5.5 - Fix for ACLs not applying on first initialization

CHANGELOG.md

@@ -1,3 +1,7 @@
+## 5.5 2018-08-16 <dave at tiredofit dot ca>
+
+* Fix for ACLs not applying on initial boot 
+
 ## 5.4 2018-08-08 <dave at tiredofit dot ca>
 
 * Add alternative Password Checking Module ppm.so

Dockerfile

@@ -59,6 +59,7 @@ RUN set -x && \
         cyrus-sasl \
         coreutils \
         cracklib \
+        cracklib-words \
         libressl \
         libltdl \
         libuuid \

install/assets/slapd/config/bootstrap/ldif/02-security.ldif

@@ -1,6 +1,5 @@
 dn: olcDatabase={1}<BACKEND>,cn=config
 changeType: modify
-
 add: olcAccess
 olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,<BASE_DN>" write by anonymous auth by * none
 olcAccess: to * by self write by dn="cn=admin,<BASE_DN>" write by * none

install/assets/slapd/config/bootstrap/ldif/readonly-user/readonly-user-acl.ldif

@@ -4,4 +4,4 @@ delete: olcAccess
 -
 add: olcAccess
 olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,<BASE_DN>" write by anonymous auth by * none
-olcAccess: to * by self write by dn="cn=admin,<BASE_DN>" write by dn="cn=<READONLY_USER_USER>,<BASE_DN>" read by * none
+olcAccess: to * by self read by dn="cn=admin,<BASE_DN>" write by dn="cn=<READONLY_USER_USER>,<BASE_DN>" read by * none

install/etc/cont-init.d/10-openldap

@@ -25,7 +25,7 @@ function is_new_schema() {
 
 function ldap_add_or_modify (){
   local LDIF_FILE=$1
-  log-helper debug "Processing file ${LDIF_FILE}"
+  echo "** [openldap] Processing file ${LDIF_FILE}"
   sed -i "s|<BASE_DN>|${BASE_DN}|g" $LDIF_FILE
   sed -i "s|<BACKEND>|${BACKEND}|g" $LDIF_FILE
   if [ "${READONLY_USER,,}" == "true" ]; then
@@ -339,6 +339,7 @@ chown -R ldap:ldap /etc/openldap
       ldap_add_or_modify "$f"
     done
 
+
     # Add ppolicy schema
     echo "** [openldap] Adding ppolicy Schema"
     schema2ldif /etc/openldap/schema/ppolicy.schema && \