Description
Hey :)
First, thanks for taking the time to design that image! It's very practical and complete.
We've been trying to automate build of our own images based on this one in Bamboo,
but stumbled on a problem: upon running the tests, and as a result launching
the docker image, startup.sh chowns a bunch of stuff in /container including the certificates directly to openldap user.
When tests are ran from a CI environment, this results in a bunch of files in host filesystems to be chowned to openldap's in-container user, rendering them unable to be subsequently removed by the CI system.
I can see a few ways to solve that problem, but i'm not sure which one is the most appropriate:
- chmod 644 the certificates at startup rather than 600+chown, and set the host directory 600, effectively making the in-container files 644 without giving access to them on host.
- copy the certificate files on startup rather than affecting the mapped files directly
- perform BATS magic to circumvent the problem when running tests, such as ro'ing the files when mapping them to docker
I can propose a PR if you'd be so kind as to give some input on which method you consider best.
Regards, fir4