From 887cf0fe67e220bba3ca6e61856c293713912bf6 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 25 Mar 2022 14:05:46 +0000 Subject: [PATCH] 2.6.1-debian-10-r62 release --- bitnami/openldap/2.6/debian-10/Dockerfile | 2 +- .../prebuildfs/opt/bitnami/scripts/libwebserver.sh | 4 ---- .../debian-10/rootfs/opt/bitnami/scripts/libopenldap.sh | 2 +- bitnami/openldap/README.md | 8 +++++--- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/bitnami/openldap/2.6/debian-10/Dockerfile b/bitnami/openldap/2.6/debian-10/Dockerfile index 830996025480..fe0df885e1e3 100644 --- a/bitnami/openldap/2.6/debian-10/Dockerfile +++ b/bitnami/openldap/2.6/debian-10/Dockerfile @@ -19,7 +19,7 @@ COPY rootfs / RUN /opt/bitnami/scripts/openldap/postunpack.sh ENV APP_VERSION="2.6.1" \ BITNAMI_APP_NAME="openldap" \ - BITNAMI_IMAGE_VERSION="2.6.1-debian-10-r61" \ + BITNAMI_IMAGE_VERSION="2.6.1-debian-10-r62" \ PATH="/opt/bitnami/openldap/bin:/opt/bitnami/openldap/sbin:/opt/bitnami/common/bin:$PATH" EXPOSE 1389 1636 diff --git a/bitnami/openldap/2.6/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/openldap/2.6/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh index 503650210583..818c2158032b 100644 --- a/bitnami/openldap/2.6/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ b/bitnami/openldap/2.6/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh @@ -392,10 +392,6 @@ web_server_update_app_configuration() { --hosts \ | --server-name \ | --server-aliases \ - | --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ | --http-port \ | --https-port \ ) diff --git a/bitnami/openldap/2.6/debian-10/rootfs/opt/bitnami/scripts/libopenldap.sh b/bitnami/openldap/2.6/debian-10/rootfs/opt/bitnami/scripts/libopenldap.sh index 746b93d122ee..174e76702b76 100644 --- a/bitnami/openldap/2.6/debian-10/rootfs/opt/bitnami/scripts/libopenldap.sh +++ b/bitnami/openldap/2.6/debian-10/rootfs/opt/bitnami/scripts/libopenldap.sh @@ -2,7 +2,7 @@ # # Bitnami OpenLDAP library -# shellcheck disable=SC1090,SC1091 +# shellcheck disable=SC1090,SC1091,SC2119,SC2120 # Load Generic Libraries . /opt/bitnami/scripts/libfile.sh diff --git a/bitnami/openldap/README.md b/bitnami/openldap/README.md index 76645e1413d2..a1f39ebb4081 100644 --- a/bitnami/openldap/README.md +++ b/bitnami/openldap/README.md @@ -41,7 +41,7 @@ Non-root container images add an extra layer of security and are generally recom Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/). -* [`2.6`, `2.6-debian-10`, `2.6.1`, `2.6.1-debian-10-r61`, `latest` (2.6/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.6.1-debian-10-r61/2.6/debian-10/Dockerfile) +* [`2.6`, `2.6-debian-10`, `2.6.1`, `2.6.1-debian-10-r62`, `latest` (2.6/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.6.1-debian-10-r62/2.6/debian-10/Dockerfile) * [`2.5`, `2.5-debian-10`, `2.5.11`, `2.5.11-debian-10-r63` (2.5/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.5.11-debian-10-r63/2.5/debian-10/Dockerfile) * [`2.4`, `2.4-debian-10`, `2.4.59`, `2.4.59-debian-10-r245` (2.4/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.4.59-debian-10-r245/2.4/debian-10/Dockerfile) @@ -176,7 +176,7 @@ $ docker-compose up -d The Bitnami Docker OpenLDAP can be easily setup with the following environment variables: - `LDAP_PORT_NUMBER`: The port OpenLDAP is listening for requests. Default: **1389** (non privileged port) -- `LDAP_ROOT`: LDAP database root node of the LDAP tree. Default: **dc=example,dc=org** +- `LDAP_ROOT`: LDAP baseDN (or suffix) of the LDAP tree. Default: **dc=example,dc=org** - `LDAP_ADMIN_USERNAME`: LDAP database admin user. Default: **admin** - `LDAP_ADMIN_PASSWORD`: LDAP database admin password. Default: **adminpassword** - `LDAP_CONFIG_ADMIN_ENABLED`: Whether to create a configuration admin user. Default: **no**. @@ -188,11 +188,13 @@ The Bitnami Docker OpenLDAP can be easily setup with the following environment v - `LDAP_GROUP`: Group used to group created users. Default: **readers** - `LDAP_EXTRA_SCHEMAS`: Extra schemas to add, among OpenLDAP's distributed schemas. Default: **cosine, inetorgperson, nis** - `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. Default: **no** -- `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this will override the usage of `LDAP_ROOT`,`LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. Default: **/ldifs** +- `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files.Default: **/ldifs** - `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**" - `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**. - `LDAP_ALLOW_ANON_BINDING`: Allow anonymous bindings to the LDAP server. Default: **yes**. +You can bootstrap the contents of your database by putting LDIF files in the directory `/ldifs` (or the one you define in `LDAP_CUSTOM_LDIF_DIR`). Those may only contain content underneath your base DN (set by `LDAP_ROOT`). You can **not** set configuration for e.g. `cn=config` in those files. + Check the official [OpenLDAP Configuration Reference](https://www.openldap.org/doc/admin24/guide.html) for more information about how to configure OpenLDAP. ### Securing OpenLDAP traffic