[
https://issues.apache.org/jira/browse/FC-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17467472#comment-17467472
]
Shawn McKinney commented on FC-305:
-----------------------------------
The change here would require using Symas OpenLDAP 2.5 packages, published here:
https://repo.symas.com/repo/deb/main/release25
The current openldap images we're using use default debian (7) packages. Why
not continue to use those?
Disclaimer: Symas is my employer.
1. The debian packages are OpenLDAP 2.4 which is EOL.
2. The Symas deb packages use OpenLDAP 2.5 which are currently on Long Term
Support
3. Symas no longer pulls or uses any source that isn't part of the public
OpenLDAP repo. That means the builds are based on official OpenLDAP release.
The Pros for this change:
1. Using current OpenLDAP release
2. Using current Debian release v11 (bullseye)
3. Fortress testing is based on correct OpenLDAP likely to be run in
production.
The Cons:
1. The image size has grown, from about 80 MB to 120 MB. The reason, the new
image is Debian 11 slim, which is about 40MB larger than the Deb 7 base image.
> Upgrade OpenLDAP Docker Container
> ---------------------------------
>
> Key: FC-305
> URL: https://issues.apache.org/jira/browse/FC-305
> Project: FORTRESS
> Issue Type: Improvement
> Affects Versions: 2.0.7
> Reporter: Shawn McKinney
> Assignee: Shawn McKinney
> Priority: Major
> Fix For: 2.0.8
>
>
> A number of improvements:
> - upgrade to OpenLDAP 2.5
> - run as non-root user
> - update slapd.conf, schema supports, ACL's
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
