github.com/tommi2day/pwcli@v0.0.0-20240317203041-4d1177a5ab91/test/docker/ldap/entrypoint/modify_config.sh

github.com/tommi2day/pwcli@v0.0.0-20240317203041-4d1177a5ab91/test/docker/ldap/entrypoint/modify_config.sh (about)

     1  #!/bin/bash
     2  . /opt/bitnami/scripts/libopenldap.sh
     3  
     4  #start ldap to modify ACL
     5  ldap_start_bg
     6  
     7  ldapmodify -Y EXTERNAL -H ldapi:/// -D cn=config <<EOF
     8  dn: olcDatabase={0}config,cn=config
     9  changetype: modify
    10  replace: olcAccess
    11  olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth" manage by dn.base="cn=admin,dc=example,dc=local" manage by * none
    12  EOF
    13  
    14  ldapmodify -Y EXTERNAL -H ldapi:/// -D cn=config <<EOF
    15  dn: olcDatabase={2}mdb,cn=config
    16  changetype: modify
    17  replace: olcAccess
    18  olcAccess: {0}to attrs=userPassword,shadowLastChange,sshPublicKey by self write by dn.base="cn=admin,dc=example,dc=local" write by anonymous auth by * none
    19  olcAccess: {1}to * by self write by dn.base="gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth" manage by dn.base="cn=admin,dc=example,dc=local" manage by * read
    20  EOF
    21  
    22  ldapmodify -Y EXTERNAL -H ldapi:/// -D cn=config <<EOF
    23  dn: olcDatabase={-1}frontend,cn=config
    24  changetype: modify
    25  replace: olcSizeLimit
    26  olcSizeLimit: 2000
    27  EOF
    28  
    29  # stop ldap again
    30  ldap_stop