osixia
diff --git a/‎image/service/slapd/assets/security.ldif‎
Lines changed: 13 additions & 0 deletions b/‎image/service/slapd/assets/security.ldif‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎image/service/slapd/assets/ssl/dhparam.pem‎
Lines changed: 8 additions & 0 deletions b/‎image/service/slapd/assets/ssl/dhparam.pem‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎image/service/slapd/container-start.sh‎
Lines changed: 32 additions & 12 deletions b/‎image/service/slapd/container-start.sh‎
Lines changed: 32 additions & 12 deletions
diff --git a/‎test/config/cn=config.ldif‎
Lines changed: 3 additions & 3 deletions b/‎test/config/cn=config.ldif‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎test/config/cn=config/olcDatabase={1}hdb.ldif‎
Lines changed: 9 additions & 9 deletions b/‎test/config/cn=config/olcDatabase={1}hdb.ldif‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎test/database/__db.001‎
0 Bytes b/‎test/database/__db.001‎
0 Bytes
diff --git a/‎test/database/__db.002‎
0 Bytes b/‎test/database/__db.002‎
0 Bytes
diff --git a/‎test/database/__db.003‎
0 Bytes b/‎test/database/__db.003‎
0 Bytes
diff --git a/‎test/database/alock‎
0 Bytes b/‎test/database/alock‎
0 Bytes
diff --git a/‎test/database/log.0000000001‎
0 Bytes b/‎test/database/log.0000000001‎
0 Bytes
@@ -0,0 +1,13 @@
+dn: olcDatabase={1}hdb,cn=config 
+changetype: modify
+delete: olcAccess
+-
+add: olcAccess
+olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=example,dc=org" write by * none
+-
+add: olcAccess
+olcAccess: {1}to dn.base="" by * read
+-
+add: olcAccess
+olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=org" write by * none
+-
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7adhygsX/CvbcQBlSEKBmm0D0+hVfIttcftyFTuDPNok4yDJUBUF
+zzc7X/i3PUMzANhShBrngBaXbOhVk3QcjMC623TPhFmILx0r236+aQEUGnlwN73M
+RUFM6EblYgH4+E4nv+JLwzHdO72+qMAd92rtzVMiaDlCWghH6wdAFoasTsT6Posc
+F5T8WCkzFAZeVhNGRKPP6k3l2BjvRJzkwYMMJrxaIYznMEK6H5CYIqZcpeAB3d2B
+NaZXLxFCemLrSS16UHrH1modEe8yjrOaE5+ZesGAA9onsNRZkAJp0x/pRaO/+rHn
+Q5QVCQCzxY16UsLzH0q/P80xPMU7BMoocwIBAg==
+-----END DH PARAMETERS-----
@@ -9,6 +9,26 @@ chown -R openldap:openldap /etc/ldap
 # container first start
 if [ ! -e "$FIRST_START_DONE" ]; then
 
+  function get_base_dn(){
+    BASE_DN=""
+    IFS='.' read -ra BASE_DN_TABLE <<< "$LDAP_DOMAIN"
+    for i in "${BASE_DN_TABLE[@]}"; do
+      EXT="dc=$i,"
+      BASE_DN=$BASE_DN$EXT
+    done
+
+    BASE_DN=${BASE_DN::-1}
+  }
+
+  function is_new_schema(){
+    local COUNT=$(ldapsearch -Q -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config cn | grep -c $1)
+    if [ "$COUNT" -eq 0 ]; then
+      echo 1
+    else
+      echo 0
+    fi
+  }
+
   # database is uninitialized
   if [ -z "$(ls -A /var/lib/ldap)" ]; then
 
@@ -29,20 +49,21 @@ slapd slapd/dump_database select when needed
 EOF
 
     dpkg-reconfigure -f noninteractive slapd
-  fi
 
+    # start OpenLDAP
+    slapd -h "ldapi:///" -u openldap -g openldap
 
-function is_new_schema(){
-    local COUNT=$(ldapsearch -Q -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config cn | grep -c $1)
-    if [ "$COUNT" -eq 0 ]; then
-      echo 1
-    else
-      echo 0
-    fi
-  }
+    get_base_dn 
+    sed -i "s|dc=example,dc=org|$BASE_DN|g" /osixia/slapd/security.ldif
+
+    ldapmodify -Y EXTERNAL -Q -H ldapi:/// -f /osixia/slapd/security.ldif
+
+  else
 
-  # start OpenLDAP
-  slapd -h "ldapi:///" -u openldap -g openldap
+    # start OpenLDAP
+    slapd -h "ldapi:///" -u openldap -g openldap
+
+  fi
 
   # add ppolicy schema if not already exists
   ADD_PPOLICY=$(is_new_schema ppolicy)
@@ -64,7 +85,6 @@ function is_new_schema(){
     sed -i "s,/osixia/slapd/ssl/ldap.crt,/osixia/slapd/ssl/${SSL_CRT_FILENAME},g" /osixia/slapd/tls.ldif
     sed -i "s,/osixia/slapd/ssl/ldap.key,/osixia/slapd/ssl/${SSL_KEY_FILENAME},g" /osixia/slapd/tls.ldif
 
-    # set tls config
     ldapmodify -Y EXTERNAL -Q -H ldapi:/// -f /osixia/slapd/tls.ldif
 
     # add localhost route to certificate cn (need docker 1.5.0)
 
@@ -1,5 +1,5 @@
 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
-# CRC32 eb45b050
+# CRC32 46c15dd8
 dn: cn=config
 objectClass: olcGlobal
 cn: config
@@ -11,6 +11,6 @@ entryUUID: db089696-51e1-1034-95ec-9d03bc6be361
 creatorsName: cn=config
 createTimestamp: 20150226090154Z
 olcLogLevel: stats
-entryCSN: 20150505124437.961383Z#000000#000#000000
+entryCSN: 20150511154546.689799Z#000000#000#000000
 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
-modifyTimestamp: 20150505124437Z
+modifyTimestamp: 20150511154546Z
@@ -1,16 +1,11 @@
 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
-# CRC32 8b1aead3
+# CRC32 4f6c59f2
 dn: olcDatabase={1}hdb
 objectClass: olcDatabaseConfig
 objectClass: olcHdbConfig
 olcDatabase: {1}hdb
 olcDbDirectory: /var/lib/ldap
 olcSuffix: dc=test,dc=osixia,dc=net
-olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
- s auth by dn="cn=admin,dc=test,dc=osixia,dc=net" write by * none
-olcAccess: {1}to dn.base="" by * read
-olcAccess: {2}to * by self write by dn="cn=admin,dc=test,dc=osixia,dc=net" wri
- te by * read
 olcLastMod: TRUE
 olcRootDN: cn=admin,dc=test,dc=osixia,dc=net
 olcRootPW:: e1NTSEF9bU9FWlh4OUpPNmlhK1dkeFV4S0FKam43R3dmNVJrby8=
@@ -24,6 +19,11 @@ structuralObjectClass: olcHdbConfig
 entryUUID: db09539c-51e1-1034-95f6-9d03bc6be361
 creatorsName: cn=config
 createTimestamp: 20150226090154Z
-entryCSN: 20150226090154.826706Z#000000#000#000000
-modifiersName: cn=config
-modifyTimestamp: 20150226090154Z
+olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
+ s auth by dn="cn=admin,dc=example,dc=org" write by * none
+olcAccess: {1}to dn.base="" by * read
+olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=org" write by *
+  none
+entryCSN: 20150511151550.910171Z#000000#000#000000
+modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
+modifyTimestamp: 20150511151550Z