> > > > echo "127.0.0.2 ldap.example.com" >> /etc/hosts > > > > to prevent the running ldap server from syncing during image building. > > However when using DOCKER_BUILDKIT=1 this is not possible any more > > (read only fs). > > > > I was wondering if it is possible to start slapd so it does not start > syncing? > > I would not start it in the first place... Otherwise maybe don't give it > network access?
currenlty my method is retrieving ldif files from some config storage (that is on same network as ldap server), do sometimes some sed stuff, and then I import them like this: ldapadd -Q -D "cn=admin,cn=config" -Y EXTERNAL -H ldapi:/// -f $SLAPD_CFG_DIR/change-modules.ldif So this way I have direct feedback if one of the ldifs is not compatible with some slapd upgrade.
