From 51171ae3d483d49ff1b7cfdd4df333c47d47b768 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 23 Jun 2023 19:54:08 +0200 Subject: [PATCH] [bitnami/openldap] Release 2.5.14-debian-11-r39 (#38628) Signed-off-by: Bitnami Containers --- bitnami/openldap/2.5/debian-11/Dockerfile | 11 +++++++---- .../prebuildfs/opt/bitnami/.bitnami_components.json | 2 +- .../debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh | 2 +- .../rootfs/opt/bitnami/scripts/openldap/postunpack.sh | 2 ++ bitnami/openldap/README.md | 4 ++-- 5 files changed, 13 insertions(+), 8 deletions(-) diff --git a/bitnami/openldap/2.5/debian-11/Dockerfile b/bitnami/openldap/2.5/debian-11/Dockerfile index 1887cfd5d772..84f5f576a67f 100644 --- a/bitnami/openldap/2.5/debian-11/Dockerfile +++ b/bitnami/openldap/2.5/debian-11/Dockerfile @@ -1,12 +1,15 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + FROM docker.io/bitnami/minideb:bullseye ARG TARGETARCH LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-06-21T07:28:25Z" \ + org.opencontainers.image.created="2023-06-23T17:31:42Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.5.14-debian-11-r38" \ + org.opencontainers.image.ref.name="2.5.14-debian-11-r39" \ org.opencontainers.image.title="openldap" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="2.5.14" @@ -22,7 +25,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN install_packages ca-certificates curl libargon2-1 libcap2-bin libcom-err2 libcrypt1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libltdl7 libnsl2 libnss3-tools libsasl2-2 libssl1.1 libtirpc3 libwrap0 mdbtools procps psmisc RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ - "openldap-2.5.14-3-linux-${OS_ARCH}-debian-11" \ + "openldap-2.5.14-4-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ if [ ! -f "${COMPONENT}.tar.gz" ]; then \ @@ -36,7 +39,7 @@ RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ RUN apt-get autoremove --purge -y curl && \ apt-get update && apt-get upgrade -y && \ apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami && setcap 'cap_net_bind_service=+ep' /opt/bitnami/openldap/sbin/slapd +RUN chmod g+rwX /opt/bitnami COPY rootfs / RUN /opt/bitnami/scripts/openldap/postunpack.sh diff --git a/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index df5b935657ee..066fab9ac442 100644 --- a/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -3,6 +3,6 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "2.5.14-3" + "version": "2.5.14-4" } } \ No newline at end of file diff --git a/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh index 801b9412bd99..eb52f7644785 100644 --- a/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ b/bitnami/openldap/2.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh @@ -42,7 +42,7 @@ ensure_dir_exists() { local owner_user="${2:-}" local owner_group="${3:-}" - mkdir -p "${dir}" + [ -d "${dir}" ] || mkdir -p "${dir}" if [[ -n $owner_user ]]; then owned_by "$dir" "$owner_user" "$owner_group" fi diff --git a/bitnami/openldap/2.5/debian-11/rootfs/opt/bitnami/scripts/openldap/postunpack.sh b/bitnami/openldap/2.5/debian-11/rootfs/opt/bitnami/scripts/openldap/postunpack.sh index 8be942d5ae82..f983b18f6053 100755 --- a/bitnami/openldap/2.5/debian-11/rootfs/opt/bitnami/scripts/openldap/postunpack.sh +++ b/bitnami/openldap/2.5/debian-11/rootfs/opt/bitnami/scripts/openldap/postunpack.sh @@ -23,3 +23,5 @@ done # Symlinks to normalize directories ln -sf "$LDAP_ONLINE_CONF_DIR" "${LDAP_CONF_DIR}/slapd.d" ln -sf "$LDAP_DATA_DIR" "${LDAP_VAR_DIR}/data" + +setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/openldap/sbin/slapd diff --git a/bitnami/openldap/README.md b/bitnami/openldap/README.md index 583f6dd525af..34c8943553a5 100644 --- a/bitnami/openldap/README.md +++ b/bitnami/openldap/README.md @@ -173,7 +173,7 @@ docker-compose up -d The Bitnami Docker OpenLDAP can be easily setup with the following environment variables: -* `LDAP_PORT_NUMBER`: The port OpenLDAP is listening for requests. Default: **1389** (non privileged port) or use the standard port **389** +* `LDAP_PORT_NUMBER`: The port OpenLDAP is listening for requests. Priviledged port is supported (e.g. `1389`). Default: **1389** (non privileged port). * `LDAP_ROOT`: LDAP baseDN (or suffix) of the LDAP tree. Default: **dc=example,dc=org** * `LDAP_ADMIN_USERNAME`: LDAP database admin user. Default: **admin** * `LDAP_ADMIN_PASSWORD`: LDAP database admin password. Default: **adminpassword** @@ -205,7 +205,7 @@ Check the official [OpenLDAP Configuration Reference](https://www.openldap.org/d OpenLDAP clients and servers are capable of using the Transport Layer Security (TLS) framework to provide integrity and confidentiality protections and to support LDAP authentication using the SASL EXTERNAL mechanism. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: * `LDAP_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `LDAP_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults: **1636** (non privileged port) or use the standard port **636** +* `LDAP_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic. Priviledged port is supported (e.g. `636`). Default: **1636** (non privileged port). * `LDAP_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. * `LDAP_TLS_KEY_FILE`: File containing the key for certificate. No defaults. * `LDAP_TLS_CA_FILE`: File containing the CA of the certificate. No defaults.