openshift / openldap Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
Allow for RHEL7-based images using make
.
The following branches are being fast-forwarded from the current development branch (master) as placeholders for future releases. No merging is allowed into these release branches until they are unfrozen for production release.
release-4.18
release-4.19
For more information, see the branching documentation.
I need change and customise some codes to adapt for our environment. But the "DISCLAIMER" part in README confused me if I still can use it or not.
Can I refer this repository to create openldap docker image in private cloud which isn't built in Openshift?
Tests necessary:
run-openldap.sh
with random user and with rootldapadd
or ldapmodify
with root credentialsldapmodify
for things requiring cn=config
credentialsldapsearch
get all to confirm starting Organization
objectslaptest
Blind-mounting valid etc/openldap
and var/lib/ldap
should be supported for migration of existing LDAP setups.
openshift/openldap-2441-centos7
went missing from Docker Hub and building from source fails with error:
$ docker build -t openshift/openldap-2441-centos7 -f images/Dockerfile.rhel7 .
... skip ...
2023-10-24T10:15:54.2611716Z #12 12.34 This system is not receiving updates. You can use subscription-manager on the host to register and assign subscriptions.
2023-10-24T10:15:54.2615205Z #12 12.34
2023-10-24T10:15:54.2616674Z #12 12.36 Cleaning repos: ubi-7 ubi-7-rhah ubi-7-server-extras-rpms
2023-10-24T10:15:54.2618165Z #12 12.36 : ubi-7-server-optional-rpms ubi-server-rhscl-7-rpms
2023-10-24T10:15:54.2620236Z #12 12.39 Failed to set capabilities on file `/usr/sbin/slapd' (No such file or directory)
2023-10-24T10:15:54.2622200Z #12 12.39 usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]
2023-10-24T10:15:54.2624190Z #12 12.39
2023-10-24T10:15:54.2624883Z #12 12.39 Note <filename> must be a regular (non-symlink) file.
2023-10-24T10:15:54.3084027Z #12 ERROR: process "/bin/sh -c yum install -y git openssl openldap openldap-servers openldap-clients procps-ng && yum clean all -y && setcap 'cap_net_bind_service=+ep' /usr/sbin/slapd && mkdir -p /var/lib/ldap && chmod a+rwx -R /var/lib/ldap && mkdir -p /etc/openldap && chmod a+rwx -R /etc/openldap && mkdir -p /var/run/openldap && chmod a+rwx -R /var/run/openldap && chmod -R a+rw /opt/openshift" did not complete successfully: exit code: 1
2023-10-24T10:15:54.3088186Z ------
2023-10-24T10:15:54.3091900Z > [8/8] RUN yum install -y git openssl openldap openldap-servers openldap-clients procps-ng && yum clean all -y && setcap 'cap_net_bind_service=+ep' /usr/sbin/slapd && mkdir -p /var/lib/ldap && chmod a+rwx -R /var/lib/ldap && mkdir -p /etc/openldap && chmod a+rwx -R /etc/openldap && mkdir -p /var/run/openldap && chmod a+rwx -R /var/run/openldap && chmod -R a+rw /opt/openshift:
2023-10-24T10:15:54.3096150Z 12.32 Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager
2023-10-24T10:15:54.3097108Z 12.34
2023-10-24T10:15:54.3098371Z 12.34 This system is not receiving updates. You can use subscription-manager on the host to register and assign subscriptions.
2023-10-24T10:15:54.3188887Z 12.34
2023-10-24T10:15:54.3189936Z 12.36 Cleaning repos: ubi-7 ubi-7-rhah ubi-7-server-extras-rpms
2023-10-24T10:15:54.3195350Z 12.36 : ubi-7-server-optional-rpms ubi-server-rhscl-7-rpms
2023-10-24T10:15:54.3198661Z 12.39 Failed to set capabilities on file `/usr/sbin/slapd' (No such file or directory)
2023-10-24T10:15:54.3200119Z 12.39 usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]
2023-10-24T10:15:54.3201037Z 12.39
2023-10-24T10:15:54.3202001Z 12.39 Note <filename> must be a regular (non-symlink) file.
2023-10-24T10:15:54.3202762Z ------
2023-10-24T10:15:54.3203097Z Dockerfile.rhel7:27
2023-10-24T10:15:54.3203557Z --------------------
2023-10-24T10:15:54.3204277Z 26 | # Install OpenLDAP Server, give it permissionst to bind to low ports
2023-10-24T10:15:54.3205943Z 27 | >>> RUN yum install -y git openssl openldap openldap-servers openldap-clients procps-ng && \
2023-10-24T10:15:54.3207158Z 28 | >>> yum clean all -y && \
2023-10-24T10:15:54.3208014Z 29 | >>> setcap 'cap_net_bind_service=+ep' /usr/sbin/slapd && \
2023-10-24T10:15:54.3209267Z 30 | >>> mkdir -p /var/lib/ldap && \
2023-10-24T10:15:54.3210106Z 31 | >>> chmod a+rwx -R /var/lib/ldap && \
2023-10-24T10:15:54.3210875Z 32 | >>> mkdir -p /etc/openldap && \
2023-10-24T10:15:54.3211659Z 33 | >>> chmod a+rwx -R /etc/openldap && \
2023-10-24T10:15:54.3212451Z 34 | >>> mkdir -p /var/run/openldap && \
2023-10-24T10:15:54.3213235Z 35 | >>> chmod a+rwx -R /var/run/openldap && \
2023-10-24T10:15:54.3214026Z 36 | >>> chmod -R a+rw /opt/openshift
2023-10-24T10:15:54.3214636Z 37 |
2023-10-24T10:15:54.3215192Z --------------------
2023-10-24T10:15:54.3219480Z ERROR: failed to solve: process "/bin/sh -c yum install -y git openssl openldap openldap-servers openldap-clients procps-ng && yum clean all -y && setcap 'cap_net_bind_service=+ep' /usr/sbin/slapd && mkdir -p /var/lib/ldap && chmod a+rwx -R /var/lib/ldap && mkdir -p /etc/openldap && chmod a+rwx -R /etc/openldap && mkdir -p /var/run/openldap && chmod a+rwx -R /var/run/openldap && chmod -R a+rw /opt/openshift" did not complete successfully: exit code: 1
Is there any workaround available ?
Add support for TLS/SSl for LDAPS over poer 686. Most likely done with blind-mounting the certs to etc/openldap/certs
and updating the database with the following ldif
:
dn: cn=config
changetype: modify
add: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/openldap/certs/ca-bundle.crt
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/certs/server.crt
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/certs/server.key
by default it runs on port 389,
ca we allows it to run with non privileged ports (> 1024) ?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.