docker-openldap
docker-openldap copied to clipboard
osixia
slapd -VVV doesn't show the openldap / slapd version, just a build date
First, thank you for this container!
For legal reasons at work, I need to determine the version of openldap running in the container, but I only see (what appears to be) the build date:
[root@openldap-fci1 ~]# docker exec -it openldap /usr/sbin/slapd -VVV
@(#) $OpenLDAP: slapd (Aug 10 2017 19:12:46) $
Debian OpenLDAP Maintainers <[email protected]>
Included static backends:
config
ldif
Similarly for ldapsearch:
docker exec -it openldap /usr/bin/ldapsearch -VV
ldapsearch: @(#) $OpenLDAP: ldapsearch (Aug 10 2017 19:12:46) $
Debian OpenLDAP Maintainers <[email protected]>
(LDAP library: OpenLDAP 20444)
My best attempt is this:
# docker exec -it openldap find / \( -iname "*ldap*" -o -iname "*slapd*" \) | grep --color -E "2.4|$"
which suggests 2.4:
/etc/default/slapd
/etc/init.d/slapd
/etc/rc0.d/K01slapd
/etc/rc1.d/K01slapd
/etc/rc2.d/S01slapd
/etc/rc3.d/S01slapd
/etc/rc4.d/S01slapd
/etc/rc5.d/S01slapd
/etc/rc6.d/K01slapd
/etc/ldap
/etc/ldap/ldap.conf
/etc/ldap/slapd.d
/etc/ldap/slapd.d/docker-openldap-was-started-with-tls
/etc/ldap/schema/openldap.ldif
/etc/ldap/schema/openldap.schema
/lib/systemd/system/krb5-admin-server.service.d/slapd-before-kdc.conf
/lib/systemd/system/krb5-kdc.service.d/slapd-before-kdc.conf
find: ‘/proc/1/map_files’: Operation not permitted
find: ‘/proc/449/map_files’: Operation not permitted
find: ‘/proc/471/map_files’: Operation not permitted
find: ‘/proc/747/map_files’: Operation not permitted
/root/.ldaprc
/run/slapd
/run/slapd/ldapi
/usr/bin/ldapadd
/usr/bin/ldapcompare
/usr/bin/ldapdelete
/usr/bin/ldapexop
/usr/bin/ldapmodify
/usr/bin/ldapmodrdn
/usr/bin/ldappasswd
/usr/bin/ldapsearch
/usr/bin/ldapurl
/usr/bin/ldapwhoami
/usr/lib/x86_64-linux-gnu/krb5/plugins/kdb/kldap.so
/usr/lib/x86_64-linux-gnu/krb5/libkdb_ldap.so.1
/usr/lib/x86_64-linux-gnu/krb5/libkdb_ldap.so.1.0
/usr/lib/x86_64-linux-gnu/sasl2/libldapdb.so
/usr/lib/x86_64-linux-gnu/sasl2/libldapdb.so.2
/usr/lib/x86_64-linux-gnu/sasl2/libldapdb.so.2.0.25
/usr/lib/x86_64-linux-gnu/libldap-2.4.so.2
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.7
/usr/lib/ldap
/usr/lib/ldap/back_ldap-2.4.so.2
/usr/lib/ldap/back_ldap-2.4.so.2.10.7
/usr/lib/ldap/back_ldap.la
/usr/lib/ldap/back_ldap.so
/usr/lib/gnupg/dirmngr_ldap
/usr/sbin/kdb5_ldap_util
/usr/sbin/slapd
/usr/sbin/slapdn
/usr/share/doc/krb5-kdc-ldap
/usr/share/doc/ldap-utils
/usr/share/doc/libsasl2-modules-ldap
/usr/share/doc/slapd
/usr/share/doc/slapd/examples/slapd.conf
/usr/share/doc/libldap-2.4-2
/usr/share/doc/libldap-common
/usr/share/perl5/Debconf/DbDriver/LDAP.pm
/usr/share/slapd
/usr/share/slapd/slapd.conf
/usr/share/slapd/slapd.init.ldif
/var/backups/slapd-2.4.44+dfsg-5+deb9u1
/var/backups/slapd-2.4.44+dfsg-5+deb9u1/slapd.d
/var/lib/dpkg/info/krb5-kdc-ldap.conffiles
/var/lib/dpkg/info/krb5-kdc-ldap.list
/var/lib/dpkg/info/krb5-kdc-ldap.md5sums
/var/lib/dpkg/info/ldap-utils.list
/var/lib/dpkg/info/ldap-utils.md5sums
/var/lib/dpkg/info/libsasl2-modules-ldap:amd64.list
/var/lib/dpkg/info/libsasl2-modules-ldap:amd64.md5sums
/var/lib/dpkg/info/slapd.conffiles
/var/lib/dpkg/info/slapd.config
/var/lib/dpkg/info/slapd.list
/var/lib/dpkg/info/slapd.md5sums
/var/lib/dpkg/info/slapd.postinst
/var/lib/dpkg/info/slapd.postrm
/var/lib/dpkg/info/slapd.preinst
/var/lib/dpkg/info/slapd.prerm
/var/lib/dpkg/info/slapd.shlibs
/var/lib/dpkg/info/slapd.templates
/var/lib/dpkg/info/slapd.triggers
/var/lib/dpkg/info/libldap-2.4-2:amd64.list
/var/lib/dpkg/info/libldap-2.4-2:amd64.md5sums
/var/lib/dpkg/info/libldap-2.4-2:amd64.shlibs
/var/lib/dpkg/info/libldap-2.4-2:amd64.symbols
/var/lib/dpkg/info/libldap-2.4-2:amd64.triggers
/var/lib/dpkg/info/libldap-common.conffiles
/var/lib/dpkg/info/libldap-common.list
/var/lib/dpkg/info/libldap-common.md5sums
/var/lib/ldap
/var/lib/slapd
/container/run/process/slapd
/container/run/startup/slapd
/container/run/state/slapd-first-start-done
/container/run/service/slapd
/container/run/service/slapd/assets/certs/my-ldap.key
/container/run/service/slapd/assets/certs/my-ldap.crt
/container/run/service/slapd/assets/ldap.conf
/container/run/service/slapd/assets/.ldaprc
/container/run/environment/LDAP_LOG_LEVEL
/container/run/environment/LDAP_TLS_VERIFY_CLIENT
/container/run/environment/LDAP_ADMIN_PASSWORD
/container/run/environment/LDAP_TLS_KEY_FILENAME
/container/run/environment/LDAP_TLS_CA_CRT_FILENAME
/container/run/environment/LDAP_ORGANISATION
/container/run/environment/LDAP_DOMAIN
/container/run/environment/LDAP_TLS_CRT_FILENAME
/container/service/slapd
/container/service/slapd/assets/certs/my-ldap.key
/container/service/slapd/assets/certs/my-ldap.crt
Is there a better way? In future, could you also print the version?
Hello, the slapd version is written at the top of the README.md :
Latest release: 1.2.2 - OpenLDAP 2.4.44
i know nobody read the readme... :D
so maybe this command can also help dpkg -s slapd | grep Version:
Version: 2.4.44+dfsg-5+deb9u2
Thanks, I work with Sean. Two things
- Can your team update the image to openldap 2.4.46? This way we get all the latest fixes https://www.openldap.org/software/download/
- It would be ideal if you can get the /usr/sbin/slapd -V command to work inside the container Thanks for any help
BertandGouny, I'll pay you out of my own pocket $25 USD if you do the two things I asked for. The upgrade should be very straightforward (you may have to recreate the docker image with the same scripts you have but run with the 2.4.46 install) and the slapd -V command is a mystery to me. I know it is not much, but send me a private note or email with your paypal or venmo info and I'll send you the money, once the work is done, This is on behalf of me and not my company IBM.
thanks for your offer, but we are not planning to do so.
But will be happy to quickly merge any pull request.
Two updates:
-
The
slapd -Vproblem may be related to the underlying Dockerfile'sFROM debian:stretch-slimandFROM debian:stretch, where if you justbuild -t mytest .then inside the container do,apt update; apt install -y slapd; slapd -Vyou'll get the same behavior described in this issue's title -
For the "can you update openldap to 2.4.46" question, you can if you're willing to use Debian backports, like this:
How to use the latest (or roughly latest) openldap components with osixia:
- Prepare:
git clone https://github.com/osixia/docker-openldap.git
vim docker-openldap/image/Dockerfile
- on line 13: add the following
# Add stretch-backports in preparation for downloading newer openldap components, especially sladp
RUN echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/sources.list
- On roughly line 23 (starts with
&& LC=C DEBIAN_FRONTEND...), change:
apt-get install
to
apt-get -t stretch-backports install
- Build the new Docker image. For example:
docker build -t osixia/openldap-backport:1.2.2
- Run the Docker image like you'd normally do. For example:
docker run --rm --name openldap -d osixia/openldap-backport:1.2.2
- Verify:
docker exec openldap-test /bin/sh -c 'dpkg -s slapd | grep Version'
Version: 2.4.46+dfsg-5~bpo9+
Without the backport changes, it (currently) says:
Version: 2.4.44+dfsg-5+deb9u1
This is a known bug in Debian's build process that strips the version. It should be addressed in some future point.
ill add another 25$ because of the time I lost searching for this thread :)
the bug still exist for the Debian. At least for the 2.4.45 version.
/usr/sbin/slapd -VV
@(#) $OpenLDAP: slapd (Ubuntu) (Nov 16 2020 13:40:57) $
Debian OpenLDAP Maintainers <[email protected]>
For the record, the version missing from -V output was a bug caused by a Debian patch and has been fixed in the 2.4.49 and later packages. The updated package also tweaks the version string to include the Debian revision, which is helpful for tracking exactly which patches or fixes are included. Now it should look like this:
@(#) $OpenLDAP: slapd 2.4.59+dfsg-1 (Aug 27 2021 16:42:31) $
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864637
openldap (2.4.49+dfsg-3) unstable; urgency=medium
* Drop patch no-AM_INIT_AUTOMAKE. Instead, configure dh_autoreconf to skip
automake by setting AUTOMAKE=/bin/true. (Closes: #864637)
* debian/patches/debian-version: Show Debian version, instead of upstream
version, in version strings.
