|
|
@@ -43,7 +43,7 @@ file_env 'LDAP_READONLY_USER_PASSWORD'
|
|
|
[ -d /etc/ldap/slapd.d ] || mkdir -p /etc/ldap/slapd.d
|
|
|
|
|
|
# fix file permissions
|
|
|
-if [ "${DISABLE_CHOWN,,}" == "true" ]; then
|
|
|
+if [ "${DISABLE_CHOWN,,}" == "false" ]; then
|
|
|
chown -R openldap:openldap /var/lib/ldap
|
|
|
chown -R openldap:openldap /etc/ldap
|
|
|
chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
|
|
|
@@ -167,7 +167,7 @@ EOF
|
|
|
mv /tmp/schema/cn=config/cn=schema/* /etc/ldap/slapd.d/cn=config/cn=schema
|
|
|
rm -r /tmp/schema
|
|
|
|
|
|
- if [ "${DISABLE_CHOWN,,}" == "true" ]; then
|
|
|
+ if [ "${DISABLE_CHOWN,,}" == "false" ]; then
|
|
|
chown -R openldap:openldap /etc/ldap/slapd.d/cn=config/cn=schema
|
|
|
fi
|
|
|
fi
|
|
|
@@ -246,7 +246,7 @@ EOF
|
|
|
ssl-helper $LDAP_SSL_HELPER_PREFIX $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH
|
|
|
[ -f ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048
|
|
|
|
|
|
- if [ "${DISABLE_CHOWN,,}" == "true" ]; then
|
|
|
+ if [ "${DISABLE_CHOWN,,}" == "false" ]; then
|
|
|
chmod 600 ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH}
|
|
|
chown openldap:openldap $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH $PREVIOUS_LDAP_TLS_DH_PARAM_PATH
|
|
|
fi
|
|
|
@@ -354,7 +354,7 @@ EOF
|
|
|
[ -f ${LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048
|
|
|
|
|
|
# fix file permissions
|
|
|
- if [ "${DISABLE_CHOWN,,}" == "true" ]; then
|
|
|
+ if [ "${DISABLE_CHOWN,,}" == "false" ]; then
|
|
|
chmod 600 ${LDAP_TLS_DH_PARAM_PATH}
|
|
|
chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
|
|
|
fi
|
Bertrand Gouny