tiredofit / docker-openldap

Dockerized LDAP server with many customizable options
MIT License
110 stars 48 forks source link

Init with ENABLE_READONLY_USER not working in latest version #71

Closed dr-waterstorm closed 1 year ago

dr-waterstorm commented 1 year ago

Summary

When trying to deploy a new instance with ENABLE_READONLY_USER set to true it fails in the init script with command not found

Steps to reproduce

Spin up a new container with ENABLE_READONLY_USER set to true

What is the expected correct behavior?

Go through the init without issues.

Relevant logs and/or screenshots

The relevant log of the container:

2023-11-16.15:49:53 [NOTICE] ** [openldap] Adding default top level data configuration
/assets/slapd/config/bootstrap/default/default.sh: line 35: READONLY_USER_PASS: command not found
2023-11-16.15:49:53 [NOTICE] ** [openldap] Adding read only (DSA) user
ldap_sasl_interactive_bind: Server is unwilling to perform (53)
additional info: authentication required

The complete log:

2023-11-16.15:49:11 [NOTICE] ** [monitoring] Container configured for monitoring with 'zabbix modern'
2023-11-16.15:49:11 [NOTICE] ** [scheduling] Container configured for scheduled tasks with 'cron'
2023-11-16.15:49:12 [NOTICE] ** [messaging] Container configured to route mail via SMTP to 'postfix-relay'
2023-11-16.15:49:12 [NOTICE] ** [openldap] Setting up directories
2023-11-16.15:49:12 [NOTICE] ** [openldap] Configuring OpenLDAP server
2023-11-16.15:49:12 [WARN] ** [openldap] First time install detected
2023-11-16.15:49:12 [NOTICE] ** [openldap] Using NIS schema type
2023-11-16.15:49:14 [NOTICE] ** [openldap] Converting schemas to LDIF
2023-11-16.15:49:14 [NOTICE] ** [openldap] Adding converted schemas
2023-11-16.15:49:14 [NOTICE] ** [openldap] Setting Security and ACLs
2023-11-16.15:49:14 [NOTICE] ** [openldap] Add bootstrap LDIFs
2023-11-16.15:49:14 [NOTICE] ** [openldap] Starting TLS configuration. Please wait
2023-11-16.15:49:15 [NOTICE] ** [openldap] Certificates: DH Param - Creating '/certs//dhparam.pem'
2023-11-16.15:49:53 [NOTICE] ** [openldap] Adding default top level data configuration
/assets/slapd/config/bootstrap/default/default.sh: line 35: READONLY_USER_PASS: command not found
2023-11-16.15:49:53 [NOTICE] ** [openldap] Adding read only (DSA) user
ldap_sasl_interactive_bind: Server is unwilling to perform (53)
additional info: authentication required
2023-11-16.15:49:53 [NOTICE] ** [openldap] Configuring LDAP client
2023-11-16.15:49:53 [NOTICE] ** [openldap] Enabling OpenLDAP scheduled backup routines
2023-11-16.15:49:53 [NOTICE] ** [openldap] Configuring PPolicy check modules
2023-11-16.15:49:53 [STARTING] ** [openldap] [1] Starting OpenLDAP 2.6.6
65563a21.2e039be0 0x7f5c2d426b48 @(#) $OpenLDAP: slapd 2.6.6 (Jul 31 2023 22:34:30) $
@buildkitsandbox:/tiredofit/openldap:2.6-7.6.3/servers/slapd
65563a21.2e86a550 0x7f5c2d426b48 slapd starting
2023-11-16.15:49:53 [STARTING] ** [monitoring] [1] Starting Zabbix Agent (modern) 6.4.2
2023-11-16.15:49:53 [STARTING] ** [scheduling] [1] Starting cron
date: invalid date ‘202311160400’
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Next Backup at 1970-01-02 00:00:00 GMT
sleep: invalid option -- '1'
Try 'sleep --help' for more information.
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Backing up configuration schemas
2023-11-16.15:49:58 [INFO] ** [openldap-backup] OpenLDAP Backup of 'config' completed successfully
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Backing up user data
2023-11-16.15:49:58 [INFO] ** [openldap-backup] OpenLDAP Backup of 'data' completed successfully
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Compressing backup with zstd
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Generating MD5 for '20231116-154958-openldap_openldap-65fd576b7f-cxm7n.tar.zst'
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Backup of 20231116-154958-openldap_openldap-65fd576b7f-cxm7n.tar.zst created with the size of 8881 bytes
2023-11-16.15:49:58 [INFO] ** [openldap-backup] Backup routines finish time: 2023-11-16 15:49:58 GMT with overall exit code 0
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Backup routines time taken: Hours: 0 Minutes: 00 Seconds: 00
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Sending Backup Statistics to Zabbix
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Cleaning up old backups
2023-11-16.15:49:58 [NOTICE] ** [openldap-backup] Sleeping for another 86400 seconds. Waking up at 2023-11-17 15:49:58 GMT

Environment

Possible fixes

It seems to me that this may be a simple typo. The error states: /assets/slapd/config/bootstrap/default/default.sh: line 35

This is the relevant code:

transform_file_var \
                ADMIN_PASS \
                READONLY_USER_USER
                READONLY_USER_PASS

Probably adding a \ to line 34 may solve the problem:

transform_file_var \
                ADMIN_PASS \
                READONLY_USER_USER \
                READONLY_USER_PASS
tiredofit commented 1 year ago

Thanks! Indeed that's a miss on my end. 2.6-7.6.4 will resolve this! https://github.com/tiredofit/docker-openldap/commit/03c8d00257f179dd1c93991bffad1959395a9248

dr-waterstorm commented 1 year ago

The error is gone and the init script seems to work now. I'll have to test if everything is working but so far it looks good. Thank you very much for the fast fix :)