest: # docker-compose up --build -d latest
+  latest: # docker compose up --build -d latest
     <<: *common
     container_name: opencanary_latest
     image: thinkst/opencanary
     build:
       context: .
       dockerfile: Dockerfile.latest
 
-  stable: # docker-compose up --build -d stable
+  # Uncomment if smb is to be enabled
+  # samba: # docker compose up --build -d samba
+  #   <<: *common
+  #   container_name: opencanary_samba
+  #   image: thinkst/opencanary_samba
+  #   restart: unless-stopped
+  #   volumes:
+  #     - audit-log:/var/log/samba/
+  #     - ./data/smb.conf:/etc/samba/smb.conf
+  #   network_mode: host
+  #   ports:
+  #     # SMB
+  #     - "445:445"
+  #   build:
+  #     context: .
+  #     dockerfile: Dockerfile.smb
+
+  stable: # docker compose up --build -d stable
     <<: *common
     container_name: opencanary_stable
     build:
       context: .
       dockerfile: Dockerfile.stable
+
+volumes:
+  audit-log:

run-smb.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+rsyslogd &
+smbd &
+sleep infinity