11 Feb
2025
11 Feb
'25
10:40 a.m.
echo "127.0.0.2 ldap.example.com" >> /etc/hosts
to prevent the running ldap server from syncing during image building. However when using DOCKER_BUILDKIT=1 this is not possible any more (read only fs).
I was wondering if it is possible to start slapd so it does not start
syncing?
I would not start it in the first place... Otherwise maybe don't give it network access?
currenlty my method is retrieving ldif files from some config storage (that is on same network as ldap server), do sometimes some sed stuff, and then I import them like this:
ldapadd -Q -D "cn=admin,cn=config" -Y EXTERNAL -H ldapi:/// -f $SLAPD_CFG_DIR/change-modules.ldif
So this way I have direct feedback if one of the ldifs is not compatible with some slapd upgrade.