Missing package libldap-2.4.so.2 at runtime:5.0-buster-slim #68365
Comments
|
@brunohbrito - Thanks for bringing this to our attention. There are a couple factors we consider when adding dependencies.
|
MichaelSimons
added
area-dockerfiles
enhancement
|
There is any chance to Visual Studio identify which package is referenced during Add Docker Support from Solution Explorer? And auto add apt-get some required packages?
What do you think? So we can mitigate this kind of dependencies that isn't used on daily basis. |
|
@brunohbrito - I like the way you are thinking but I see a couple downfalls with the suggestion of making
One path I lean towards is that when dependencies are missing, that the runtime self identifies and provides clear guidance for resolving. |
|
I thought something like this in .csproj: <PackageReference Include="System.DirectoryServices.Protocols" Version="5.0.0-preview.6.20272.2">
<Dependency So="Linux" Package="libldap-2.4.so.2"/>
</PackageReference>Then |
|
Copied comment from @richlander at dotnet/dotnet-docker#2004 (comment) We have decided not to include this package in .NET container images, for any distro, and leaving it opt-in. This is due to the size impact. We consider the Directory Services API not to required by most containerized apps. We'd like feedback from folks that have other viewpoints. |
|
If we were to really invest in this, we'd get the NuGet package itself to carry the Linux package reference. The Linux package reference can be updated at any time. Carrying it in the project file isn't great. It also makes the project limited to one distro. Package names and versions are frequently not the same across distros (Debian vs Alpine) and same with versions (Debian 9 vs 10). This is an overly constrained problem. If more people ask for help on this, we'll consider doing something better. However, it's hard. |
|
cc @joperezr - Just an FYI that we've decided to not include the libldap package in our Docker images. |
|
Closing this per the decision to not include the libldap package in the Docker images. Feel free to keep the discussion going. |
|
I'm sorry, i didn't catch what is solution of this problem. |
|
@istretyakov - You would need to install the appropriate LDAP library in your Dockerfile. Examples provided below. Debian/Ubuntu: RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libldap \
&& rm -rf /var/lib/apt/lists/*Alpine: RUN apk add --no-cache \
libldap |
|
@mthalman maybe i need to create other issue, it's a question for me. I try to send LDAP request from Docker container. Windows: Linux: |
|
@istretyakov - It seems you've gotten past the missing dependencies, otherwise the errors would be about the library not being found. I would suggest filing a discussion post on your issue. Also, the |
|
I am getting the following error - Unable to load shared library 'libldap-2.4.so.2' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: liblibldap-2.4.so.2: cannot open shared object file: No such file or directory i am using the System.DirectoryServices.Protocols namespace for LdapConnection. have tried to install libldap in my docker image. in the following 3 ways but none of them worked. Here is my docker file i am getting the error in this line: when trying to initiate LdapConnection class. can someone help me here? |
|
@adithyasai i'm sorry, i don't remember, but I think i solved to use this library: |
Actually this is the best way to deal with LDAP. This component is extremely fast to connect and there are lot of options. It's a native implementation, while System's space use the Dll Import. |
|
@adithyasai - Your Dockerfile is installing the package in a Dockerfile stage that's not being used when running your app. It's being installed in the Here's the suggested update: #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libldap-2.4-2 \
&& rm -rf /var/lib/apt/lists/*
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["Ldaptest1/Ldaptest1.csproj", "Ldaptest1/"]
RUN dotnet restore "Ldaptest1/Ldaptest1.csproj"
COPY . .
WORKDIR "/src/Ldaptest1"
RUN dotnet build "Ldaptest1.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "Ldaptest1.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Ldaptest1.dll"] |
|
The alpine docker image for dotnet 7 preview 1 runs on alpine 3.15 and that has libldap 2.6 so hitting this problem again. I have to install libldap 2.4 to get it to work. Any chance libldap 2.6 will be supported in future dotnet preview? |
@joperezr - Are you aware of any compat issues with libldap 2.6? |
I haven't looked into 2.5 or 2.6 yet. We decided to PInvoke directly into 2.4 because at the time we added support for it, 2.4 had been released for 10+ years and there wasn't any indication that a new one would ship. Looks like 2.5 and 2.6 were released in late 2021 and introduced primarily load balancing support as well as transaction support. I don't think there should be anything preventing us from using 2.5 or 2.6 as well if present, so to answer @durranitech question, I believe that it would be feasible to think that a future version of dotnet will support them. Could you please log an issue on dotnet/runtime about this so we can investigate, assign and prioritize this? |
@joperezr - We need to ensure this works across all supported .NET versions (3.1, 5.0, 6.0). This is related to dotnet/core#6985. In Alpine 3.15, libldap 2.6 is all that's available so we must support it. |
Did this work for anyone. I am having the same issue and tried the above but I'm still getting the same error |
|
I was just reading this again. After thinking about it (and also recently talking to the Docker Tools for VS folks about something else), I do think that a VS solution is an OK direction. I get the point that it doesn't work for everyone/all places, but providing a value-add in VS for this would be good. The same would be said about ICU and Alpine. |
|
So I finally did get this to work with the following docker file I was still having issues with my connection not working with the cert so I add the libldap-common package and copied over a ldap.conf file that set the "TLS_REQCERT never", after that I was able to query the AD and authenticate users. |
|
I don't understand why you use this COPY ["Services/Identity/Identity.API/Certificate/ca_belcorpdc1.crt", "/usr/local/share/ca-certificates/"] Where you get ca_belcorpdc1.crt? |
|
Our system admin gave me the certificate so I copied to the project and this puts the certificate into the container and tells it to update it's certificates list. |
|
I have this error, Can you tell me what it could be? System.DllNotFoundException: Unable to load shared library 'ldap.so.2' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: libldap.so.2: cannot open shared object file: No such file or directory |
|
It looks like your container does not have the ldap library, That is what the RUN apt-get commands are for, they install it on the linux container. Add |
|
It's not working for me. My Dockerfile FROM mcr.microsoft.com/dotnet/aspnet:6.0-focal-amd64 AS base RUN apt-get update FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build WORKDIR /src FROM build AS publish FROM base AS final |
|
@ChrisHolcomb Can you please show your ldap.conf file. Below is my docker & its not working for me. #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM misnexusprd.corp.amdocs.com/microsoft-proxy/dotnet/aspnet:5.0 AS base FROM misnexusprd.corp.amdocs.com/microsoft-proxy/dotnet/sdk:5.0 AS build RUN apt-get update COPY ./ResetPassword.WebAPI/ldap.conf /etc/ldap/ COPY ./ResetPassword.WebAPI/Amdocs_Root_Certification_Authority.crt /etc/ssl/certs/ RUN update-ca-certificates FROM build AS publish FROM base AS final |
|
this is my ldap.conf file |
|
@ChrisHolcomb Its still not working for me :( I am getting below error : Unexpected error: System.DllNotFoundException: Unable to load shared library 'libldap-2.4.so.2' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: liblibldap-2.4.so.2: cannot open shared object file: No such file or directory\n at Interop.Ldap.ldap_get_option_int(IntPtr ldapHandle, LdapOption option, Int32& outValue)\n at Interop.Ldap..cctor() Below is my docker : #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build RUN apt-get update COPY ./ResetPassword.WebAPI/ldap.conf /etc/ldap/ COPY ./ResetPassword.WebAPI/Amdocs_Root_Certification_Authority.crt /etc/ssl/certs/ COPY ["ResetPassword.WebAPI/ResetPassword.WebAPI.csproj", "ResetPassword.WebAPI/"] FROM build AS publish FROM base AS final |
|
I changed lib, Now i am using Novell.Directory.Ldap.NETStandard and it's working for me to connect at Active Derectory From Docker / Linux; |
|
Can you send me the code to connect to AD & search for a user attributes. |
|
That won't work. You are installer the library in the Build container not the Base container. |
|
This issue is still getting significant activity. I propose we update the error message, like the following: Unable to load shared library 'libldap-2.4.so.2' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: liblibldap-2.4.so.2: cannot open shared object file: No such file or directory
See https://aka.ms/dotnet/ldap-dependency to learn more.From a container standpoint, I think think we made the best choice, to not install the ldap component. However, we need to do more to make this dependency problem self-diagnosable. Also, this document doesn't make any mention of a dangling dependency: https://docs.microsoft.com/dotnet/api/system.directoryservices.protocols.ldapconnection. Related, this dependency likely isn't constant across all distros. We should capture that somewhere, possibly at https://github.com/dotnet/core/blob/main/release-notes/6.0/linux-packages.md. /cc @joperezr |
dotnet-issue-labeler
bot
added
the
untriaged
|
@ChrisHolcomb I tried what you suggested. Now i am not getting DLL error. New Error: The feature is not supported. Code : Docker : #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM misnexusprd.corp.amdocs.com/microsoft-proxy/dotnet/aspnet:5.0 AS base RUN apt-get update COPY ./ResetPassword.WebAPI/DC2.cert.cer /usr/local/share/ca-certificates/ FROM misnexusprd.corp.amdocs.com/microsoft-proxy/dotnet/sdk:5.0 AS build COPY ./ResetPassword.WebAPI/Amdocs_Root_Certification_Authority.crt /etc/ssl/certs/ COPY ["./ResetPassword.WebAPI/ResetPassword.WebAPI.csproj", "ResetPassword.WebAPI/"] FROM build AS publish FROM base AS final |
|
Tagging subscribers to this area: @dotnet/area-system-directoryservices, @jay98014 Issue DetailsSteps to reproduce the issue
dotnet new nugetconfig
dotnet nuget add source -n dotnet5 https://dnceng.pkgs.visualstudio.com/public/_packaging/dotnet5/nuget/v3/index.json
var credential = new NetworkCredential("<username>", "<password>");
var connection = new LdapConnection(new LdapDirectoryIdentifier("<ip(13.0.0.0)>", 389, false, false), credential);
connection.Bind();
FROM mcr.microsoft.com/dotnet/core/runtime:5.0-buster-slim AS base
RUN apt-get update && apt-get install -y libldap-2.4-2
WORKDIR /app
FROM mcr.microsoft.com/dotnet/core/sdk:5.0-buster AS build
WORKDIR /src
COPY ["TesteLdap/TesteLdap.csproj", "TesteLdap/"]
COPY ["nuget.config", "/src"]
RUN dotnet restore "TesteLdap/TesteLdap.csproj" --configfile "nuget.config"
COPY . .
WORKDIR "/src/TesteLdap"
RUN dotnet build "TesteLdap.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "TesteLdap.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "TesteLdap.dll"]Expected behaviorRun without bugs Actual behaviorWe got this error at logs: Additional information (e.g. issue happens only occasionally)The next version of System.DirectoryServices.Protocols has a dependency of
|
|
This is now a dupe of #69456 as I believe that once that one is fixed (support libldap 2.x versions) then this issue will be resolved. Closing this issue in favor of that one which we are tracking for 7.0. |
ghost
locked as resolved and limited conversation to collaborators
Steps to reproduce the issue
Reference Dockerfile
Expected behavior
Run without bugs
Actual behavior
We got this error at logs:
Unable to load shared library 'libldap-2.4.so.2' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: liblibldap-2.4.so.2: cannot open shared object file: No such file or directoryAdditional information (e.g. issue happens only occasionally)
The next version of System.DirectoryServices.Protocols has a dependency of
libldap-2.4.related to:
The text was updated successfully, but these errors were encountered: