search

rroemhild / docker-test-openldap

Docker OpenLDAP Server for testing LDAP applications
MIT License
354 stars 140 forks source link

Infinite loop after restart #53

Open frafra opened 5 months ago

frafra commented 5 months ago 
Reconfigure slapd...
+ echo 'Reconfigure slapd...'
+ cat
+ debconf-set-selections
+ DEBIAN_FRONTEND=noninteractive
+ dpkg-reconfigure slapd
  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.47+dfsg-3+deb10u7... done.
  Moving old database directory to /var/backups:

  Backup path /var/backups/unknown-2.4.47+dfsg-3+deb10u7.ldapdb exists. Giving up...
[cont-init.d] 000-slapd-package-config: exited 1.
[cont-init.d] 010-tls-certificates: executing... 
+ [[ -f /etc/ldap/ssl/ldap.key ]]
TLS Certificates already present. Using provided certificates
+ [[ -f /etc/ldap/ssl/ldap.crt ]]
+ echo 'TLS Certificates already present. Using provided certificates'
[cont-init.d] 010-tls-certificates: exited 0.
[cont-init.d] 020-filesystem-perms: executing... 
+ chown -R openldap:openldap /etc/ldap
[cont-init.d] 020-filesystem-perms: exited 0.
[cont-init.d] 050-openldap-populate: executing... 
+ slapd -h ldapi:/// -u openldap -g openldap
+ configure_msad_features
+ echo 'Configure MS-AD Extensions'
+ ldapmodify -Y EXTERNAL -H ldapi:/// -f /opt/openldap/bootstrap/config/msad.ldif -Q
Configure MS-AD Extensions
ldap_modify: Type or value exists (20)
      additional info: modify/add: olcAttributeTypes: value #0 already exists
modifying entry "cn={0}core,cn=schema,cn=config"

[cont-init.d] 050-openldap-populate: exited 20.
[cont-init.d] done.
[services.d] starting services
starting slapd
[services.d] done.
6617b7c5 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
6617b7c6 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c6 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c6 slapd stopped.
starting slapd
6617b7c6 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
6617b7c7 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c7 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c7 slapd stopped.
starting slapd
6617b7c7 @(#) $OpenLDAP: slapd  (May 14 2022 18:35:44) $
      Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
6617b7c8 hdb_db_open: database "dc=planetexpress,dc=com": database already in use.
6617b7c8 backend_startup_one (type=hdb, suffix="dc=planetexpress,dc=com"): bi_db_open failed! (-1)
6617b7c8 slapd stopped.

I would advise against using VOLUMES in Dockerfile, as not all users are interested in having persistency on these paths, and it looks like it is not possible to just ignore them. Without the volumes the error would not happen.

OctoNezd commented 3 months ago

To anyone with same issue: you can fix this by directly running slapd: /usr/sbin/slapd -h "ldapi:/// ldap://0.0.0.0:10389 ldaps://0.0.0.0:10636" -d 256

osnard commented 2 months ago

I am having the same issue. I wanted to add additional attributes to the users and therefore mount

volumes:
      - ${DATADIR}/ldap/opt/openldap/bootstrap/data:/opt/openldap/bootstrap/data

Now I am getting the database already in use loop. I have also tried to build a local image and removing the VOLUME declaration in the Dockerfile [1]. But that didn't work either. Any hints?

[1] https://github.com/rroemhild/docker-test-openldap/blob/2645f2164ffb51ec4b5b4a9af0065ad7f2ffc1cf/Dockerfile#L34

cadabrum commented 1 month ago

I don’t know how to configure the LDAP server correctly, but this hack helped:

rootfs/etc/services.d/slapd/run

#!/usr/bin/with-contenv bash

echo "starting slapd"
/usr/sbin/slapd -h "ldapi:/// ldap://0.0.0.0:10389 ldaps://0.0.0.0:10636" -d 256 -u openldap -g openldap

echo "Removing lock file..."
rm /var/lib/ldap/alock