Add LDAP-based git identity and SSSD config for immediate git config setup#274
Merged
cmyers-mieweb merged 4 commits intomainfrom Apr 10, 2026
Merged
Add LDAP-based git identity and SSSD config for immediate git config setup#274cmyers-mieweb merged 4 commits intomainfrom
cmyers-mieweb merged 4 commits intomainfrom
Conversation
Install ldap-utils and add LDAP client/config and a profile script to auto-configure git user.name/email from LDAP on first interactive login. Copies ldap.conf to /etc/ldap, adds /etc/profile.d/git-identity.sh which uses ldapsearch and NSS (sssd) gecos to set global git config, and adjusts sssd.conf to map cn -> gecos (ldap_user_gecos = cn). Also updates Dockerfile to install ldap-utils and include the new files.
runleveldev
requested changes
Apr 8, 2026
cmyers-mieweb
commented
Apr 8, 2026
Install ldap-utils and add LDAP client/config and a profile script to auto-configure git user.name/email from LDAP on first interactive login. Copies ldap.conf to /etc/ldap, adds /etc/profile.d/git-identity.sh which uses ldapsearch and NSS (sssd) gecos to set global git config, and adjusts sssd.conf to map cn -> gecos (ldap_user_gecos = cn). Also updates Dockerfile to install ldap-utils and include the new files.
cmyers-mieweb
force-pushed
the
cmyers_wazuh-int
branch
from
6229f03 to
acda133
Compare
Enhance git-identity.sh to be more robust: only skip when both global user.name and user.email are set, ignore root, resolve LDAP baseDN via RootDSE (namingContexts / defaultNamingContext) when LDAP_BASE_DN isn't provided, and set user.name (from NSS gecos) and user.email (from LDAP) independently. Clean up temporary variables. Also remove the explicit ldap_user_gecos = cn mapping from sssd.conf since SSSD reads gecos by default; aligns git identity logic with SSSD behavior and handles multi-entry namingContexts.
…ce-server into cmyers_git-integration
runleveldev
approved these changes
Apr 9, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves: #256
Installs ldap-utils and adds LDAP client/config and a profile script to auto-configure git user.name/email from LDAP on first interactive login.
Copies ldap.conf to /etc/ldap, adds /etc/profile.d/git-identity.sh which uses ldapsearch and NSS (sssd) gecos to set global git config, and adjusts sssd.conf to map cn -> gecos (ldap_user_gecos = cn).
Also updates Dockerfile to install ldap-utils and include the new files.
This should allow for any user logging into any container to have
git configpreset and ready to go. This should work on any template derived from the base image.