Deprecate using osixia/openldap and setup test configuration using our own alpine/ldap container

2024-12-30 21:07:56 +11:00
parent 7e25000e68
commit e399b733e9
17 changed files with 153 additions and 118 deletions
--- a/tests/server/openldap/schema/add/30-sudorole.ldif
+++ b/tests/server/openldap/schema/add/30-sudorole.ldif
@@ -0,0 +1,61 @@
+dn: cn=sudorole,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: sudorole
+olcAttributeTypes: {0}( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser'
+  DESC 'User(s) who may  run sudo'
+  EQUALITY caseExactIA5Match
+  SUBSTR caseExactIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {1}( 1.3.6.1.4.1.15953.9.1.2
+  NAME 'sudoHost'
+  DESC 'Host(s) who may run sudo'
+  EQUALITY caseExactIA5Match
+  SUBSTR caseExactIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {2}( 1.3.6.1.4.1.15953.9.1.3
+  NAME 'sudoCommand'
+  DESC 'Command(s) to be executed by sudo'
+  EQUALITY caseExactIA5Match
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {3}( 1.3.6.1.4.1.15953.9.1.4
+  NAME 'sudoRunAs'
+  DESC 'User(s) impersonated by sudo'
+  EQUALITY caseExactIA5Match
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {4}( 1.3.6.1.4.1.15953.9.1.5
+  NAME 'sudoOption'
+  DESC 'Options(s) followed by sudo'
+  EQUALITY caseExactIA5Match
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {5}( 1.3.6.1.4.1.15953.9.1.6
+  NAME 'sudoRunAsUser'
+  DESC 'User(s) impersonated by sudo'
+  EQUALITY caseExactIA5Match
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {6}( 1.3.6.1.4.1.15953.9.1.7
+  NAME 'sudoRunAsGroup'
+  DESC 'Group(s) impersonated by sudo'
+  EQUALITY caseExactIA5Match
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+olcAttributeTypes: {7}( 1.3.6.1.4.1.15953.9.1.8
+  NAME 'sudoNotBefore'
+  DESC 'Start of time interval for which the entry is valid'
+  EQUALITY generalizedTimeMatch
+  ORDERING generalizedTimeOrderingMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+olcAttributeTypes: {8}( 1.3.6.1.4.1.15953.9.1.9
+  NAME 'sudoNotAfter'
+  DESC 'End of time interval for which the entry is valid'
+  EQUALITY generalizedTimeMatch
+  ORDERING generalizedTimeOrderingMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+olcAttributeTypes: {9} ( 1.3.6.1.4.1.15953.9.1.10
+  NAME 'sudoOrder'
+  DESC 'an integer to order the sudoRole entries'
+  EQUALITY integerMatch
+  ORDERING integerOrderingMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+olcObjectClasses: {0} ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL
+  DESC 'Sudoer Entries'
+  MUST ( cn )
+  MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ sudoOrder $ description ) )
--- a/tests/server/openldap/schema/add/30-uidpool.ldif
+++ b/tests/server/openldap/schema/add/30-uidpool.ldif
@@ -0,0 +1,12 @@
+##
+## Used for storing the next gid and next uid in the the directory
+##
+dn: cn=uidpool,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: uidpool
+olcObjectClasses: {0}( 1.3.6.1.4.1.7165.1.2.2.3 NAME 'uidPool' SUP top AUXILIARY
+       DESC 'Pool for allocating UNIX uids'
+       MUST ( uidNumber $ cn ) )
+olcObjectClasses: {1}( 1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' SUP top AUXILIARY
+       DESC 'Pool for allocating UNIX gids'
+       MUST ( gidNumber $ cn ) )