#!/bin/bash # already INSIDE the container # start slapd in the background echo "Starting slapd service..." # slapd start command, running in the background (&) /usr/sbin/slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d & # wait briefly for the service to start sleep 3 # check if slapd started successfully SLAPD_PID=$! if kill -0 $SLAPD_PID 2>/dev/null; then echo "OpenLDAP slapd service started successfully with PID: $SLAPD_PID" else echo "OpenLDAP slapd already running with PID: $SLAPD_PID" fi echo "Creating and enabling Administrator user..." # get a hashed password HASH_PWD="$(sh -c 'slappasswd -s 0p3nLd4p!')" # create the .ldif file to create the admin user with the hashed password cat > create_admin.ldif << EOF dn: cn=admin,dc=example,dc=com changetype: add objectClass: organizationalRole objectClass: simpleSecurityObject cn: admin description: LDAP administrator userPassword: ${HASH_PWD} EOF # call the LDAP server to add it ldapadd -x -H ldap:/// -D "cn=admin,dc=example,dc=com" -w admin -f create_admin.ldif echo "Loading and enabling policies module..." # create a .ldif file to specify we are going to load the policies module cat > modify_ppolicy_module.ldif << EOF dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: ppolicy.so EOF # load the policies module in our openLDAP server ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f modify_ppolicy_module.ldif # we need to restart the openLDAP in order to enable the new module echo "Restarting slapd service to enable policies..." # we look for the pid of slapd, and kill it kill $(pidof slapd) # wait 3 seconds and restart it in background mode sleep 3 /usr/sbin/slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d & # we wait 3 more seconds to continue sleep 3 # we prepare the .ldif file to enable the policies module already loaded cat > enable_ppolicy.ldif << EOF dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcPPolicyConfig olcOverlay: ppolicy olcPPolicyDefault: cn=default,ou=policies,dc=example,dc=com EOF # enable the policies module ldapadd -Q -Y EXTERNAL -H ldapi:/// -f enable_ppolicy.ldif echo "openLDAP framework ready." # execute the command passed to the container # 'exec' replaces the script process with the command (e.g., /bin/bash), # ensuring the container stays alive as long as that command runs interactively. echo "Executing: $@" exec "$@"