Closed GinoHarlos closed 1 year ago
Please be lenient because this is my first pull request. Feel free to give any kind of feedback so that I can improve myself :)
Please describe the changes with a few sentences.
Please describe the changes with a few sentences.
Please describe the changes with a few sentences.
( openssl ... -traditional ... )
Ok, merged manually (via detour of Univention gitlab).
Updated docker image is uploaded too: https://hub.docker.com/r/univention/univention-corporate-server/tags
Please make sure you considered the following things
Link to the issue in Bugzilla
Please scroll to the end ( Live patches are included ).
Description of the changes
Please describe the changes with a few sentences. ( So sorry there are quite a lot of changes and now we have about a year after the first initial commit ... :)
Motivation
Documentation changes
Dockerfile changes
BugFixes
Features
LDIF
import to expand the LDAP on a primary directory nodedcwait
to wait for a primary directory node ( very useful for docker-compose )BACKUPS
for restoring/recreating a primary directory nodeslimify
option to save resourcesUnanswered questions
LDIF
: I couldn't find any rules for creating new ucr keys in the documentation. Can the temporary ucr keys ( only during the import process ) be used as follows and what is the range of uidNumber?BACKUPS
: What should be recoverable on a primary directory node from univention's point of view?root/usr/lib/univention-container-mode/recreate/*-restore
slimify
: Are the files ( for example/usr/share/doc/*/changelog.Debian.gz
) really mandatory for an installation process? Is there anything else inside a very slim container you could do without?Is there more?
univention-container-role-server-common
andunivention-container-role-common
? If that were possible like so and of course without any bootloader or linux kernel image. ( Bug#54342 )Based on the file
/etc/apt/apt.conf.d/55user_agent
from any UCS and Bug#54335. Would it make sense to expand this collection by the following points? With two/three different stages for build plus firstboot or recreate and finaly the default UCS file. But without the errata level. (univention-updater
are not installed anduuid/system
,uuid/license
are not initialized at this time )Dokerfile
androot/usr/lib/univention-container-mode/*/00-aA-APT-USER-AGENT-Aa-00
Or maybe with a CI/CD flag too? ( but you can't detect the CI/CD system inside a docker or podman build ... )
Should a bug report be opened for the new slapd.service? Looking forward, we are on systemd.
Lastly, could we patch
/usr/sbin/univention-certificate
for the newdcwait
feature. Bug#54311What were and are your test criteria?
univention-check-join-status | grep -E -q "^Joined successfully" && echo SUCCESSFULY
docker run ... --env DEBUG=TRUE ...
looks nice and all run-parts are successfulysystemctl list-units --state failed
looks nice after restarting the container onceIs there any fork to test it?
Live patches are included!
root/usr/lib/univention-container-mode/*/{40,60}-setup-pre-secret-max-len-patch
root/usr/lib/univention-container-mode/*/40-setup-pre-certificate-patch
root/usr/lib/univention-container-mode/*/50-setup-system-container-role-common
root/usr/lib/univention-container-mode/*/50-setup-patches