6 years ago · 14ca0001ba
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
				 ## Added
			
 
				   - Support for docker secrets #325. Thanks to @anagno !
			
 
				   - Add DISABLE_CHOWN environment variable #240
			
 
				+  - pqChecker lib to check passwords strength with ppolicy pwdCheckModule
			
 
				 
			
 
				 ### Fixed
			
 
				   - Fix of incorrectly positioned 'log-helper debug' command #327. Thanks to @turcan !
			
--- a/image/Dockerfile
+++ b/image/Dockerfile
@@ -5,6 +5,9 @@ FROM osixia/light-baseimage:1.1.2
 
				 ARG LDAP_OPENLDAP_GID
			
 
				 ARG LDAP_OPENLDAP_UID
			
 
				 
			
 
				+ARG PQCHECKER_VERSION=2.0.0
			
 
				+ARG PQCHECKER_MD5=c005ce596e97d13e39485e711dcbc7e1
			
 
				+
			
 
				 # Add openldap user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
			
 
				 # If explicit uid or gid is given, use it.
			
 
				 RUN if [ -z "${LDAP_OPENLDAP_GID}" ]; then groupadd -r openldap; else groupadd -r -g ${LDAP_OPENLDAP_GID} openldap; fi \
			
@@ -18,17 +21,24 @@ RUN echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/s
 
				 #          https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:ssl-tools/download.sh
			
 
				 RUN echo "path-include /usr/share/doc/krb5*" >> /etc/dpkg/dpkg.cfg.d/docker && apt-get -y update \
			
 
				     && /container/tool/add-service-available :ssl-tools \
			
 
				-	  && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backports install -y --no-install-recommends \
			
 
				-       ldap-utils \
			
 
				-       libsasl2-modules \
			
 
				-       libsasl2-modules-db \
			
 
				-       libsasl2-modules-gssapi-mit \
			
 
				-       libsasl2-modules-ldap \
			
 
				-       libsasl2-modules-otp \
			
 
				-       libsasl2-modules-sql \
			
 
				-       openssl \
			
 
				-       slapd \
			
 
				-       krb5-kdc-ldap \
			
 
				+    && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backports install -y --no-install-recommends \
			
 
				+    ca-certificates \
			
 
				+    curl \
			
 
				+    ldap-utils \
			
 
				+    libsasl2-modules \
			
 
				+    libsasl2-modules-db \
			
 
				+    libsasl2-modules-gssapi-mit \
			
 
				+    libsasl2-modules-ldap \
			
 
				+    libsasl2-modules-otp \
			
 
				+    libsasl2-modules-sql \
			
 
				+    openssl \
			
 
				+    slapd \
			
 
				+    krb5-kdc-ldap \
			
 
				+    && curl -o pqchecker.deb -SL http://www.meddeb.net/pub/pqchecker/deb/8/pqchecker_${PQCHECKER_VERSION}_amd64.deb \
			
 
				+    && echo "${PQCHECKER_MD5} *pqchecker.deb" | md5sum -c - \
			
 
				+    && dpkg -i pqchecker.deb \
			
 
				+    && rm pqchecker.deb \
			
 
				+    && apt-get remove -y --purge --auto-remove curl ca-certificates \
			
 
				     && apt-get clean \
			
 
				     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*