2.4.56-debian-10-r63 release

2021-01-15 23:00:39 +00:00 · 2021-01-15 23:00:39 +00:00 · 4c7c30b150
parent e9d2f1d4fa
commit 4c7c30b150
4 changed files with 66 additions and 8 deletions
--- a/bitnami/openldap/2/debian-10/Dockerfile
+++ b/bitnami/openldap/2/debian-10/Dockerfile
@ -18,7 +18,7 @@ RUN chmod g+rwX /opt/bitnami
 COPY rootfs /
 RUN /opt/bitnami/scripts/openldap/postunpack.sh
 ENV BITNAMI_APP_NAME="openldap" \
-    BITNAMI_IMAGE_VERSION="2.4.56-debian-10-r62" \
+    BITNAMI_IMAGE_VERSION="2.4.56-debian-10-r63" \
    PATH="/opt/bitnami/openldap/bin:/opt/bitnami/openldap/sbin:/opt/bitnami/common/bin:$PATH"

 EXPOSE 1389 1636
--- a/bitnami/openldap/2/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
+++ b/bitnami/openldap/2/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
@ -37,14 +37,34 @@ group_exists() {
 # Create a group in the system if it does not exist already
 # Arguments:
 #   $1 - group
+# Flags:
+#   -s|--system - Whether to create new user as system user (uid <= 999)
 # Returns:
 #   None
 #########################
 ensure_group_exists() {
    local group="${1:?group is missing}"
+    local is_system_user=false
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+            -s|--system)
+                is_system_user=true
+                ;;
+            *)
+                echo "Invalid command line flag $1" >&2
+                return 1
+                ;;
+        esac
+        shift
+    done

    if ! group_exists "$group"; then
-        groupadd "$group" >/dev/null 2>&1
+        local -a args=("$group")
+        $is_system_user && args+=("--system")
+        groupadd "${args[@]}" >/dev/null 2>&1
    fi
 }

@ -52,22 +72,60 @@ ensure_group_exists() {
 # Create an user in the system if it does not exist already
 # Arguments:
 #   $1 - user
-#   $2 - group
+# Flags:
+#   -g|--group - the group the new user should belong to
+#   -h|--home - the home directory for the new user
+#   -s|--system - whether to create new user as system user (uid <= 999)
 # Returns:
 #   None
 #########################
 ensure_user_exists() {
    local user="${1:?user is missing}"
-    local group="${2:-}"
+    local group=""
+    local home=""
+    local is_system_user=false
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+            -g|--group)
+                shift
+                group="${1:?missing group}"
+                ;;
+            -h|--home)
+                shift
+                home="${1:?missing home directory}"
+                ;;
+            -s|--system)
+                is_system_user=true
+                ;;
+            *)
+                echo "Invalid command line flag $1" >&2
+                return 1
+                ;;
+        esac
+        shift
+    done

    if ! user_exists "$user"; then
-        useradd "$user" >/dev/null 2>&1
+        local -a user_args=("-N" "$user")
+        $is_system_user && user_args+=("--system")
+        useradd "${user_args[@]}" >/dev/null 2>&1
    fi

    if [[ -n "$group" ]]; then
-        ensure_group_exists "$group"
+        local -a group_args=("$group")
+        $is_system_user && group_args+=("--system")
+        ensure_group_exists "${group_args[@]}"
        usermod -a -G "$group" "$user" >/dev/null 2>&1
    fi
+
+    if [[ -n "$home" ]]; then
+        mkdir -p "$home"
+        usermod -d "$home" "$user" >/dev/null 2>&1
+        configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
+    fi
 }

 ########################
--- a/bitnami/openldap/2/debian-10/rootfs/opt/bitnami/scripts/openldap/setup.sh
+++ b/bitnami/openldap/2/debian-10/rootfs/opt/bitnami/scripts/openldap/setup.sh
@ -16,6 +16,6 @@ eval "$(ldap_env)"
 # Ensure Open LDAP environment variables are valid
 ldap_validate
 # Ensure 'daemon' user exists when running as 'root'
-am_i_root && ensure_user_exists "$LDAP_DAEMON_USER" "$LDAP_DAEMON_GROUP"
+am_i_root && ensure_user_exists "$LDAP_DAEMON_USER" --group "$LDAP_DAEMON_GROUP"
 # Ensure Open LDAP server is initialize
 ldap_initialize
--- a/bitnami/openldap/README.md
+++ b/bitnami/openldap/README.md
@ -35,7 +35,7 @@ Non-root container images add an extra layer of security and are generally recom
 Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).


-* [`2`, `2-debian-10`, `2.4.56`, `2.4.56-debian-10-r62`, `latest` (2/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.4.56-debian-10-r62/2/debian-10/Dockerfile)
+* [`2`, `2-debian-10`, `2.4.56`, `2.4.56-debian-10-r63`, `latest` (2/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-openldap/blob/2.4.56-debian-10-r63/2/debian-10/Dockerfile)

 Subscribe to project updates by watching the [bitnami/openldap GitHub repo](https://github.com/bitnami/bitnami-docker-openldap).