How to install a binary on a container with no package manager

Hi everyone,

I need to enroll an artifactory container to my freeipa server using the ipa-client-install,

But my artifactory container has no package manager,
They also dont provide the dockerfile environment so i cannot do my own build,

So i dont see any way to setup artifactory with my ldap server,
Do anyone have an idea on how to achieve that ?

Can you provide a little context? What’s an artifactory container (link?) and what’s an freeipa server?

You probably need to go into the container, find out what kind of system it is based upon, then work from there. We need more info to help.

Hi @bluepuma77 !

Freeipa is an Identity Access Manager that can handle LDAP, AD, it can act as a bind DNS and its using kerberos for authentication,
(Image used freeipa/freeipa-server:almalinux-9)

The Artifactory i have is a container registry that allow to connect to an LDAP server for access management,
(Image used releases-docker.jfrog.io/jfrog/artifactory-jcr:7.71.5)

But for that i need to “Enroll” my artifactory container to the freeipa server because he use kerberos to authenticate the clients,
So i need to install freeipa client, who install all the dependencies (kerberos, …),

apt-cache depends freeipa-client
freeipa-client
  Depends: bind9-utils
  Depends: certmonger
  Depends: curl
  Depends: dnsutils
    bind9-dnsutils
  Depends: freeipa-common
  Depends: krb5-user
  Depends: libnss3-tools
  Depends: libnss-sss
  Depends: libpam-sss
  Depends: libsasl2-modules-gssapi-mit
  Depends: libsss-sudo
  Depends: oddjob-mkhomedir
  Depends: python3-dnspython
  Depends: python3-ipaclient
  Depends: python3-gssapi
  Depends: python3-ldap
  Depends: python3-sss
  Depends: sssd
  Depends: <python3:any>
    python3
  Depends: libc6
  Depends: libcom-err2
  Depends: libcurl4
  Depends: libini-config5
  Depends: libjansson4
  Depends: libk5crypto3
  Depends: libkrb5-3
  Depends: libldap-2.5-0
  Depends: libpopt0
  Depends: libssl3
  Recommends: chrony
  Suggests: libpam-krb5

And execute the binary ipa-client-install from this package to configure kerberos,

But here is the history of Artifactory :

sha256:ec0f81527edac6b39451e8793bbfede7ce0c2eceb5686b2a01fc070a4844924c   2 months ago   ENTRYPOINT ["/entrypoint-artifactory.sh"]                                                                                                                                                                                                                                                                                                                                                                                                        0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   WORKDIR /opt/jfrog/artifactory                                                                                                                                                                                                                                                                                                                                                                                                                   0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   VOLUME [/var/opt/jfrog/artifactory]                                                                                                                                                                                                                                                                                                                                                                                                              0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   USER artifactory                                                                                                                                                                                                                                                                                                                                                                                                                                 0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   RUN /bin/sh -c chmod -R 777 ${JF_PRODUCT_DATA_INTERNAL} &&     mkdir -p ${ARTIFACTORY_BOOTSTRAP} &&     chmod -R 755 ${ARTIFACTORY_BOOTSTRAP} &&     chown -R ${JF_ARTIFACTORY_USER}:${JF_ARTIFACTORY_USER} ${ARTIFACTORY_BOOTSTRAP} # buildkit                                                                                                                                                                                                  52kB      buildkit.dockerfile.v0
<missing>                                                                 2 months ago   COPY /var/opt/jfrog/artifactory /var/opt/jfrog/artifactory # buildkit                                                                                                                                                                                                                                                                                                                                                                            52kB      buildkit.dockerfile.v0
<missing>                                                                 2 months ago   COPY /opt/jfrog/artifactory /opt/jfrog/artifactory # buildkit                                                                                                                                                                                                                                                                                                                                                                                    1.77GB    buildkit.dockerfile.v0
<missing>                                                                 2 months ago   EXPOSE map[8081/tcp:{}]                                                                                                                                                                                                                                                                                                                                                                                                                          0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   COPY third-party-apps-amd64/artifactory-jcr-7.71.5/app/third-party /opt/jfrog/artifactory/app/third-party # buildkit                                                                                                                                                                                                                                                                                                                             420MB     buildkit.dockerfile.v0
<missing>                                                                 2 months ago   RUN /bin/sh -c chmod +x /entrypoint-artifactory.sh &&     mkdir -p ${JF_PRODUCT_HOME}/app &&     chown ${JF_ARTIFACTORY_USER}:${JF_ARTIFACTORY_USER} ${JF_PRODUCT_HOME} # buildkit                                                                                                                                                                                                                                                               0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   COPY entrypoint-artifactory.sh / # buildkit                                                                                                                                                                                                                                                                                                                                                                                                      5.53kB    buildkit.dockerfile.v0
<missing>                                                                 2 months ago   COPY Dockerfile.artifactory /docker/artifactory-jcr/ # buildkit                                                                                                                                                                                                                                                                                                                                                                                  3.92kB    buildkit.dockerfile.v0
<missing>                                                                 2 months ago   ENV JF_ARTIFACTORY_USER=artifactory ARTIFACTORY_VERSION=7.71.5 LIBAIO_VERSION=0.3.113-1 ARTIFACTORY_BOOTSTRAP=/artifactory_bootstrap JF_PRODUCT_HOME=/opt/jfrog/artifactory JF_PRODUCT_DATA_INTERNAL=/var/opt/jfrog/artifactory RECOMMENDED_MAX_OPEN_FILES=32000 MIN_MAX_OPEN_FILES=10000 RECOMMENDED_MAX_OPEN_PROCESSES=1024 LANG=C.utf8 TARGETARCH=amd64                                                                                       0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   ARG TARGETARCH                                                                                                                                                                                                                                                                                                                                                                                                                                   0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   ARG LIBAIO_VERSION                                                                                                                                                                                                                                                                                                                                                                                                                               0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   ARG ARTIFACTORY_VERSION                                                                                                                                                                                                                                                                                                                                                                                                                          0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   USER root                                                                                                                                                                                                                                                                                                                                                                                                                                        0B        buildkit.dockerfile.v0
<missing>                                                                 2 months ago   LABEL maintainer=devops@jfrog.com                                                                                                                                                                                                                                                                                                                                                                                                                0B        buildkit.dockerfile.v0
<missing>                                                                 3 months ago   RUN /bin/sh -c groupadd -g 1030 artifactory    && useradd -Ms /bin/bash  -g artifactory -u 1030 artifactory # buildkit                                                                                                                                                                                                                                                                                                                           3.62kB    buildkit.dockerfile.v0
<missing>                                                                 3 months ago   COPY /mnt/rootfs/ / # buildkit                                                                                                                                                                                                                                                                                                                                                                                                                   115MB     buildkit.dockerfile.v0
<missing>                                                                 3 months ago   /bin/sh -c #(nop) LABEL "release"="15.1696515526" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2023-10-05T14:26:21" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="1fe65958f0b903c34b9f4e297121f45d958e4ae8" "io.k8s.description"="Very small image which doesn't install the package manager." "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/ubi-micro/images/9.2-15.1696515526"   24.3MB    

And the problem is the container use a base image (see last line of the history) that doesnt install any package manager (for lightfull and security purpose i guess),
So i really dont know how to install something on it as docker doesnt act as a packet manager,

I though about :

  • Installing the dependencies myself = to much complicated to handle dependencies
  • Install RPM so he does that to me, and uninstallt it after = kinda the same but maybe the optimal solution
  • Merge artifactory container with the neighbour of the base image he is using that contain rpm package manager,

But they are kind of a PITA, and maybe i could force my container using the docker host that is enroleld but i dont see how (and freeipa doesnt give any documentation about containerized client enrollment).

So would someone know what could be the optimal way of doing that ?

Thank you vertu much and have a good day,

That seems a very niche problem. Did you check their knowledge base, ask jfrog support or check in a jfrog/artifactory related forum?

Hi, thank you for your support,
There seems to be no forum for freeipa or artifactory,
Thats why i try to talk about my problem in a generic way,
I’ll try to ask the repo of the image to jfrog to be able to rework it,

Thanks for your help !

I am afraid this image is so hardened that it can’t be extended conveniently.

Since curl is available inside the image, you could potentially download binary releases, extract them and do whatever necessary. Though, this is not going to be convenient.

Thus said, your best bet seems to be to find the source repository used to create the image, or to create your own image from the scratch.