openldap: set capabilities on /opt/bitnami/openldap/sbin/slapd binary (#38469)

openldap: set capabilities on /opt/bitnami/openldap/sbin/slapd binary to allow it to listen on privileged ports like 389 (ldap://) or 636 (ldaps://) when using docker network type host Signed-off-by: Thomas König <tom@faircoin.world>
2026-03-27 15:27:48 +08:00 · 2023-06-23 16:19:53 +02:00
parent 789ce552db
commit f1c3a8a8c9
3 changed files with 6 additions and 6 deletions
--- a/bitnami/openldap/2.6/debian-11/Dockerfile
+++ b/bitnami/openldap/2.6/debian-11/Dockerfile
@@ -19,7 +19,7 @@ ENV HOME="/" \
 COPY prebuildfs /
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Install required system packages and dependencies
-RUN install_packages ca-certificates curl libargon2-1 libcom-err2 libcrypt1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libltdl7 libnsl2 libnss3-tools libodbc1 libperl5.32 libsasl2-2 libssl1.1 libtirpc3 libwrap0 mdbtools procps psmisc
+RUN install_packages ca-certificates curl libargon2-1 libcap2-bin libcom-err2 libcrypt1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libltdl7 libnsl2 libnss3-tools libodbc1 libperl5.32 libsasl2-2 libssl1.1 libtirpc3 libwrap0 mdbtools procps psmisc
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
    COMPONENTS=( \
      "openldap-2.6.4-3-linux-${OS_ARCH}-debian-11" \
@@ -36,7 +36,7 @@ RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
 RUN apt-get autoremove --purge -y curl && \
    apt-get update && apt-get upgrade -y && \
    apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives
-RUN chmod g+rwX /opt/bitnami
+RUN chmod g+rwX /opt/bitnami && setcap 'cap_net_bind_service=+ep' /opt/bitnami/openldap/sbin/slapd

 COPY rootfs /
 RUN /opt/bitnami/scripts/openldap/postunpack.sh