Bug#1067439: cpu: undefined symbol globalLdap in libcpu_ldap.so on Debian 12
Package: cpu Version: 1.4.3-13+b1 Severity: grave Justification: renders package unusable Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** It was working on Debian 11, but after upgrading to Debian 12 just calling the program make it crash: root@davis:~# cpu CPU_loadLibrary: dlopen(libcpu_ldap.so, RTLD_NOW) failed. CPU_loadLibrary: /lib/x86_64-linux-gnu/libcpu_ldap.so: undefined symbol: globalLdap There was an error loading the ldap library. Exiting. Regards Simone -- System Information: Debian Release: 12.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-18-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cpu depends on: ii debconf [debconf-2.0] 1.5.82 ii libc6 2.36-9+deb12u4 ii libcrack2 2.9.6-5+b1 ii libcrypt1 1:4.4.33-2 ii libldap-2.5-0 2.5.13+dfsg-5 ii ucf3.0043+nmu1 cpu recommends no packages. cpu suggests no packages. -- debconf information: cpu/ldap/BIND_PASS: (password omitted) cpu/ldap/USER_BASE: ou=People,dc=truelite,dc=it cpu/ldap/BIND_DN: cn=admin,dc=truelite,dc=it cpu/ldap/GROUP_BASE: ou=Group,dc=truelite,dc=it cpu/ldap/LDAP_URI: ldap://localhost cpu/do_debconf: true
Bug#992269: texlive-bibtex-extra: Missing beebe bst stiles like abstract.bst
I could find the file in CTAN, is here: http://tug.ctan.org/tex-archive/biblio/bibtex/contrib/misc/abstract.bst -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597
Bug#1029024: isc-dhcp-server: apparmor blocks reading files outside /etc/dhcpd
Package: isc-dhcp-server Version: 4.4.3-P1-1.1 Severity: normal Dear Maintainer, After upgrading from version 4.4.3-P1-1 to 4.4.3-P1-1.1 the added apparmor configurations block the include of files outside /etc/dhcp/, like DDNS TSIG keys definition that are usually installed under /etc/bind. I can understand avoiding to read files everywhere, but the use of TSIG keys defined by bind with is quite a common usage, that stop working with misleading permission denied error for readable files. This break previously working configurations, whitout a note in the changelog. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.0.0-6-amd64 (SMP w/1 CPU thread; PREEMPT) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages isc-dhcp-server depends on: ii debconf [debconf-2.0] 1.5.80 ii debianutils5.7-0.4 ii libc6 2.36-7 ii lsb-base 11.5 ii sysvinit-utils [lsb-base] 3.06-2 Versions of packages isc-dhcp-server recommends: ii isc-dhcp-common 4.4.3-P1-1.1 ii policycoreutils 3.4-1 Versions of packages isc-dhcp-server suggests: ii ieee-data 20220827.1 pn isc-dhcp-server-ldap pn policykit-1 -- Configuration Files: /etc/dhcp/dhcpd.conf changed: authoritative; ddns-update-style standard; option local-pac-server code 252 = text; option local-pac-server "http://proxy.institute.lan:80/wpad.dat;; allow booting; include "/etc/bind/bookworm.institute.lan.key"; zone institute.lan. { primary 127.0.0.1; key bookworm.institute.lan; } subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.10 192.168.1.100 ; option domain-name-servers 192.168.1.1; option domain-name "institute.lan"; option routers 192.168.1.1; option ntp-servers 192.168.1.1; default-lease-time 86400; max-lease-time 172800; next-server 192.168.1.1; } zone 1.168.192.in-addr.arpa. { primary 127.0.0.1; key bookworm.institute.lan; } option architecture-type code 93 = unsigned integer 16; class "pxeclients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; if option architecture-type = 00:00 { filename "/pxelinux.0"; } elsif option architecture-type = 00:09 { filename "/efi/syslinux.efi"; } elsif option architecture-type = 00:07 { filename "/efi/syslinux.efi"; } elsif option architecture-type = 00:06 { filename "/efi/syslinux.efi"; } } include "/etc/fuss-server/dhcp-reservations"; include "/etc/dhcp/dhcpd-added.conf"; -- debconf information: isc-dhcp-server/interfaces:
Bug#992269: texlive-bibtex-extra: Missing beebe bst stiles like abstract.bst
Il 29/05/22 16:46, Hilmar Preuße ha scritto: Not sure what your real issue is: the fact that the file is gone (I do not know yet, why it happened) or the fact that it is still listed on packages.debian.org? The latter should rather be reported to www.debian.org as the file is really gone. The issue is the missing file, abstract.bst it's a quite useful bibliography style, that was present from ages and now is not there anymore. Don't care too much about the fact is still listed, if it's absent in the package. I had to copy the content of the dir /usr/share/texlive/texmf-dist/bibtex/bst/beebe/ from buster and execute mktexlsr, but I'd like to know why this directory has been removed (while /usr/share/texlive/texmf-dist/bibtex/bib/beebe/ is still there). Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597
Bug#992269: texlive-bibtex-extra: Missing beebe bst stiles like abstract.bst
Package: texlive-bibtex-extra Version: 2020.20210202-3 Severity: normal X-Debbugs-Cc: picca...@truelite.it Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** Compiling latex book that was using abstract.bst Bibtex style do not give references, due to its absence. It was there on buster. Its reported as present in: https://packages.debian.org/search?suite=bullseye=any=path=contents=abstract.bst but is not there. Simone -- Package-specific info: IMPORTANT INFORMATION: We will only consider bug reports concerning the packaging of TeX Live as relevant. If you have problems with combination of packages in a LaTeX document, please consult your local TeX User Group, the comp.text.tex user group, the author of the original .sty file, or any other help resource. In particular, bugs that are related to up-upstream, i.e., neither Debian nor TeX Live (upstream), but the original package authors, will be closed immediately. *** The Debian TeX Team is *not* a LaTeX Help Desk *** If you report an error when running one of the TeX-related binaries (latex, pdftex, metafont,...), or if the bug is related to bad or wrong output, please include a MINIMAL example input file that produces the error in your report. Please run your example with (pdf)latex -recorder ... (or any other program that supports -recorder) and send us the generated file with the extension .fls, it lists all the files loaded during the run and can easily explain problems induced by outdated files in your home directory. Don't forget to also include minimal examples of other files that are needed, e.g. bibtex databases. Often it also helps to include the logfile. Please, never send included pictures! If your example file isn't short or produces more than one page of output (except when multiple pages are needed to show the problem), you can probably minimize it further. Instructions on how to do that can be found at http://www.minimalbeispiel.de/mini-en.html (english) or http://www.minimalbeispiel.de/mini.html (german) ## minimal input file ## other files ## List of ls-R files lrwxrwxrwx 1 root root 31 Feb 17 21:30 /usr/share/texlive/texmf-dist/ls-R -> /var/lib/texmf/ls-R-TEXLIVEDIST ## Config files -rw-r--r-- 1 root root 475 Apr 9 12:11 /etc/texmf/web2c/texmf.cnf lrwxrwxrwx 1 root root 33 Feb 17 21:30 /usr/share/texmf/web2c/fmtutil.cnf -> /var/lib/texmf/fmtutil.cnf-DEBIAN lrwxrwxrwx 1 root root 32 Feb 17 21:30 /usr/share/texmf/web2c/updmap.cfg -> /var/lib/texmf/updmap.cfg-DEBIAN -rw-r--r-- 1 root root 2787 Apr 9 12:14 /var/lib/texmf/tex/generic/config/language.dat ## Files in /etc/texmf/web2c/ total 8 -rw-r--r-- 1 root root 283 Feb 12 2021 mktex.cnf -rw-r--r-- 1 root root 475 Apr 9 12:11 texmf.cnf ## md5sums of texmf.d ca40c66f144b4bafc3e59a2dd32ecb9c /etc/texmf/texmf.d/00debian.cnf -- System Information: Debian Release: 11.0 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-7-amd64 (SMP w/6 CPU threads) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages texlive-bibtex-extra depends on: ii tex-common 6.16 ii texlive-base2020.20210202-3 ii texlive-binaries2020.20200327.54578-7 ii texlive-latex-base 2020.20210202-3 texlive-bibtex-extra recommends no packages. texlive-bibtex-extra suggests no packages. Versions of packages tex-common depends on: ii dpkg 1.20.9 ii ucf 3.0043 Versions of packages tex-common suggests: pn debhelper Versions of packages texlive-bibtex-extra is related to: ii tex-common6.16 ii texlive-binaries 2020.20200327.54578-7 -- no debconf information
Bug#986849: network-manager: nmcli connection edit print help in italian listing translated command
Package: network-manager Version: 1.30.0-1 Severity: normal Tags: l10n Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** When doing: nmcli connections -conn edit I got tranlated output, that's fine, but between the instruction there is: Digitare «stampa» per mostrare tutte le proprietà della connessione. where it should be: Digitare «print» per mostrare tutte le proprietà della connessione. because obviously typing "stampa" do not work. -- System Information: Debian Release: bullseye/sid APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-5-amd64 (SMP w/6 CPU threads) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages network-manager depends on: ii adduser 3.118 ii dbus 1.12.20-2 ii libaudit11:3.0-2 ii libbluetooth35.55-3 ii libc62.31-11 ii libcurl3-gnutls 7.74.0-1.1 ii libglib2.0-0 2.66.8-1 ii libgnutls30 3.7.1-1 ii libjansson4 2.13.1-1.1 ii libmm-glib0 1.14.10-0.1 ii libndp0 1.6-1+b1 ii libnewt0.52 0.52.21-4+b3 ii libnm0 1.30.0-1 ii libpsl5 0.21.0-1.2 ii libreadline8 8.1-1 ii libselinux1 3.1-3 ii libsystemd0 247.3-3 ii libteamdctl0 1.31-1 ii libudev1 247.3-3 ii libuuid1 2.36.1-7 ii policykit-1 0.105-30 ii udev 247.3-3 ii wpasupplicant2:2.9.0-21 Versions of packages network-manager recommends: ii dnsmasq-base [dnsmasq-base] 2.84-1 ii iptables 1.8.7-1 ii libpam-systemd 247.3-3 ii modemmanager 1.14.10-0.1 ii ppp 2.4.9-1+1 ii wireless-regdb 2020.04.29-2 Versions of packages network-manager suggests: ii isc-dhcp-client 4.4.1-2.2 pn libteam-utils -- no debconf information
Bug#960043: cloud-init: .list files under sources.list.d get duplicated after reinit
Package: cloud-init Version: 18.3-6 Severity: normal Dear Maintainer, I'm trying to add some other repositories under /etc/apt/sources.list.d using the following 10_fuss.cfg file in /etc/cloud/cloud.cfg.d/: apt: preserve_sources_list: true sources: fuss-buster.list: source: "deb http://archive.fuss.bz.it/ buster main" key: | -BEGIN PGP PUBLIC KEY BLOCK- ... it work fine and add the list the first time cloud init is run, but in a later run cloud-init reprocess this file (like after adding a new ssh key for accessing the server) the source line is appended (the same happens also if preserve_sources_list is false). So I got duplicated lines with APT complaining Looking at the logs in cloud-init.log I traced the problem inside the file: /usr/lib/python3/dist-packages/cloudinit/config/cc_apt_configure.py where in the function add_apt_sources, at line 624 there is a: util.write_file(sourcefn, contents, omode="a") that write the file in append, giving a duplicate line. The problem is present also, at the time of writing, in the official upstream sources, here: https://github.com/canonical/cloud-init/blob/master/cloudinit/config/cc_apt_configure.py I think changing the code to omode="w" should solve this problem. -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-8-amd64 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cloud-init depends on: ii cloud-guest-utils 0.29-1 ii fdisk 2.33.1-0.1 ii gdisk 1.0.3-1.1 ii ifupdown0.8.35 ii locales 2.28-10 ii lsb-base10.2019051400 ii lsb-release 10.2019051400 ii net-tools 1.60+git20180626.aebd88e-1 ii procps 2:3.3.15-2 ii python3 3.7.3-1 ii python3-configobj 5.0.6-3 ii python3-jinja2 2.10-2 ii python3-jsonpatch 1.21-1 ii python3-jsonschema 2.6.0-4 ii python3-oauthlib2.1.0-1 ii python3-requests2.21.0-1 ii python3-six 1.12.0-1 ii python3-yaml3.13-2 ii util-linux 2.33.1-0.1 Versions of packages cloud-init recommends: ii eatmydata 105-7 ii sudo 1.8.27-1+deb10u2 Versions of packages cloud-init suggests: pn btrfs-progs ii e2fsprogs1.44.5-1+deb10u3 pn xfsprogs -- Configuration Files: /etc/cloud/cloud.cfg changed: disable_root: false preserve_hostname: false cloud_init_modules: - migrator - seed_random - bootcmd - write-files - growpart - resizefs - disk_setup - mounts - set_hostname - update_hostname - update_etc_hosts - ca-certs - rsyslog - users-groups - ssh cloud_config_modules: - emit_upstart - ssh-import-id - locale - set-passwords - grub-dpkg - apt-pipelining - apt-configure - ntp - timezone - disable-ec2-metadata - runcmd - byobu cloud_final_modules: - package-update-upgrade-install - fan - puppet - chef - salt-minion - mcollective - rightscale_userdata - scripts-vendor - scripts-per-once - scripts-per-boot - scripts-per-instance - scripts-user - ssh-authkey-fingerprints - keys-to-console - phone-home - final-message - power-state-change system_info: # This will affect which distro class gets used distro: debian # Default user name + that default users groups (if added/used) default_user: name: debian lock_passwd: True gecos: Debian groups: [adm, audio, cdrom, dialout, dip, floppy, netdev, plugdev, sudo, video] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash # Other config here will be given to the distro class and/or path classes paths: cloud_dir: /var/lib/cloud/ templates_dir: /etc/cloud/templates/ upstart_dir: /etc/init/ package_mirrors: - arches: [default] failsafe: primary: http://deb.debian.org/debian security: http://security.debian.org/ ssh_svcname: ssh -- no debconf information
Bug#959056: apache2: virtualhost configuration ignored by 000-default.conf interference
Package: apache2 Version: 2.4.38-3+deb10u3 Severity: normal Dear Maintainer, I configured a virtual host in sites-available for the nextcloud.truelite.it hostname, that's also the FQDN hostname (as from hostname --fqdn) of the server. I enabled it (with a2ensite) and restarted apache but still having it ignored and getting the welcome page as served by 000-default. After some research I found this is caused by 000-default not having a ServerName configuration, that means automatically defining it at the server FQDN hostname. And because 000-default came *before* all other vhost, it is used instead of the specific one I set. This is misleading, because despite having an explicit configuration for a virtual host, an implicit one (and not so easy to spot) is used. Please also note that this problem is absent in Debian default configuration of nginx. So please put a suitable non interfering ServerName config value on 000-default (someting like ServerName invalid put in the modified 000-default I'm using that should be attached to this report), this way 000-default will still act as default for not defined hostnames, but will not give interference when you define an explicit virtual host for your FSDN hostname. -- Package-specific info: -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.3.18-3-pve (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apache2 depends on: ii apache2-bin2.4.38-3+deb10u3 ii apache2-data 2.4.38-3+deb10u3 ii apache2-utils 2.4.38-3+deb10u3 ii dpkg 1.19.7 ii lsb-base 10.2019051400 ii mime-support 3.62 ii perl 5.28.1-6 ii procps 2:3.3.15-2 Versions of packages apache2 recommends: ii ssl-cert 1.0.39 Versions of packages apache2 suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom pn www-browser Versions of packages apache2-bin depends on: ii libapr1 1.6.5-1+b1 ii libaprutil1 1.6.1-4 ii libaprutil1-dbd-sqlite3 1.6.1-4 ii libaprutil1-ldap 1.6.1-4 ii libbrotli1 1.0.7-2 ii libc62.28-10 ii libcurl4 7.64.0-4+deb10u1 ii libjansson4 2.12-1 ii libldap-2.4-22.4.47+dfsg-3+deb10u1 ii liblua5.2-0 5.2.4-1.1+b2 ii libnghttp2-141.36.0-2+deb10u1 ii libpcre3 2:8.39-12 ii libssl1.11.1.1d-0+deb10u3 ii libxml2 2.9.4+dfsg1-7+b3 ii perl 5.28.1-6 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages apache2-bin suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom pn www-browser Versions of packages apache2 is related to: ii apache2 2.4.38-3+deb10u3 ii apache2-bin 2.4.38-3+deb10u3 -- Configuration Files: /etc/apache2/sites-available/000-default.conf changed: # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html ServerName invalid # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf -- no debconf information
Bug#931463: tinc: Tinc fail up script because of network.target
Package: tinc Version: 1.0.35-2 Severity: normal Dear Maintainer, when starting tinc on a server using bridges as main interfaces (it's used to run VM) it starts but it fails in the up script execution to setup network routes, because interfaces are still not up (on bridge it takes a while to go up), and you need them up if you need to setup a specific route source for use on tinc network. As systemd documentation says you need to use network-online.target and not network.target to have this, as it was with jessie. This is broken in squeeze and in buster also. -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages tinc depends on: ii init-system-helpers 1.56+nmu1 ii libc62.28-10 ii liblzo2-22.10-0.1 ii libssl1.11.1.1c-1 ii lsb-base 10.2019051400 ii zlib1g 1:1.2.11.dfsg-1 tinc recommends no packages. tinc suggests no packages. -- no debconf information
Bug#923463: migrationtools: Don't find migrate_common.ph and don't work
Package: migrationtools Version: 47-8 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** Just after installing (and modifying migrate_common.ph in /etc/migrationtools/, but that's ininfluent), going to /usr/share/migrationtools and running any command gives something like: root@stretch2:/usr/share/migrationtools# ./migrate_base.pl Can't locate migrate_common.ph in @INC (did you run h2ph?) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at ./migrate_base.pl line 39. and it fail because: require 'migrate_common.ph'; fails (the simbolic link to /etc/migrationtools/migrate_common.ph is there). It can be solved just doing: ln -s /etc/migrationtools/migrate_common.ph /etc/perl/ but still the package do not work after install. -- System Information: Debian Release: 9.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages migrationtools depends on: ii ldap-utils [openldap-utils] 2.4.44+dfsg-5+deb9u2 ii perl 5.24.1-3+deb9u5 migrationtools recommends no packages. Versions of packages migrationtools suggests: ii slapd 2.4.44+dfsg-5+deb9u2 -- Configuration Files: /etc/migrationtools/migrate_common.ph changed: $NETINFOBRIDGE = (-x "/usr/sbin/mkslapdconf"); if ($NETINFOBRIDGE) { $NAMINGCONTEXT{'aliases'} = "cn=aliases"; $NAMINGCONTEXT{'fstab'} = "cn=mounts"; $NAMINGCONTEXT{'passwd'}= "cn=users"; $NAMINGCONTEXT{'netgroup_byuser'} = "cn=netgroup.byuser"; $NAMINGCONTEXT{'netgroup_byhost'} = "cn=netgroup.byhost"; $NAMINGCONTEXT{'group'} = "cn=groups"; $NAMINGCONTEXT{'netgroup'} = "cn=netgroup"; $NAMINGCONTEXT{'hosts'} = "cn=machines"; $NAMINGCONTEXT{'networks'} = "cn=networks"; $NAMINGCONTEXT{'protocols'} = "cn=protocols"; $NAMINGCONTEXT{'rpc'} = "cn=rpcs"; $NAMINGCONTEXT{'services'} = "cn=services"; } else { $NAMINGCONTEXT{'aliases'} = "ou=Aliases"; $NAMINGCONTEXT{'fstab'} = "ou=Mounts"; $NAMINGCONTEXT{'passwd'}= "ou=People"; $NAMINGCONTEXT{'netgroup_byuser'} = "nisMapName=netgroup.byuser"; $NAMINGCONTEXT{'netgroup_byhost'} = "nisMapName=netgroup.byhost"; $NAMINGCONTEXT{'group'} = "ou=Group"; $NAMINGCONTEXT{'netgroup'} = "ou=Netgroup"; $NAMINGCONTEXT{'hosts'} = "ou=Hosts"; $NAMINGCONTEXT{'networks'} = "ou=Networks"; $NAMINGCONTEXT{'protocols'} = "ou=Protocols"; $NAMINGCONTEXT{'rpc'} = "ou=Rpc"; $NAMINGCONTEXT{'services'} = "ou=Services"; } $DEFAULT_MAIL_DOMAIN = "truelite.it"; $DEFAULT_BASE = "dc=truelite,dc=it"; $EXTENDED_SCHEMA = 0; $USE_UTF8 = 1; if (defined($ENV{'LDAP_BASEDN'})) { $DEFAULT_BASE = $ENV{'LDAP_BASEDN'}; } if (defined($ENV{'LDAP_DEFAULT_MAIL_DOMAIN'})) { $DEFAULT_MAIL_DOMAIN = $ENV{'LDAP_DEFAULT_MAIL_DOMAIN'}; } if (defined($ENV{'LDAP_DEFAULT_MAIL_HOST'})) { $DEFAULT_MAIL_HOST = $ENV{'LDAP_DEFAULT_MAIL_HOST'}; } if (defined($ENV{'LDAP_BINDDN'})) { $DEFAULT_OWNER = $ENV{'LDAP_BINDDN'}; } if (defined($ENV{'LDAP_EXTENDED_SCHEMA'})) { $EXTENDED_SCHEMA = $ENV{'LDAP_EXTENDED_SCHEMA'}; } if (!defined($DEFAULT_BASE)) { $DEFAULT_BASE = _expand($DEFAULT_MAIL_DOMAIN); $DEFAULT_BASE =~ s/,$//o; } if ($EXTENDED_SCHEMA) { $DEFAULT_REALM = $DEFAULT_MAIL_DOMAIN; $DEFAULT_REALM =~ tr/a-z/A-Z/; } if (-x "/usr/sbin/revnetgroup") { $REVNETGROUP = "/usr/sbin/revnetgroup"; } elsif (-x "/usr/lib/yp/revnetgroup") { $REVNETGROUP = "/usr/lib/yp/revnetgroup"; } $classmap{'o'} = 'organization'; $classmap{'dc'} = 'domain'; $classmap{'l'} = 'locality'; $classmap{'ou'} = 'organizationalUnit'; $classmap{'c'} = 'country'; $classmap{'nismapname'} = 'nisMap'; $classmap{'cn'} = 'container'; sub parse_args { if ($#ARGV < 0) { print STDERR "Usage: $PROGRAM infile [outfile]\n"; exit 1; } $INFILE =
Bug#905205: system-config-printer: Ask root password to configure printer while beeing in lpadmin group
Package: system-config-printer Version: 1.5.11-2 Severity: normal Dear Maintainer, I'm using the XFCE desktop, and lanching printer manager from application menu. I tryied to unblock it to add a printer, and it's asking me the root password not the one of the user I was using. The user is the user created on installation, and it's inside the lpadmin group. If I try to install a printer using lpadmin it works fine: antani@buster:~$ id antani uid=1000(antani) gid=1000(antani) gruppi=1000(antani),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),106(netdev),113(lpadmin),114(scanner) antani@buster:~$ /usr/sbin/lpadmin -p prova -E -v ipp://192.168.0.2:631 antani@buster:~$ lpstat -v dispositivo per prova: ipp://192.168.0.2:631 It also works via browser in port 631 using the current user and password. This way I cannot give an user the privilege of adding or managing printers -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-2-amd64 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages system-config-printer depends on: ii gir1.2-gdkpixbuf-2.0 2.36.12-1 ii gir1.2-glib-2.0 1.56.1-1 ii gir1.2-gtk-3.03.22.30-2 ii gir1.2-notify-0.7 0.7.7-3 ii gir1.2-packagekitglib-1.0 1.1.10-1 ii gir1.2-pango-1.0 1.42.1-2 ii gir1.2-polkit-1.0 0.105-21 ii python3 3.6.5-3 ii python3-cups 1.9.73-2+b1 ii python3-cupshelpers 1.5.11-2 ii python3-dbus 1.2.8-2+b1 ii python3-gi3.28.2-1+b1 ii system-config-printer-common 1.5.11-2 Versions of packages system-config-printer recommends: ii system-config-printer-udev 1.5.11-2 Versions of packages system-config-printer suggests: pn gnome-software -- no debconf information
Bug#823513: [Pkg-clamav-devel] Bug#823513: clamav-freshclam: freshclam fails to download daily.cvd and clamav do not start
the warning: "WARNING: Your ClamAV installation is OUTDATED!" means that current version of freshclam will always fail to download that file. There is Local version: 0.99 and recommended 0.99.2, so until there is a way to relax that restriction, or accept a different minor version, or release an updated package, clamav-daemon will break. Regards Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736
Bug#823513: clamav-freshclam: freshclam fails to download daily.cvd and clamav do not start
Package: clamav-freshclam Version: 0.99+dfsg-0+deb8u2 Severity: important Dear Maintainer, After installing clamav-freshclam I got these in syslog: May 5 15:31:28 jessie kernel: [ 3360.972917] device eth0 left promiscuous mode May 5 15:32:08 jessie freshclam[4851]: ClamAV update process started at Thu May 5 15:32:08 2016 May 5 15:32:09 jessie freshclam[4851]: WARNING: Your ClamAV installation is OUTDATED! May 5 15:32:09 jessie freshclam[4851]: WARNING: Local version: 0.99 Recommended version: 0.99.2 May 5 15:32:09 jessie freshclam[4851]: DON'T PANIC! Read http://www.clamav.net/support/faq May 5 15:32:09 jessie freshclam[4851]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) May 5 15:32:09 jessie freshclam[4851]: WARNING: Can't download daily.cvd from db.local.clamav.net May 5 15:32:09 jessie freshclam[4851]: Trying again in 5 secs... ... (other 3 times) May 5 15:32:29 jessie freshclam[4851]: ClamAV update process started at Thu May 5 15:32:29 2016 May 5 15:32:29 jessie freshclam[4851]: WARNING: Your ClamAV installation is OUTDATED! May 5 15:32:29 jessie freshclam[4851]: WARNING: Local version: 0.99 Recommended version: 0.99.2 May 5 15:32:29 jessie freshclam[4851]: DON'T PANIC! Read http://www.clamav.net/support/faq May 5 15:32:29 jessie freshclam[4851]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) May 5 15:32:29 jessie freshclam[4851]: ERROR: Can't download daily.cvd from db.local.clamav.net May 5 15:32:29 jessie freshclam[4851]: Giving up on db.local.clamav.net... May 5 15:32:29 jessie freshclam[4851]: ClamAV update process started at Thu May 5 15:32:29 2016 May 5 15:32:29 jessie freshclam[4851]: WARNING: Your ClamAV installation is OUTDATED! May 5 15:32:29 jessie freshclam[4851]: WARNING: Local version: 0.99 Recommended version: 0.99.2 May 5 15:32:29 jessie freshclam[4851]: DON'T PANIC! Read http://www.clamav.net/support/faq May 5 15:32:29 jessie freshclam[4851]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) May 5 15:32:29 jessie freshclam[4851]: ERROR: Can't download daily.cvd from database.clamav.net May 5 15:32:29 jessie freshclam[4851]: Giving up on database.clamav.net... May 5 15:32:29 jessie freshclam[4851]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons. So there is no /var/lib/clamav/daily.cvd downloaded and clamav-daemon was not started, silently failing (no trace in syslog also). I just got it because amavis was angry, and then I got the problem with: root@jessie:~# systemctl status clamav-daemon ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled) Active: inactive (dead) since gio 2016-05-05 15:45:31 CEST; 28s ago start condition failed at gio 2016-05-05 15:45:53 CEST; 6s ago ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} was not met I have jessie-updates in my sources list, and I could just plain take the file with wget, so it's not a network problem. I could solve the issue downloading the file with: cd /var/lib/clamav/ wget http://database.clamav.net/daily.cvd after this clamav-daemon was startable, but the clamav-freshclam package now is just broken, do not work, and the current configuration prevent also clamav-daemon to work. -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf --- LogFile = "/var/log/clamav/clamav.log" StatsHostID = "auto" StatsEnabled disabled StatsPEDisabled = "yes" StatsTimeout = "10" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" AllowSupplementaryGroups = "yes" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "6" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA
Bug#823488: python-ldap3: connection switch silently to anonymous bind if password is empty, failing auth
Package: python-ldap3 Version: 0.9.4.2-1 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** When creating a connection with the Connection object the code defaults to AUTH_ANONYMOUS (doing so an anonymus bind) also when _only_ the password is empty (not, as said by documentation, when both user and password are empty). These the lines of /usr/lib/python3/dist-packages/ldap3/core/connection.py where the problem is: self.user = user self.password = password if self.user and self.password and not authentication: self.authentication = AUTH_SIMPLE elif not authentication: self.authentication = AUTH_ANONYMOUS elif authentication in [AUTH_SIMPLE, AUTH_ANONYMOUS, AUTH_SASL]: self.authentication = authentication else: self.last_error = 'unknown authentication method' raise LDAPUnknownAuthenticationMethodError(self.last_error) If password is empty, according to default of None for authentication, the first if fails and then is selected the second elif. That means that you will get a valid object with anonymous bind, the user presence will be simply ignored but, and so when you use object also to check autentication, looking if you get a connection (as it should be), you will got authentication for every user just giving an empty password. That's plain wrong, contrary to what is said in the documentation here: http://ldap3.readthedocs.io/connections.html and very dangerous (the more plain way to use the library will bring people to enable empty password access for any user). -- System Information: Debian Release: 8.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 4.4.6-1-pve (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages python-ldap3 depends on: ii python-pyasn1 0.1.7-1 pn python:any python-ldap3 recommends no packages. python-ldap3 suggests no packages. -- no debconf information
Bug#792423: apache2.2-bin: Segfault at timeout with a no-output CGI
Package: apache2.2-bin Version: 2.2.22-13+deb7u4 Severity: normal Dear Maintainer, I got this problem because blocked CGI were not killed after timout and instead I got in the error log something like: [Tue Jul 14 17:16:30 2015] [notice] child pid 11032 exit signal Segmentation fault (11) I can reproduce this one creating a doing nothing CGI like this one: http://gapil.truelite.it/sources/browser/trunk/sources/testsignalcgi.c installing in /usr/lib/cgi-bin and asking it with a browser. At the timout the result is a segfault in the apache child that launched the CGI, before it can send the SIGTERM to the CGI. This behaviour disappear if I remove mod_deflate and restart apache. I already got this bug in Lenny (only for 64 bit platform), but it's not present in Squeeze. I cannot test it in a 32 bit machine (that I don't have). Regards Simone -- System Information: Debian Release: 7.8 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-34-pve (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages apache2.2-bin depends on: ii libapr1 1.4.6-3+deb7u1 ii libaprutil1 1.4.1-3 ii libaprutil1-dbd-sqlite3 1.4.1-3 ii libaprutil1-ldap 1.4.1-3 ii libc62.13-38+deb7u8 ii libcap2 1:2.22-1.2 ii libldap-2.4-22.4.31-2 ii libpcre3 1:8.30-5 ii libssl1.0.0 1.0.1e-2+deb7u17 ii zlib1g 1:1.2.7.dfsg-13 apache2.2-bin recommends no packages. apache2.2-bin suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752419: icedove: Still not working on 31.0-2
On 14/09/2014 00:04, Carsten Schoenert wrote: can you please check what settings for security.tls.version.max and sSecurity.tls.version.min are used inside Mint? http://kb.mozillazine.org/Security.tls.version.* I espected they set security.tls.version.max to something lower than 3. Sorry for the late answer, I was without my laptop for a while. Values are: security.tls.version.max 3 security.tls.version.min 0 Mozilla has changed the default for the TLS version after the full implementation of TLS 1.2 into Thunderbird version 28, they now set the usage of TLS 1.2 as mandatory but you can change this behaviour via security.tls.version.max. You can change the value for this on Edit - Preferences - Advanced - General - Config Editor. I tried anyway to reduce security.tls.version.max value on 31.1, but without effect. Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752419: icedove: Still not working on 31.0-2
Package: icedove Version: 31.0-2 Followup-For: Bug #752419 Dear Maintainer, Icedove 31.0-2 is still not working, it's impossible to access an imap folder if the certificate is not valid, but it just hangs, no error, nothing. , I still need to go back to 24.5 to have my email back. That's something Debian specific because thunderbird 31.0 in a Mint 17 installation works just fine after accepting that certificate. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages icedove depends on: ii debianutils 4.4 ii fontconfig2.11.0-6.1 ii libasound21.0.28-1 ii libatk1.0-0 2.12.0-1 ii libc6 2.19-9 ii libcairo2 1.12.16-3 ii libdbus-1-3 1.8.6-2 ii libdbus-glib-1-2 0.102-1 ii libevent-2.0-52.0.21-stable-1 ii libffi6 3.1-2 ii libfontconfig12.11.0-6.1 ii libfreetype6 2.5.2-1.1 ii libgcc1 1:4.9.1-8 ii libgdk-pixbuf2.0-02.30.7-1 ii libglib2.0-0 2.40.0-4 ii libgtk2.0-0 2.24.24-1 ii libhunspell-1.3-0 1.3.3-2 ii libnspr4 2:4.10.7-1 ii libnss3 2:3.17-1 ii libpango-1.0-01.36.6-1 ii libpangocairo-1.0-0 1.36.6-1 ii libpangoft2-1.0-0 1.36.6-1 ii libpixman-1-0 0.32.6-3 ii libsqlite3-0 3.8.6-1 ii libstartup-notification0 0.12-3 ii libstdc++64.9.1-8 ii libvpx1 1.3.0-2.1 ii libx11-6 2:1.6.2-3 ii libxext6 2:1.3.2-1 ii libxrender1 1:0.9.8-1 ii libxt61:1.1.4-1 ii psmisc22.21-2 ii zlib1g1:1.2.8.dfsg-2 Versions of packages icedove recommends: ii myspell-en-us [myspell-dictionary] 1:3.3.0-4 ii myspell-it [myspell-dictionary] 1:3.3.0-4 Versions of packages icedove suggests: ii fonts-lyx 2.0.6-1 ii libgssapi-krb5-2 1.12.1+dfsg-7 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752419: icedove: same problem
Package: icedove Version: 31.0~b1-2 Followup-For: Bug #752419 Dear Maintainer, After upgrading to version 31.0~b1-2 it's impossible to access IMAP folder via SSL. The problem is the same, I have an invalid certificate that I accepted and worked fine until last upgrade. Starting in a terminal do not give any error. Looking with strace I got repeating messages like this: poll([{fd=5, events=POLLIN}, {fd=4, events=POLLIN}, {fd=7, events=POLLIN|POLLPRI}, {fd=10, events=POLLIN}, {fd=22, events=POLLIN}, {fd=24, events=POLLIN}, {fd=9, events=POLLIN|POLLPRI}], 7, 0) = 0 (Timeout) recvmsg(4, 0x7fff0365e7f0, 0) = -1 EAGAIN (Resource temporarily unavailable) or sometime also: poll([{fd=5, events=POLLIN}, {fd=4, events=POLLIN}, {fd=7, events=POLLIN|POLLPRI}, {fd=10, events=POLLIN}, {fd=22, events=POLLIN}, {fd=24, events=POLLIN}, {fd=9, events=POLLIN|POLLPRI}], 7, 4294967295) = 1 ([{fd=22, revents=POLLIN}]) read(22, \372, 1) = 1 futex(0x7ff1e9a3a64c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7ff1e9a3a648, {FUTEX_OP_SET, 0, FUTEX_OP_CMP_GT, 1}) = 1 recvmsg(4, 0x7fff0365e7f0, 0) = -1 EAGAIN (Resource temporarily unavailable) I confirm that going back to 24.5.0-2 give back my email... Simone -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages icedove depends on: ii debianutils 4.4 ii fontconfig2.11.0-5 ii libasound21.0.27.2-4 ii libatk1.0-0 2.12.0-1 ii libc6 2.19-4 ii libcairo2 1.12.16-2 ii libdbus-1-3 1.8.4-1 ii libdbus-glib-1-2 0.102-1 ii libevent-2.0-52.0.21-stable-1 ii libffi6 3.1-2 ii libfontconfig12.11.0-5 ii libfreetype6 2.5.2-1 ii libgcc1 1:4.9.0-9 ii libgdk-pixbuf2.0-02.30.7-1 ii libglib2.0-0 2.40.0-3 ii libgtk2.0-0 2.24.24-1 ii libhunspell-1.3-0 1.3.3-1 ii libnspr4 2:4.10.6-1 ii libnss3 2:3.16.1-1 ii libpango-1.0-01.36.3-1 ii libpangocairo-1.0-0 1.36.3-1 ii libpangoft2-1.0-0 1.36.3-1 ii libpixman-1-0 0.32.4-1 ii libsqlite3-0 3.8.5-2 ii libstartup-notification0 0.12-3 ii libstdc++64.9.0-9 ii libvpx1 1.3.0-2 ii libx11-6 2:1.6.2-2 ii libxext6 2:1.3.2-1 ii libxrender1 1:0.9.8-1 ii libxt61:1.1.4-1 ii psmisc22.21-2 ii zlib1g1:1.2.8.dfsg-1 Versions of packages icedove recommends: ii myspell-en-us [myspell-dictionary] 1:3.3.0-4 ii myspell-it [myspell-dictionary] 1:3.3.0-4 Versions of packages icedove suggests: ii fonts-lyx 2.0.6-1 ii libgssapi-krb5-2 1.12.1+dfsg-3 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#740958: postfix-cluebringer: Use of uninitialized value $email_domain in lc at /usr/lib/postfix-cluebringer/cbp/policies.pm
Package: postfix-cluebringer Version: 2.0.10-1 Severity: normal Dear Maintainer, Logs are full of this error. -- System Information: Debian Release: 7.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-openvz-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages postfix-cluebringer depends on: ii adduser3.113+nmu3 ii debconf1.5.49 ii libcache-fastmmap-perl 1.40-1 ii libconfig-inifiles-perl2.75-1 ii libmail-spf-perl 2.8.0-1 ii libnet-cidr-perl 0.15-1 ii libnet-server-perl 2.006-1+deb7u1 ii perl 5.14.2-21+deb7u1 ii postfix-cluebringer-mysql 2.0.10-1 Versions of packages postfix-cluebringer recommends: ii postfix-cluebringer-webui 2.0.10-1 postfix-cluebringer suggests no packages. -- Configuration Files: /etc/cluebringer/cluebringer.conf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#740606: postfix-cluebringer-webui: /usr/share/doc/postfix-cluebringer-webui/examples/postfix/ do not belong here
Package: postfix-cluebringer-webui Version: 2.0.10-1 Severity: minor Dear Maintainer, this directory contains also postfix configuration samples, that do not belongs to webui. And that directory contains also some config samples like alias_to_mailbox_map.cf unrelated to cluebringer. -- System Information: Debian Release: 7.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-openvz-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages postfix-cluebringer-webui depends on: ii adduser 3.113+nmu3 ii apache2-mpm-prefork [httpd] 2.2.22-13+deb7u1 ii debconf 1.5.49 ii php5 5.4.4-14+deb7u7 ii php5-mysql 5.4.4-14+deb7u7 postfix-cluebringer-webui recommends no packages. postfix-cluebringer-webui suggests no packages. -- Configuration Files: /etc/cluebringer/cluebringer-webui.conf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#740362: postfix-cluebringer-webui: /etc/cluebringer/cluebringer-webui.conf is wrold readable
Package: postfix-cluebringer-webui Version: 2.0.10-1 Severity: normal Dear Maintainer, The configuration file /etc/cluebringer/cluebringer-webui.conf is installed with 644 permission, while containing database password, that's not safe. It should 640 with www-data group ownership. -- System Information: Debian Release: 7.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-openvz-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages postfix-cluebringer-webui depends on: ii adduser 3.113+nmu3 ii apache2-mpm-prefork [httpd] 2.2.22-13+deb7u1 ii debconf 1.5.49 ii php5 5.4.4-14+deb7u7 ii php5-mysql 5.4.4-14+deb7u7 postfix-cluebringer-webui recommends no packages. postfix-cluebringer-webui suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#681806: gimp: Lose tool mode selection after a ctrl-x/ctrl-c
Package: gimp Version: 2.8.0-2+b1 Severity: normal Dear Maintainer, starting from 2.8 when I set a non default mode (add, subtract, intersect) for a selection tool (any tool like rectangle, ellipse, free, fuzzy, ecc), make a selection on the canvas, and then cut the selction the mode choice is reverted to the default mode (replace). This is incredibly annoying because if you have to reselect the mode all the times. In 2.6 the mode selection was mantained, and it is mantained also in 2.8, if you change tool or do some other action with another tool. It is reset just if you use ctrl-x to cut or ctrl-c to copy. I'd like to get back the old and correct/coherent behaviour. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gimp depends on: ii gimp-data 2.8.0-2 ii libaa1 1.4p5-40 ii libatk1.0-0 2.4.0-2 ii libbabl-0.1-0 0.1.10-1 ii libbz2-1.0 1.0.6-3 ii libc6 2.13-34 ii libcairo2 1.12.2-2 ii libdbus-1-3 1.6.2-2 ii libdbus-glib-1-20.100-1 ii libexif12 0.6.20-2 ii libfontconfig1 2.9.0-6 ii libfreetype62.4.9-1 ii libgdk-pixbuf2.0-0 2.26.1-1 ii libgegl-0.2-0 0.2.0-2 ii libgimp2.0 2.8.0-2+b1 ii libglib2.0-02.32.3-1 ii libgs9 9.05~dfsg-6 ii libgtk2.0-0 2.24.10-1 ii libgudev-1.0-0 175-3.1 ii libjasper1 1.900.1-13 ii libjpeg88d-1 ii liblcms11.19.dfsg-1.1 ii libmng1 1.0.10-3 ii libpango1.0-0 1.30.0-1 ii libpng12-0 1.2.49-2 ii libpoppler-glib80.18.4-3 ii librsvg2-2 2.36.1-1 ii libtiff43.9.6-6 ii libwebkitgtk-1.0-0 1.8.1-3.1 ii libwmf0.2-7 0.2.8.4-10 ii libx11-62:1.5.0-1 ii libxcursor1 1:1.1.13-1 ii libxext62:1.3.1-2 ii libxfixes3 1:5.0-4 ii libxmu6 2:1.1.1-1 ii libxpm4 1:3.5.10-1 ii python 2.7.3-1 ii python-gtk2 2.24.0-3 ii python2.7 2.7.3-2 ii zlib1g 1:1.2.7.dfsg-13 Versions of packages gimp recommends: ii ghostscript 9.05~dfsg-6 Versions of packages gimp suggests: pn gimp-data-extras none pn gimp-help-en | gimp-help none ii gvfs-backends 1.12.3-1+b1 ii libasound21.0.25-3 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#588455: [Pkg-samba-maint] Bug#588455: samba: still here, also for backported package
On 06/24/2012 08:22 PM, Ivo De Decker wrote: On Wed, Jan 18, 2012 at 05:16:42PM +0100, Simone Piccardi wrote: Package: samba Version: 2:3.5.11~dfsg-1~bpo60+1 Severity: normal I had this problem with the standard stable samba package so I tried to upgrade to the backports one, but I'm still having the same problem. It came for just a single machine, for 1/3 times at a day. Simone, It might be a problem in libgcrypt or libgnutls. Could you also install the debug packages for those libraries (probably libgcrypt11-dbg and libgnutls26-dbg) and send a new trace? It could also be interesting to see if the problem still happens with testing or unstable. They have newer version of these libraries. Cheers, Ivo De Decker Here the BACKTRACE in the logs, after installing both debug packages: === [2012/06/26 20:27:15.818443, 0] lib/fault.c:47(fault_report) INTERNAL ERROR: Signal 11 in pid 4174 (3.5.11) Please read the Trouble-Shooting section of the Samba3-HOWTO [2012/06/26 20:27:15.818462, 0] lib/fault.c:49(fault_report) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2012/06/26 20:27:15.818474, 0] lib/fault.c:50(fault_report) === [2012/06/26 20:27:15.818484, 0] lib/util.c:1468(smb_panic) PANIC (pid 4174): internal error [2012/06/26 20:27:15.822219, 0] lib/util.c:1572(log_stack_trace) BACKTRACE: 27 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x1a) [0x7fb88e27bd2a] #1 /usr/sbin/smbd(smb_panic+0x1f) [0x7fb88e27bdef] #2 /usr/sbin/smbd(+0x3798ad) [0x7fb88e26b8ad] #3 /lib/libc.so.6(+0x321e0) [0x7fb88b1331e0] #4 /usr/lib/libgcrypt.so.11(+0x48588) [0x7fb88a3ef588] #5 /usr/lib/libgcrypt.so.11(+0x475ed) [0x7fb88a3ee5ed] #6 /usr/lib/libgnutls.so.26(+0x3e187) [0x7fb88ac83187] #7 /usr/lib/libgnutls.so.26(+0x3c41c) [0x7fb88ac8141c] #8 /usr/lib/libgnutls.so.26(gnutls_global_init+0x126) [0x7fb88ac72c06] #9 /usr/lib/libcups.so.2(httpInitialize+0x3a) [0x7fb88cd2450a] #10 /usr/lib/libcups.so.2(_httpCreate+0x95) [0x7fb88cd245b5] #11 /usr/lib/libcups.so.2(httpConnectEncrypt+0x6) [0x7fb88cd24696] #12 /usr/sbin/smbd(+0x350f4a) [0x7fb88e242f4a] #13 /usr/sbin/smbd(cups_cache_reload+0x286) [0x7fb88e245f06] #14 /usr/sbin/smbd(pcap_cache_reload+0x14d) [0x7fb88e242a4d] #15 /usr/sbin/smbd(check_reload+0xef) [0x7fb88e06a3ef] #16 /usr/sbin/smbd(+0x17849d) [0x7fb88e06a49d] #17 /usr/sbin/smbd(+0x178b63) [0x7fb88e06ab63] #18 /usr/sbin/smbd(run_events+0xfe) [0x7fb88e28ba0e] #19 /usr/sbin/smbd(smbd_process+0x7aa) [0x7fb88e06c05a] #20 /usr/sbin/smbd(+0x6847fe) [0x7fb88e5767fe] #21 /usr/sbin/smbd(run_events+0x20b) [0x7fb88e28bb1b] #22 /usr/sbin/smbd(+0x399e21) [0x7fb88e28be21] #23 /usr/sbin/smbd(_tevent_loop_once+0x90) [0x7fb88e28c200] #24 /usr/sbin/smbd(main+0xb5b) [0x7fb88e57752b] #25 /lib/libc.so.6(__libc_start_main+0xfd) [0x7fb88b11fc4d] #26 /usr/sbin/smbd(+0xfce89) [0x7fb88dfeee89] [2012/06/26 20:27:15.822354, 0] lib/util.c:1473(smb_panic) smb_panic(): calling panic action [/usr/share/samba/panic-action 4174] warning: The current binary is a PIE (Position Independent Executable), which GDB does NOT currently support. Most debugger features will fail if used in this session. [2012/06/26 20:27:17.791913, 0] lib/util.c:1481(smb_panic) smb_panic(): action returned status 0 [2012/06/26 20:27:17.791983, 0] lib/fault.c:326(dump_core) dumping core in /var/log/samba/cores/smbd [2012/06/26 20:27:17.894371, 0] printing/print_cups.c:456(cups_async_callback) failed to recv pcap blob Regards Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#588455: samba: still here, also for backported package
Package: samba Version: 2:3.5.11~dfsg-1~bpo60+1 Severity: normal I had this problem with the standard stable samba package so I tried to upgrade to the backports one, but I'm still having the same problem. It came for just a single machine, for 1/3 times at a day. -- System Information: Debian Release: 6.0.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages samba depends on: ii adduser 3.112+nmu2 add and remove users and groups ii debconf [debconf 1.5.36.1Debian configuration management sy ii libacl1 2.2.49-4Access control list shared library ii libattr1 1:2.4.44-2 Extended attribute shared library ii libc62.11.2-10 Embedded GNU C Library: Shared lib ii libcap2 1:2.19-3support for getting/setting POSIX. ii libcomerr2 1.41.12-4stable1common error description library ii libcups2 1.4.4-7+squeeze1Common UNIX Printing System(tm) - ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries - k ii libk5crypto3 1.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries - C ii libkrb5-31.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries ii libldap-2.4-22.4.23-7.2 OpenLDAP libraries ii libpam-modules 1.1.1-6.1+squeeze1 Pluggable Authentication Modules f ii libpam-runtime 1.1.1-6.1+squeeze1 Runtime support for the PAM librar ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l ii libpopt0 1.16-1 lib for parsing cmdline parameters ii libtalloc2 2.0.1-1 hierarchical pool based memory all ii libtdb1 1.2.1-2+b1 Trivial Database - shared library ii libwbclient0 2:3.5.11~dfsg-1~bpo60+1 Samba winbind client library ii lsb-base 3.2-23.2squeeze1Linux Standard Base 3.2 init scrip ii procps 1:3.2.8-9 /proc file system utilities ii samba-common 2:3.5.11~dfsg-1~bpo60+1 common files used by both the Samb ii update-inetd 4.38+nmu1+squeeze1 inetd configuration file updater ii zlib1g 1:1.2.3.4.dfsg-3compression library - runtime Versions of packages samba recommends: ii logrotate 3.7.8-6Log rotation utility ii tdb-tools 1.2.1-2+b1 Trivial Database - bundled binarie Versions of packages samba suggests: pn ctdbnone (no description available) pn ldb-tools none (no description available) ii openbsd-inetd [inet-superse 0.20080125-6 The OpenBSD Internet Superserver pn smbldap-tools none (no description available) -- debconf information: samba/run_mode: daemons samba/generate_smbpasswd: true samba-common/title: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#588455: samba: still here, also for backported package
On 01/18/2012 05:16 PM, Simone Piccardi wrote: Package: samba Version: 2:3.5.11~dfsg-1~bpo60+1 Severity: normal I had this problem with the standard stable samba package so I tried to upgrade to the backports one, but I'm still having the same problem. It came for just a single machine, for 1/3 times at a day. -- System Information: Debian Release: 6.0.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages samba depends on: ii adduser 3.112+nmu2 add and remove users and groups ii debconf [debconf 1.5.36.1Debian configuration management sy ii libacl1 2.2.49-4Access control list shared library ii libattr1 1:2.4.44-2 Extended attribute shared library ii libc62.11.2-10 Embedded GNU C Library: Shared lib ii libcap2 1:2.19-3support for getting/setting POSIX. ii libcomerr2 1.41.12-4stable1common error description library ii libcups2 1.4.4-7+squeeze1Common UNIX Printing System(tm) - ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries - k ii libk5crypto3 1.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries - C ii libkrb5-31.8.3+dfsg-4squeeze5MIT Kerberos runtime libraries ii libldap-2.4-22.4.23-7.2 OpenLDAP libraries ii libpam-modules 1.1.1-6.1+squeeze1 Pluggable Authentication Modules f ii libpam-runtime 1.1.1-6.1+squeeze1 Runtime support for the PAM librar ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l ii libpopt0 1.16-1 lib for parsing cmdline parameters ii libtalloc2 2.0.1-1 hierarchical pool based memory all ii libtdb1 1.2.1-2+b1 Trivial Database - shared library ii libwbclient0 2:3.5.11~dfsg-1~bpo60+1 Samba winbind client library ii lsb-base 3.2-23.2squeeze1Linux Standard Base 3.2 init scrip ii procps 1:3.2.8-9 /proc file system utilities ii samba-common 2:3.5.11~dfsg-1~bpo60+1 common files used by both the Samb ii update-inetd 4.38+nmu1+squeeze1 inetd configuration file updater ii zlib1g 1:1.2.3.4.dfsg-3compression library - runtime Versions of packages samba recommends: ii logrotate 3.7.8-6Log rotation utility ii tdb-tools 1.2.1-2+b1 Trivial Database - bundled binarie Versions of packages samba suggests: pn ctdbnone(no description available) pn ldb-toolsnone(no description available) ii openbsd-inetd [inet-superse 0.20080125-6 The OpenBSD Internet Superserver pn smbldap-toolsnone(no description available) -- debconf information: samba/run_mode: daemons samba/generate_smbpasswd: true samba-common/title: I forgot the log excerpt. Simone [...] === [2012/01/18 13:57:06.120781, 0] lib/fault.c:47(fault_report) INTERNAL ERROR: Signal 11 in pid 15750 (3.5.11) Please read the Trouble-Shooting section of the Samba3-HOWTO [2012/01/18 13:57:06.120805, 0] lib/fault.c:49(fault_report) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2012/01/18 13:57:06.120818, 0] lib/fault.c:50(fault_report) === [2012/01/18 13:57:06.120827, 0] lib/util.c:1468(smb_panic) PANIC (pid 15750): internal error [2012/01/18 13:57:06.200343, 0] lib/util.c:1572(log_stack_trace) BACKTRACE: 27 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x1a) [0x7fba6a723d2a] #1 /usr/sbin/smbd(smb_panic+0x1f) [0x7fba6a723def] #2 /usr/sbin/smbd(+0x3798ad) [0x7fba6a7138ad] #3 /lib/libc.so.6(+0x321e0) [0x7fba675db1e0] #4 /usr/lib/libgcrypt.so.11(+0x48588) [0x7fba66897588] #5 /usr/lib/libgcrypt.so.11(+0x475ed) [0x7fba668965ed] #6 /usr/lib/libgnutls.so.26(+0x3e187) [0x7fba6712b187] #7 /usr/lib/libgnutls.so.26(+0x3c41c) [0x7fba6712941c] #8 /usr/lib/libgnutls.so.26(gnutls_global_init+0x126) [0x7fba6711ac06] #9 /usr/lib/libcups.so.2(httpInitialize+0x3a) [0x7fba691cc50a] #10 /usr/lib/libcups.so.2(_httpCreate+0x95) [0x7fba691cc5b5] #11 /usr/lib/libcups.so.2(httpConnectEncrypt+0x6) [0x7fba691cc696] #12 /usr/sbin/smbd(+0x350f4a) [0x7fba6a6eaf4a] #13 /usr/sbin/smbd(cups_cache_reload+0x286) [0x7fba6a6edf06] #14 /usr/sbin/smbd(pcap_cache_reload+0x14d) [0x7fba6a6eaa4d] #15 /usr/sbin/smbd(check_reload+0xef) [0x7fba6a5123ef] #16 /usr/sbin/smbd(+0x17849d) [0x7fba6a51249d] #17 /usr/sbin/smbd(+0x178b63) [0x7fba6a512b63] #18 /usr/sbin/smbd(run_events+0xfe) [0x7fba6a733a0e] #19 /usr/sbin/smbd(smbd_process+0x7aa) [0x7fba6a51405a
Bug#639903: slapd-smbk5pwd: do not update shadowLastChange
Package: slapd-smbk5pwd Version: 2.4.23-7.2 Severity: normal This overlay goal is to keep syncronized password data stored in a LDAP tree between samba, unix and kerberos, but it fails to keep updated the shadowLastChange attribute when a password is changed. It works updating sambaPwdLastSet, so it seems that keeping that information is within its goal, but it do not touch shadowLastChange. This means that when used with password aging, an unix password will stay expired also if you have just changed it. There is a patch, written by Mark A. Ziesemer, that allow to make this update. This could also solve the similar problem with libpam-ldapd (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619881) The patch was proposed upstream, received some support by Michael Michael Ströder but then was refused by Howard Chu. Some history here: http://blogger.ziesemer.com/2011/01/ldap-authentication-for-samba.html Reason given is that you should use the nssov overlay, that is not even packaged in Debian, and ppolicy. I'll try to bring back discussion on openldap devel list, but in the meantime all people using the classic shadowAccount objectclass have no working solution, and, if they have to follow Chu intentions, they are forced to do a massive rework of their current tree contents. I reformatted the patch against the overlay source in the current squeeze pakage and I'm attaching it to this message. I tested it in some small installations and it seems to work just fine. I'll try to provide also an updated source package but I'm not too much competent in this area -- System Information: Debian Release: 6.0.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages slapd-smbk5pwd depends on: ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libgcrypt1 1.4.5-2 LGPL Crypto library - runtime libr ii libkadm5sr 1.4.0~git20100726.dfsg.1-1+b1 Libraries for Heimdal Kerberos ii libkrb5-26 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - libraries ii libldap-2. 2.4.23-7.2OpenLDAP libraries ii slapd 2.4.23-7.2OpenLDAP server (slapd) slapd-smbk5pwd recommends no packages. slapd-smbk5pwd suggests no packages. -- no debconf information diff -r -u a/contrib/slapd-modules/README b/contrib/slapd-modules/README --- a/contrib/slapd-modules/README 2010-04-13 22:22:25.0 +0200 +++ b/contrib/slapd-modules/README 2011-08-30 16:17:52.0 +0200 @@ -49,8 +49,8 @@ Proxy Authorization compatibility with obsolete internet-draft. smbk5pwd (overlay) - Make the PasswordModify Extended Operation update Kerberos - keys and Samba password hashes as well as userPassword. + Make the PasswordModify Extended Operation update Kerberos keys, + Samba password hashes, and shadowLastChange, as well as userPassword. trace (overlay) Trace overlay invocation. diff -r -u a/contrib/slapd-modules/smbk5pwd/Makefile b/contrib/slapd-modules/smbk5pwd/Makefile --- a/contrib/slapd-modules/smbk5pwd/Makefile 2011-08-30 16:10:25.0 +0200 +++ b/contrib/slapd-modules/smbk5pwd/Makefile 2011-08-30 16:18:10.0 +0200 @@ -16,8 +16,8 @@ OPT=-g -O2 CC=gcc -# Omit DO_KRB5 or DO_SAMBA if you don't want to support it. -DEFS=-DDO_KRB5 -DDO_SAMBA +# Omit DO_KRB5, DO_SAMBA, or DO_SHADOW if you don't want to support it. +DEFS=-DDO_KRB5 -DDO_SAMBA -DDO_SHADOW HEIMDAL_INC=-I/usr/include SSL_INC= diff -r -u a/contrib/slapd-modules/smbk5pwd/README b/contrib/slapd-modules/smbk5pwd/README --- a/contrib/slapd-modules/smbk5pwd/README 2010-04-13 22:22:30.0 +0200 +++ b/contrib/slapd-modules/smbk5pwd/README 2011-08-30 16:18:37.0 +0200 @@ -1,6 +1,6 @@ This directory contains a slapd overlay, smbk5pwd, that extends the -PasswordModify Extended Operation to update Kerberos keys and Samba -password hashes for an LDAP user. +PasswordModify Extended Operation to update Kerberos keys, Samba +password hashes, and the shadowLastChange attribute for an LDAP user. The Kerberos support is written for Heimdal using its hdb-ldap backend. If a PasswordModify is performed on an entry that has the krb5KDCEntry @@ -17,6 +17,10 @@ objectclass, then the sambaLMPassword, sambaNTPassword, and sambaPwdLastSet attributes will be updated accordingly. +The Shadow support updates the shadowLastChange attribute to the current +date if a PasswordModify is performed on an entry that has the +shadowAccount objectclass. + To use the overlay, add: include path to/krb5-kdc.schema @@ -40,8 +44,8 @@ smbk5pwd-enable module can be used to enable only the desired one(s); legal values for module -are krb5 and samba, if they are respectively enabled by defining -DO_KRB5 and DO_SAMBA. +are krb5, samba, and shadow, if
Bug#619881: libpam-ldapd: shadowLastChange is not updated
I support correcting this bug in the current squeeze package. libpam-ldapd is the suggested replacement for libpam-ldap, but for this bug it cannot considered a replacement at all, it will just give troubles to people using it in a quite normal environment (in Italy provacy regulamentation mandate password expiring in most businness environment). So if this cannot be correct at least give advice of this shortcoming in documentation. Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#626911: /etc/slapd.d are internal slapd data, not configuration files
Package: slapd Version: 2.4.25-1+b1 Severity: normal As said by Howard Chu, OpenLDAP Chief Architect: The directory structure under slapd.d is private/internal to slapd. Forget it is even there. As far as you're concerned, it does not even exist. The only thing you should ever look at is the LDAP DIT, whether returned by slapcat, ldapsearch, or your LDAP GUI browser of choice. (see here: http://www.openldap.org/lists/openldap-technical/201104/msg00271.html) so I putting that in /etc/ldap/ is not correct, they are not configuration files, you should never modify them by hand (as explicetely stated by Chu himself in the same thread). So they should be placed in /var/lib/ldap like any other backend data. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.38-2-686 (SMP w/2 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages slapd depends on: ii adduser 3.112+nmu2 add and remove users and groups ii coreutils 8.5-1 GNU core utilities ii debconf [debconf-2.0] 1.5.39 Debian configuration management sy ii libc6 2.13-4 Embedded GNU C Library: Shared lib ii libdb4.8 4.8.30-8 Berkeley v4.8 Database Libraries [ ii libgcrypt11 1.4.6-5LGPL Crypto library - runtime libr ii libgnutls26 2.10.5-1+b1the GNU TLS library - runtime libr ii libldap-2.4-2 2.4.25-1+b1OpenLDAP libraries ii libltdl7 2.4-2 A system independent dlopen wrappe ii libperl5.12 5.12.3-6 shared Perl library ii libsasl2-22.1.23.dfsg1-8 Cyrus SASL - authentication abstra ii libslp1 1.2.1-7.8 OpenSLP libraries ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-27 Linux Standard Base 3.2 init scrip ii perl [libmime-base64-perl 5.12.3-6 Larry Wall's Practical Extraction ii psmisc22.13-1utilities that use the proc file s ii unixodbc 2.2.14p2-2 ODBC tools libraries Versions of packages slapd recommends: ii libsasl2-modules 2.1.23.dfsg1-8 Cyrus SASL - pluggable authenticat Versions of packages slapd suggests: ii ldap-utils 2.4.25-1+b1 OpenLDAP utilities -- debconf information: shared/organization: fi.trl slapd/upgrade_slapcat_failure: slapd/backend: HDB slapd/allow_ldap_v2: false slapd/no_configuration: false slapd/move_old_database: true slapd/dump_database_destdir: /var/backups/slapd-VERSION slapd/domain: fi.trl slapd/password_mismatch: slapd/invalid_config: true slapd/dump_database: when needed slapd/purge_database: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#551746: broken installation of zoneminder
Package: zoneminder Version: 1.24.2-1 Severity: grave Justification: renders package unusable I just did: # apt-get install zoneminder this the results (sorry for the italian locale) Lettura elenco dei pacchetti... Fatto Generazione albero delle dipendenze Lettura informazioni sullo stato... Fatto I seguenti pacchetti saranno inoltre installati: apache2 apache2-mpm-prefork libapache2-mod-php5 libemail-date-format-perl libmime-lite-perl libmime-types-perl libphp-serialization-perl php5 php5-common php5-mysql php5-suhosin Pacchetti suggeriti: php-pear I seguenti pacchetti NUOVI saranno installati: apache2 apache2-mpm-prefork libapache2-mod-php5 libemail-date-format-perl libmime-lite-perl libmime-types-perl libphp-serialization-perl php5 php5-common php5-mysql php5-suhosin zoneminder 0 aggiornati, 12 installati, 0 da rimuovere e 0 non aggiornati. � necessario scaricare 4712kB di archivi. Dopo quest'operazione, verranno occupati 14,2MB di spazio su disco. Continuare [S/n]? Scaricare:1 http://ftp.it.debian.org sid/main apache2-mpm-prefork 2.2.14-1 [2330B] Scaricare:2 http://ftp.it.debian.org sid/main apache2 2.2.14-1 [1376B] Scaricare:3 http://ftp.it.debian.org sid/main php5-common 5.2.11.dfsg.1-1 [426kB] Scaricare:4 http://ftp.it.debian.org sid/main libapache2-mod-php5 5.2.11.dfsg.1-1 [2490kB] Scaricare:5 http://ftp.it.debian.org sid/main libemail-date-format-perl 1.002-1 [6258B] Scaricare:6 http://ftp.it.debian.org sid/main libmime-lite-perl 3.027-1 [76,3kB] Scaricare:7 http://ftp.it.debian.org sid/main libmime-types-perl 1.28-1 [31,2kB] Scaricare:8 http://ftp.it.debian.org sid/main libphp-serialization-perl 0.33-1 [10,8kB] Scaricare:9 http://ftp.it.debian.org sid/main php5 5.2.11.dfsg.1-1 [1076B] Scaricare:10 http://ftp.it.debian.org sid/main php5-mysql 5.2.11.dfsg.1-1 [64,7kB] Scaricare:11 http://ftp.it.debian.org sid/main php5-suhosin 0.9.29-1 [73,7kB] Scaricare:12 http://ftp.it.debian.org sid/main zoneminder 1.24.2-1 [1528kB] Recuperati 4712kB in 7s (633kB/s) impossibile caricare il database /var/lib/apt/listchanges.db. Selezionato il pacchetto apache2-mpm-prefork. (Lettura del database... 310674 file e directory attualmente installati.) Estrazione di apache2-mpm-prefork (da .../apache2-mpm-prefork_2.2.14-1_i386.deb)... Selezionato il pacchetto apache2. Estrazione di apache2 (da .../apache2_2.2.14-1_i386.deb)... Selezionato il pacchetto php5-common. Estrazione di php5-common (da .../php5-common_5.2.11.dfsg.1-1_i386.deb)... Selezionato il pacchetto libapache2-mod-php5. Estrazione di libapache2-mod-php5 (da .../libapache2-mod-php5_5.2.11.dfsg.1-1_i386.deb)... Selezionato il pacchetto libemail-date-format-perl. Estrazione di libemail-date-format-perl (da .../libemail-date-format-perl_1.002-1_all.deb)... Selezionato il pacchetto libmime-lite-perl. Estrazione di libmime-lite-perl (da .../libmime-lite-perl_3.027-1_all.deb)... Selezionato il pacchetto libmime-types-perl. Estrazione di libmime-types-perl (da .../libmime-types-perl_1.28-1_all.deb)... Selezionato il pacchetto libphp-serialization-perl. Estrazione di libphp-serialization-perl (da .../libphp-serialization-perl_0.33-1_all.deb)... Selezionato il pacchetto php5. Estrazione di php5 (da .../php5_5.2.11.dfsg.1-1_all.deb)... Selezionato il pacchetto php5-mysql. Estrazione di php5-mysql (da .../php5-mysql_5.2.11.dfsg.1-1_i386.deb)... Selezionato il pacchetto php5-suhosin. Estrazione di php5-suhosin (da .../php5-suhosin_0.9.29-1_i386.deb)... Selezionato il pacchetto zoneminder. Estrazione di zoneminder (da .../zoneminder_1.24.2-1_i386.deb)... Elaborazione dei trigger per man-db... Configurazione di apache2-mpm-prefork (2.2.14-1)... Starting web server: apache2. Configurazione di apache2 (2.2.14-1)... Configurazione di php5-common (5.2.11.dfsg.1-1)... Configurazione di libapache2-mod-php5 (5.2.11.dfsg.1-1)... Creating config file /etc/php5/apache2/php.ini with new version Reloading web server config: apache2. Configurazione di libemail-date-format-perl (1.002-1)... Configurazione di libmime-lite-perl (3.027-1)... Configurazione di libmime-types-perl (1.28-1)... Configurazione di libphp-serialization-perl (0.33-1)... Configurazione di php5 (5.2.11.dfsg.1-1)... Configurazione di php5-mysql (5.2.11.dfsg.1-1)... Configurazione di php5-suhosin (0.9.29-1)... Configurazione di zoneminder (1.24.2-1)... Starting ZoneMinder: Can't locate ZoneMinder.pm in @INC (@INC contains: /usr/local/share/perl/5.10.0 /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl) at /usr/bin/zmpkg.pl line 46. BEGIN failed--compilation aborted at /usr/bin/zmpkg.pl line 46. failure invoke-rc.d: initscript zoneminder, action start failed. dpkg: errore nell'elaborare zoneminder (--configure): il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 2 Si sono
Bug#535324: kaddressbook: I want an addressbook client, not a mysql server
Kevin Krammer wrote: On Monday, 2009-07-13, Simone Piccardi wrote: What I do not understand is why a client should be depend on the installation of the corresponding server. It seems to like requiring to install apache to run firefox. Not quite, this is a different kind of server/client relation ship. This is a session runtime service, more like D-Bus clients depending on D-Bus. A part of the runtime infrastructure, essential functionality shared between applications through inter process communication. Probably that was not the right analogy, but... I still cannot think of mysql-server as a session runtime service. But also if akonadi was part of a KDE infrastructure, it should be clear that people can have addressbook (like I do) in an LDAP server. That's one of the supported sources for kaddressbook, so forcing me to use akonadi (and to install mysql for this) just to look in an LDAP directory cannot be a correct choice. Regards Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535324: kaddressbook: I want an addressbook client, not a mysql server
Kevin Krammer wrote: On Wednesday, 2009-07-01, Simone Piccardi wrote: Package: kaddressbook Version: 4:4.2.4-1 Severity: normal Don't know why but installing kaddressbook install also mysql-server. That's absurd because I just need an address book client. MySQL is currently a dependeny of the Akonadi server, which KAddressbook indirectly depends on through the Akonadi based addressbook plugin. That's the problem, then... What I do not understand is why a client should be depend on the installation of the corresponding server. It seems to like requiring to install apache to run firefox. Kaddressbook was (what is now in not so clear) a client giving a graphical interface to some address book management technologies. It still connect to an LDAP server (that's my use case) without requiring to install slapd. So I cannot understand why the dependency on the akonadi plugin is forced on all of us. It should be possible to put this in a separate package, avoiding it if the user dos'nt need that. Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535324: kaddressbook: I want an addressbook client, not a mysql server
Package: kaddressbook Version: 4:4.2.4-1 Severity: normal Don't know why but installing kaddressbook install also mysql-server. That's absurd because I just need an address book client. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/2 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages kaddressbook depends on: ii akonadi-server 1.1.2-1+b1 Akonadi PIM storage service ii kdebase-runtime 4:4.2.4-1runtime components from the offici ii kdelibs54:4.2.4-1core libraries for all KDE 4 appli ii kdepimlibs5 4:4.2.4-1core libraries for KDE PIM 4 appli ii libc6 2.9-18 GNU C Library: Shared libraries ii libgnokii4 0.6.27.dfsg-2+b1 Gnokii mobile phone interface libr ii libkabcommon4 4:4.2.4-1KDE PIM common addressbook library ii libkdepim4 4:4.2.4-1KDE PIM library ii libkleo44:4.2.4-1certificate based crypto library f ii libkontactinterfaces4 4:4.2.4-1KDE Kontact interface library ii libphonon4 4:4.3.1-1Phonon multimedia framework for Qt ii libqt4-dbus 4.5.1-2 Qt 4 D-Bus module ii libqt4-qt3support 4.5.1-2 Qt 3 compatibility library for Qt ii libqt4-xml 4.5.1-2 Qt 4 XML module ii libqtcore4 4.5.1-2 Qt 4 core module ii libqtgui4 4.5.1-2 Qt 4 GUI module ii libstdc++6 4.4.0-10 The GNU Standard C++ Library v3 ii phonon 4:4.3.1-1metapackage for Phonon multimedia kaddressbook recommends no packages. Versions of packages kaddressbook suggests: pn kdepim-kresources none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#478883: ldap-utils: ldapsearch -x from sid fail
Package: ldap-utils Version: 2.4.15-1.1 Severity: normal I have the following configuration for ldap client: BASEdc=truelite,dc=it URI ldaps://ldap.fi.trl #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never tls_checkpeer no TLS_CACERT /etc/ssl/certs/Truelite-cacert.pem and similar for libnss-ldap.conf and pam_ldap.conf, but while NSS and PAM are working using ldapsearch I got: picca...@ellington:~$ ldapsearch -d 1 -x ldap_create ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP ldap.fi.trl:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 192.168.1.2:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: peer cert untrusted or revoked (0x102) TLS: can't connect: (unknown error code). ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) configuration on the server did not change for a while and for TLS is: TLSCertificateFile /etc/ssl/certs/ldap.fi.trl-cert.pem TLSCertificateKeyFile /etc/ssl/private/ldap.fi.trl-key.pem TLSCipherSuite HIGH TLSCACertificateFile/etc/ssl/certs/Truelite-cacert.pem running the server in debug mode I got: [...] slapd starting slap_listener(ldaps:///)ldap_pvt_gethostbyname_a: host=davis, r=0 connection_get(12): got connid=0 connection_read(12): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write server done A TLS trace: SSL_accept:SSLv3 flush data TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A connection_get(12): got connid=0 connection_read(12): checking for input on id=0 TLS trace: SSL_accept:SSLv3 read client key exchange A TLS trace: SSL_accept:SSLv3 read finished A TLS trace: SSL_accept:SSLv3 write change cipher spec A TLS trace: SSL_accept:SSLv3 write finished A TLS trace: SSL_accept:SSLv3 flush data connection_read(12): unable to get TLS client DN, error=49 id=0 connection_get(12): got connid=0 connection_read(12): checking for input on id=0 ber_get_next ber_get_next on fd 12 failed errno=0 (Success) connection_closing: readying conn=0 sd=12 for close connection_close: conn=0 sd=12 TLS trace: SSL3 alert write:warning:close notify I tryed to check the certificates and using openssl I got: ellington:/home/piccardi# openssl s_client -connect ldap.fi.trl:636 -CAfile /etc/ssl/certs/New-Truelite-cacert.pem CONNECTED(0003) depth=1 /C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=Truelite Srl CA/emailaddress=i...@truelite.it verify return:1 depth=0 /C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=ldap.fi.trl/emailaddress=sist...@truelite.it verify return:1 --- Certificate chain 0 s:/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=ldap.fi.trl/emailaddress=sist...@truelite.it i:/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=Truelite Srl CA/emailaddress=i...@truelite.it 1 s:/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=Truelite Srl CA/emailaddress=i...@truelite.it i:/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=Truelite Srl CA/emailaddress=i...@truelite.it --- Server certificate -BEGIN CERTIFICATE- [...] -END CERTIFICATE- subject=/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=ldap.fi.trl/emailaddress=sist...@truelite.it issuer=/C=IT/ST=FI/L=Firenze/O=Truelite Srl/OU=Certification Authority/CN=Truelite Srl CA/emailaddress=i...@truelite.it --- No client certificate CA names sent --- SSL handshake has read 3578 bytes and written 316 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher: AES256-SHA Session-ID: 716BE0C7C993AC4F72CD2D02A57718AF8D2E55FC62356AD00BB8FF17265F4814 Session-ID-ctx: Master-Key: D32B76AB62025227C6B3B8F210A7A544E10CD233056B59563DD2F3CBB07B94679315CDD9E9B3E88CFEC36DABEDF09930 Key-Arg : None Start Time: 1244471759 Timeout : 300 (sec) Verify return code: 0 (ok) --- while checking with gnutls-cli I got: ellington:/home/piccardi# gnutls-cli -d 3 --x509cafile /etc/ssl/certs/New-Truelite-cacert.pem -p 636 ldap.fi.trl Processed 1 CA certificate(s). Resolving 'ldap.fi.trl'... Connecting to '192.168.1.2:636'... |3| HSK[9d4a140]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 |3| HSK[9d4a140]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 |3| HSK[9d4a140]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 |3| HSK[9d4a140]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 |3| HSK[9d4a140]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 |3| HSK[9d4a140]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |3| HSK[9d4a140]: Keeping
Bug#478883: [Pkg-openldap-devel] Bug#478883: ldap-utils: ldapsearch -x from sid fail
Matt Kassawara wrote: Did you upgrade from an older version of OpenLDAP built against OpenSSL? Did you generate your certificates with OpenSSL or GnuTLS? The certificates where generated using tinyca2, under sid, the request is about 3 year old, the certificate was just renewed this morning. Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#478883: [Pkg-openldap-devel] Bug#478883: ldap-utils: ldapsearch -x from sid fail
Matt Kassawara wrote: Did you recently upgrade OpenLDAP? In both client and server side I'm just doing the ordinary updates near every week. Don't remember when last upgrade was done. The problem arised today, after renewing the certificate that was expired. Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#478883: ldap-utils: ldapsearch -x from sid fail
Michael Kiefer wrote: On Maandag 08 Juni 2009 16:43:17 Simone Piccardi wrote: Package: ldap-utils Version: 2.4.15-1.1 Severity: normal ... so it seems something related to gnutls. For me it was a misconfiguration. I think I was able to cure it by setting olcTLSVerifyClient: never Michael Sorry, but this is not working. Nothing change using TLSVerifyClient 0 TLSVerifyClient 1 TLSVerifyClient never in slapd.conf Simone -- Simone Piccardi Truelite Srl picca...@truelite.it (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#334681: unixodbc-dev: need to add 29.8MB just to compile a program
Package: unixodbc-dev Version: 2.2.11-13 Followup-For: Bug #334681 Installing unixodbc-dev on a etch server to compile a program caused an 11MB download and a 29.8M disk space occupation because it wanted to install completely unrelated packages like: ttf-dejavu libaudio2 fontconfig-config x11-common. Cannot see any good reason to install all these just to compile a program on a server. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#492060: pidentd: please do not install on a base system
Package: pidentd Version: 3.0.19.ds1-1 Severity: wishlist Do not know if this is the right place where to report this, I hope so. I cannot see any reason why pidentd is installed and activated after a base system installation. It expose a port to internet for a commonly unused service, potentially disclosing sensitive information. It also cause inetd to be started. If you need it you can install it manually. A not running service cannot be exploited. I do not understand why this is always installed, and I propose to remove it from base system installation. Regards -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#334681: unixodbc-dev: need to add 29.8MB just to compile a program
Steve Langasek ha scritto: On Wed, Jul 23, 2008 at 05:24:50PM +0200, Simone Piccardi wrote: Package: unixodbc-dev Version: 2.2.11-13 Followup-For: Bug #334681 Installing unixodbc-dev on a etch server to compile a program caused an 11MB download and a 29.8M disk space occupation because it wanted to install completely unrelated packages like: ttf-dejavu libaudio2 fontconfig-config x11-common. Cannot see any good reason to install all these just to compile a program on a server. shrug then don't do your compiles on your server? I'll stop when there will be a stable and mantained debian packages for all the software I need. Until then I'll be forced, like many other people, to compile what I need from sources. And this this did not answer the question of why something like a truetype font or an audio library is needed to compile a database interface library. Regards -- Simone Piccardi - KeyID:2A972F9D - JabberID:[EMAIL PROTECTED] Prima ti ignorano, poi ti deridono, poi ti combattono. Poi vinci. M. K. Ghandi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#450843: pure-ftpd-ldap: Need to read privileged userPassword attribute
Package: pure-ftpd-ldap Version: 1.0.21-8 Severity: minor The pure-ftpd LDAP support need to read the userPassword attribute of an user to give it access. This is the wrong way to do this, because reading that attribute for all users need a privileged access to the LDAP database. From what I see starting slapd in debug mode pure-ftpd ask for the userPassword attribute, and because I have an error if I do anonimous binding and it's working if I use the LDAP admin user, I suppose that pure-ftpd is checking the password on its own, using the value of userPassword. This is bad for two reason: you need to give privileged access and the password must be in a format recognised by pure-ftpd. The standard way to authenticate an user using LDAP is to do a bind with that user. This way the server does the authentication, you don't need a priveleged access, and you don't need to do any check. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (990, 'stable'), (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.21-2-686 Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Versions of packages pure-ftpd-ldap depends on: ii libc62.6.1-1+b1 GNU C Library: Shared libraries ii libcap1 1:1.10-14 support for getting/setting POSIX. ii libldap2 2.1.30-13.3 OpenLDAP libraries ii libpam0g 0.79-4 Pluggable Authentication Modules l ii libssl0.9.8 0.9.8c-4SSL shared libraries ii pure-ftpd-common 1.0.21-8Pure-FTPd FTP server (Common Files pure-ftpd-ldap recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#447626: virtualbox-ose: segfault on registration form
Package: virtualbox-ose Version: 1.5.2-dfsg-2 Severity: important I installed virtualbox-ose, compiled the source and installed the module. But when I launched it for the first time it give on the terminal: [EMAIL PROTECTED]:~$ virtualbox Qt WARNING: QSettings::sync: filename is null/empty and it starts opening a registration form. After filling the form and clicking on the confirm button, I got a Segmentation fault. If I close the registration form from the window manager the program continue to run and I can setup a virtual machine, but you have to figure out that to have it working ... -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages virtualbox-ose depends on: ii adduser 3.105 add and remove users and groups ii libc6 2.6.1-6GNU C Library: Shared libraries ii libgcc1 1:4.2.2-3 GCC support library ii libgl1-mesa-glx [libgl1] 7.0.1-2A free implementation of the OpenG ii libglib2.0-0 2.14.2-1 The GLib library of C routines ii libidl0 0.8.8-0.1 library for parsing CORBA IDL file ii libqt3-mt 3:3.3.7-9 Qt GUI Library (Threaded runtime v ii libsdl1.2debian 1.2.12-1 Simple DirectMedia Layer ii libstdc++64.2.2-3The GNU Standard C++ Library v3 ii libx11-6 2:1.0.3-7 X11 client-side library ii libxalan110 1.10-3.1 Provides XSLT support for applicat ii libxcursor1 1:1.1.9-1 X cursor management library ii libxerces27 2.7.0-4validating XML parser library for ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxt61:1.0.5-3 X11 toolkit intrinsics library Versions of packages virtualbox-ose recommends: ii virtualbox-ose-mod 1.5.2-dfsg-2+2.6.22-4 VirtualBox modules for Linux (kern ii virtualbox-ose-sou 1.5.2-dfsg-2 Source for the VirtualBox module -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#443073: Compile contrib slapd-module /smbk5pwd
Package: slapd Version: 2.3.30-5 Severity: wishlist The official openldap distribution ship a very useful module in the contrib directory. The module is smbk5pwd that allow to change the samba (and Kerberos) password attribute when a password change command is given trough LDAP. In this way you can safely change a password using the unix tools (if you configured pam_ldap) and have it propagated to the samba attributes. This module is present in the source package but is not compiled; it should be very useful if it can compiled and present in the next version of the package. To compile it on a Debian system you can find useful this link: http://student.physik.uni-mainz.de/~reiffert/smbk5pwd.html -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages slapd depends on: ii adduser3.102 Add and remove users and groups ii coreutils 5.97-5.3 The GNU core utilities ii debconf [debconf-2.0] 1.5.11Debian configuration management sy ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries ii libdb4.2 4.2.52+dfsg-2 Berkeley v4.2 Database Libraries [ ii libiodbc2 3.52.4-5 iODBC Driver Manager ii libldap-2.3-0 2.3.30-5 OpenLDAP libraries ii libltdl3 1.5.22-4 A system independent dlopen wrappe ii libperl5.8 5.8.8-7 Shared Perl library ii libsasl2-2 2.1.22.dfsg1-8Authentication abstraction library ii libslp11.2.1-6.2 OpenSLP libraries ii libssl0.9.80.9.8c-4 SSL shared libraries ii libwrap0 7.6.dbs-13Wietse Venema's TCP wrappers libra ii perl [libmime-base64-p 5.8.8-7 Larry Wall's Practical Extraction ii psmisc 22.3-1Utilities that use the proc filesy Versions of packages slapd recommends: ii libsasl2-modules 2.1.22.dfsg1-8 Pluggable Authentication Modules f -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#426413: icedove: Trust junk mail headers not working
Package: icedove Version: 2.0.0.0-3 Severity: normal After an upgrade to vresione 2.0 the option Trust junk mail headers do not work anymore. When trying to setup junk setting in the account setting, in the option Trust junk mail headers set by: is not working, the sliding menu is blocked, and messages tagged as spam from Spamassassin are not recognized. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages icedove depends on: ii debianutils 2.19 Miscellaneous utilities specific t ii fontconfig 2.4.2-1.2generic font configuration library ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit ii libc6 2.5-9GNU C Library: Shared libraries ii libcairo2 1.4.6-1 The Cairo 2D vector graphics libra ii libfontconfig1 2.4.2-1.2generic font configuration library ii libfreetype62.2.1-6 FreeType 2 font engine, shared lib ii libgcc1 1:4.2-20070525-1 GCC support library ii libglib2.0-02.12.12-1The GLib library of C routines ii libgtk2.0-0 2.10.12-2The GTK+ graphical user interface ii libjpeg62 6b-13The Independent JPEG Group's JPEG ii libnspr4-0d 4.6.6-3 NetScape Portable Runtime Library ii libnss3-0d 3.11.5-3 Network Security Service libraries ii libpango1.0-0 1.16.4-1 Layout and rendering of internatio ii libpng12-0 1.2.15~beta5-2 PNG library - runtime ii libstdc++6 4.2-20070525-1 The GNU Standard C++ Library v3 ii libx11-62:1.0.3-7X11 client-side library ii libxcursor1 1:1.1.8-2X cursor management library ii libxext61:1.0.3-2X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2X11 miscellaneous 'fixes' extensio ii libxft2 2.1.12-2 FreeType-based font drawing librar ii libxi6 1:1.0.1-4X11 Input extension library ii libxinerama11:1.0.2-1X11 Xinerama extension library ii libxrandr2 2:1.2.1-1X11 RandR extension library ii libxrender1 1:0.9.2-1X Rendering Extension client libra ii libxt6 1:1.0.5-3X11 toolkit intrinsics library ii psmisc 22.5-1 Utilities that use the proc filesy ii zlib1g 1:1.2.3-15 compression library - runtime icedove recommends no packages. -- debconf information: * icedove/browser: GNOME -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#419117: asterisk-web-vmail: Dont work with etch standard installation
Package: asterisk-web-vmail Version: 1:1.2.13~dfsg-2 Severity: grave Justification: renders package unusable Permission for /etc/asterisk directory are: drwxrwx--- 2 asterisk asterisk 4096 2007-04-14 02:24 /etc/asterisk/ and for /etc/asterisk/voicemail.conf are -rw-rw 1 asterisk asterisk 1655 2007-04-12 03:56 /etc/asterisk/voicemail.conf so I get an error (permission denied on the file) every time I use the vmail.cgi installed by this package. Best Regards -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages asterisk-web-vmail depends on: ii apache2-mpm-worker [httpd-cgi 2.2.3-4High speed threaded model for Apac ii libapache-dbi-perl1.04-0.1 Connect apache server to database ii libdbi-perl 1.53-1 Perl5 database interface by Tim Bu Versions of packages asterisk-web-vmail recommends: ii asterisk 1:1.2.13~dfsg-2 Open Source Private Branch Exchang -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#404218: courier-imap: config in /etc/pam.d do not include common-*
Package: courier-imap Version: 4.1.1.20060828-2 Severity: important The file /etc/pam.d/imap installed by courier-imap do not include the common-* files. So if you have LDAP account on a server they will not be found. Please just add the inclusion as for the other generic packages. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages courier-imap depends on: ii courier-authlib 0.58-5 Courier authentication library ii courier-base 0.53.3-2Courier Mail Server - Base system ii libc62.3.6.ds1-9 GNU C Library: Shared libraries ii libgamin0 [libfam0] 0.1.8-1 Client library for the gamin file ii libgdbm3 1.8.3-3 GNU dbm database routines (runtime ii postfix [mail-transport-agen 2.3.5-3 A high-performance mail transport courier-imap recommends no packages. -- debconf information: courier-imap/moveconfig: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#404109: smbldap-tools: Not updating shadowLastChange on password change
Package: smbldap-tools Version: 0.9.2-3 Severity: important If you change an user password using smbldap-passwd the shadowLastChange attribute is not updated, so if you have password aging active authentication will suddenly stop to work, and in a not so easy to detect way. The following patch should solve the problem: --- smbldap-passwd 2006-11-11 01:01:17.0 + +++ /usr/sbin/smbldap-passwd2006-11-11 01:49:55.0 + @@ -237,1 +237,1 @@ } # Update 'userPassword' field +# and 'shadowLastChange' + +my $date2=time; +$date2=int($date2/86400); my $modify = $ldap_master-modify ( $dn, changes = [ - replace = [userPassword = $hash_password] + replace = [userPassword = $hash_password], + replace = [shadowLastChange = $date2] ] ); $modify-code warn Unable to change password : , $modify-error ; -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages smbldap-tools depends on: ii libcrypt-smbhash-perl 0.12-1 generate LM/NT hash of a password ii libdigest-sha1-perl 2.11-2 NIST SHA-1 message digest algorith ii libio-socket-ssl-perl 1.01-1 Perl module implementing object or ii libnet-ldap-perl 1:0.33-2 A Client interface to LDAP servers ii libunicode-maputf8-perl 1.11-2 Perl module for conversing between ii perl 5.8.8-7Larry Wall's Practical Extraction smbldap-tools recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#400602: Gaim crash on startup if gaim-otr is installed
Package: gaim-otr Severity: grave Justification: renders package unusable Installing gaim-otr make gaim crash on startup. It appears a grey windows with only title readable (saying Gstreamer failure), then the gaim buddy list appears in a flash and gaim crash. If I install gaim-otr when gaim is running it works fine. But if I exit from gaim and restart I get the error. Launching gaim -d gives me this output: [EMAIL PROTECTED]:~$ gaim -d dbus: okkk plugins: probing /usr/lib/gaim/s.so plugins: /usr/lib/gaim/s.so is not loadable: undefined symbol: gg_blist_show plugins: /usr/lib/gaim/s.so is not usable because the 'gaim_init_plugin' symbol could not be found. Does the plugin call the GAIM_INIT_PLUGIN() macro? plugins: probing /usr/lib/gaim/libnovell.so plugins: probing /usr/lib/gaim/libirc.so plugins: probing /usr/lib/gaim/libmsn.so plugins: probing /usr/lib/gaim/libbonjour.so plugins: probing /usr/lib/gaim/timestamp.so plugins: probing /usr/lib/gaim/libzephyr.so plugins: /usr/lib/gaim/libzephyr.so is not loadable: libzephyr.so.3: cannot open shared object file: No such file or directory plugins: probing /usr/lib/gaim/libsimple.so plugins: probing /usr/lib/gaim/gnthistory.so plugins: /usr/lib/gaim/gnthistory.so is not loadable: The UI requirement is not met. plugins: probing /usr/lib/gaim/gevolution.so plugins: probing /usr/lib/gaim/statenotify.so plugins: probing /usr/lib/gaim/libyahoo.so plugins: probing /usr/lib/gaim/psychic.so plugins: probing /usr/lib/gaim/ssl-gnutls.so plugins: probing /usr/lib/gaim/notify.so plugins: probing /usr/lib/gaim/gestures.so plugins: probing /usr/lib/gaim/ssl-nss.so plugins: probing /usr/lib/gaim/libjabber.so plugins: probing /usr/lib/gaim/timestamp_format.so plugins: probing /usr/lib/gaim/iconaway.so plugins: probing /usr/lib/gaim/history.so plugins: probing /usr/lib/gaim/spellchk.so plugins: probing /usr/lib/gaim/libsametime.so plugins: /usr/lib/gaim/libsametime.so has a prefs_info, but is a prpl. This is no longer supported. plugins: probing /usr/lib/gaim/gaimrc.so plugins: probing /usr/lib/gaim/gntlastlog.so plugins: /usr/lib/gaim/gntlastlog.so is not loadable: undefined symbol: cur_termplugins: probing /usr/lib/gaim/log_reader.so plugins: probing /usr/lib/gaim/tcl.so plugins: probing /usr/lib/gaim/ssl.so plugins: probing /usr/lib/gaim/musicmessaging.so plugins: probing /usr/lib/gaim/liboscar.so plugins: probing /usr/lib/gaim/extplacement.so plugins: probing /usr/lib/gaim/idle.so plugins: probing /usr/lib/gaim/gntgf.so plugins: /usr/lib/gaim/gntgf.so is not loadable: The UI requirement is not met. plugins: probing /usr/lib/gaim/perl.so plugins: probing /usr/lib/gaim/libgg.so plugins: probing /usr/lib/gaim/gaim-otr.so plugins: probing /usr/lib/gaim/libqq.so plugins: probing /usr/lib/gaim/ticker.so plugins: probing /usr/lib/gaim/dbus-example.so util: Reading file accounts.xml from directory /home/piccardi/.gaim util: Reading file status.xml from directory /home/piccardi/.gaim stun: using server stun: using server sound: Initializing sound output drivers. util: Reading file blist.xml from directory /home/piccardi/.gaim prefs: Reading /home/piccardi/.gaim/prefs.xml prefs: Finished reading /home/piccardi/.gaim/prefs.xml plugins: Loading saved plugin /usr/lib/gaim/ssl-gnutls.so plugins: Loading saved plugin /usr/lib/gaim/gaim-otr.so plugins: Loading saved plugin /usr/lib/gaim/ssl.so gtkblist: added visibility manager: 1 docklet: created pounce: Error reading pounces: Failed to open file '/home/piccardi/.gaim/pounces.xml': No such file or directory Session Management: ICE initialized. Session Management: Connecting with no previous ID Session Management: Handling new ICE connection... done. Session Management: Connected to manager (GnomeSM) with client ID 11c0a8017800011646398900025480192 Session Management: Using gaim as command gtkspell: Failed to setup GtkSpell: aspell: No word lists can be found for the language en_US. dbus: Need to register an object with the dbus subsystem. g_log: file ../../libgaim/dbus-server.c: line 118 (gaim_dbus_pointer_to_id): should not be reached account: Connecting to account [EMAIL PROTECTED]/Gaim connection: Connecting. gc = 0x85002f8 dnssrv: querying SRV record for _xmpp-client._tcp.jabber.linux.it account: Connecting to account [EMAIL PROTECTED] connection: Connecting. gc = 0x8501610 dns: DNS query for 'irc.freenode.net' queued account: Connecting to account [EMAIL PROTECTED]/Gaim connection: Connecting. gc = 0x8501780 dns: DNS query for 'dodds.truelite.it' queued account: Connecting to account [EMAIL PROTECTED]/Gaim connection: Connecting. gc = 0x8501648 dns: DNS query for 'im.fuss.bz.it' queued Session Management: Received first save_yourself dns: Created new DNS child 30398, there are now 1 children. dns: DNS child 30398 not responding. Killing it! dnsquery: Unable to send request to resolver process proxy: Connection attempt failed: Unable to send request to resolver process dns: Created new DNS child 30399, there are
Bug#398317: trac: upgrade broke package
Package: trac Version: 0.8.1-3sarge5 Followup-For: Bug #398317 I'm getting internal error: 'module' object has no attribute 'quote_cookie_value' the only way to have it working is to downgrade to previuos version with: dpkg -i trac_0.8.1-3sarge5_all.deb (I was lucky having it in /var/cache/apt/archive). -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-3-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages trac depends on: ii python2.3.5-2An interactive high-level object-o ii python-clearsilver0.9.13-3.2 python bindings for clearsilver ii python-sqlite 1.0.1-2python interface to SQLite ii python2.3-subversion 1.1.4-2python modules for interfacing wit ii subversion1.1.4-2advanced version control system (a -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389998: lat: Username should be Distinguished Name (or DN)
Eric Dorland ha scritto: I disagree. Some LDAP implementations allow a plain username (Active Directory) springs to mind. Plus, the fact that it's in format of a DN doesn't make it any less a username. Yes, just some. But all use DN (it's the protocol). So you're justifying a choice on the features of some implementations instead of the standard ones. And all other programs I know are dealing with this (starting from evolution contacts) using Bind DN. LAT is also supposed to be an admin tool, so for people supposed to know a little more than end users. The fact that some implementations can take an username and map it to a DN, cannot be confused; in LDAP a thing like username in format of a DN is a nonsense. LDAP knows only DN; some of them can be used to identify users; they contains an attribute for the username, but they aren't an username on a format of a DN. So if you want to stay on your choice because you think that is better from an usability point of view, just do it. But please use usability arguments, I'll probably still disagree, but at least they will not spread confusing ideas about LDAP. Simone -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390843: bind9: Reinstall init script on upgrade
Package: bind9 Version: 1:9.2.4-1sarge1 Severity: important Following an upgrade it reinstall the links on the /etc/rcN.d/ directories also when they were removed (and restart the daemon too). That's not correct, if I removed them it is meaning that I do not want that bind is started at boot. It should do the link installation only on the first install. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-3-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages bind9 depends on: ii adduser 3.63 Add and remove users and groups ii libc6 2.3.2.ds1-22sarge4 GNU C Library: Shared libraries an ii libdns16 1:9.2.4-1sarge1DNS Shared Library used by BIND ii libisc7 1:9.2.4-1sarge1ISC Shared Library used by BIND ii libisccc0 1:9.2.4-1sarge1Command Channel Library used by BI ii libisccfg01:9.2.4-1sarge1Config File Handling Library used ii liblwres1 1:9.2.4-1sarge1Lightweight Resolver Library used ii libssl0.9.7 0.9.7e-3sarge4 SSL shared libraries ii netbase 4.21 Basic TCP/IP networking system -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390849: bind9: Start bind on upgrade
Package: bind9 Version: 1:9.2.4-1sarge1 Severity: normal The postinst script restarts bind on upgrade, whitout checkig if it's running. So if you stopped it (for example because you are on the stand by node of a cluster) it will start causing troubles. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-3-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages bind9 depends on: ii adduser 3.63 Add and remove users and groups ii libc6 2.3.2.ds1-22sarge4 GNU C Library: Shared libraries an ii libdns16 1:9.2.4-1sarge1DNS Shared Library used by BIND ii libisc7 1:9.2.4-1sarge1ISC Shared Library used by BIND ii libisccc0 1:9.2.4-1sarge1Command Channel Library used by BI ii libisccfg01:9.2.4-1sarge1Config File Handling Library used ii liblwres1 1:9.2.4-1sarge1Lightweight Resolver Library used ii libssl0.9.7 0.9.7e-3sarge4 SSL shared libraries ii netbase 4.21 Basic TCP/IP networking system -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389998: lat: Username should be Distinguished Name (or DN)
Package: lat Version: 1.0.7-1 Severity: minor In the quick connect or in the profile editor window, when showing more options, the Distinguished Name of the user you want to connect to LDAP is marked as Username. Don't know if this is a result of some semplification attempt, but putting this way is just misleading. If you know that must write some complex Username like: cn=admin,dc=example,dc=com you'll probably also know that this is a DN, also because is so called in every other application. So asking for an username could bring you to the doubt that you should put admin instead ... -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages lat depends on: ii libgconf2.0-cil 2.8.3-1CLI binding for GConf 2.12 ii libglade2.0-cil 2.8.3-1CLI binding for the Glade librarie ii libglib2.0-0 2.12.3-2 The GLib library of C routines ii libglib2.0-cil2.8.3-1CLI binding for the GLib utility l ii libgnome-keyring0 0.4.9-1GNOME keyring services library ii libgnome2.0-cil 2.8.3-1CLI binding for GNOME 2.12 ii libgtk2.0-cil 2.8.3-1CLI binding for the GTK+ toolkit 2 ii libmono-corlib1.0-cil 1.1.17.1-4 Mono core library (1.0) ii libmono-ldap1.0-cil 1.1.17.1-4 Mono LDAP library ii libmono-security1.0-cil 1.1.17.1-4 Mono Security library ii libmono-system1.0-cil 1.1.17.1-4 Mono System libraries (1.0) ii libmono1.0-cil1.1.17.1-4 Mono libraries (1.0) ii mono-runtime 1.1.17.1-4 Mono runtime lat recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389997: lat: Do not have a default connection
Package: lat Version: 1.0.7-1 Severity: minor When I launch lat it went to a quick connect tab, but is not quick at all because I have to put in it all the configuration parameter each time I launch it. To avoid this I have first to create a profile, then when I launch the program I'm forced to go to the profiles tab, click on the chosen profile, and then click to connect. Three click instead of the one it shoud be. Not the best terms in usability. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages lat depends on: ii libgconf2.0-cil 2.8.3-1CLI binding for GConf 2.12 ii libglade2.0-cil 2.8.3-1CLI binding for the Glade librarie ii libglib2.0-0 2.12.3-2 The GLib library of C routines ii libglib2.0-cil2.8.3-1CLI binding for the GLib utility l ii libgnome-keyring0 0.4.9-1GNOME keyring services library ii libgnome2.0-cil 2.8.3-1CLI binding for GNOME 2.12 ii libgtk2.0-cil 2.8.3-1CLI binding for the GTK+ toolkit 2 ii libmono-corlib1.0-cil 1.1.17.1-4 Mono core library (1.0) ii libmono-ldap1.0-cil 1.1.17.1-4 Mono LDAP library ii libmono-security1.0-cil 1.1.17.1-4 Mono Security library ii libmono-system1.0-cil 1.1.17.1-4 Mono System libraries (1.0) ii libmono1.0-cil1.1.17.1-4 Mono libraries (1.0) ii mono-runtime 1.1.17.1-4 Mono runtime lat recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390002: lat: Creating a new user require creating the primary group before
Package: lat Version: 1.0.7-1 Severity: minor When creating a new user you cannot create at the same time a primary group with the same name, you can only choose from the already defined groups. So you have to create first the primary group and then the user, not the easiest way to do the operation. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages lat depends on: ii libgconf2.0-cil 2.8.3-1CLI binding for GConf 2.12 ii libglade2.0-cil 2.8.3-1CLI binding for the Glade librarie ii libglib2.0-0 2.12.3-2 The GLib library of C routines ii libglib2.0-cil2.8.3-1CLI binding for the GLib utility l ii libgnome-keyring0 0.4.9-1GNOME keyring services library ii libgnome2.0-cil 2.8.3-1CLI binding for GNOME 2.12 ii libgtk2.0-cil 2.8.3-1CLI binding for the GTK+ toolkit 2 ii libmono-corlib1.0-cil 1.1.17.1-4 Mono core library (1.0) ii libmono-ldap1.0-cil 1.1.17.1-4 Mono LDAP library ii libmono-security1.0-cil 1.1.17.1-4 Mono Security library ii libmono-system1.0-cil 1.1.17.1-4 Mono System libraries (1.0) ii libmono1.0-cil1.1.17.1-4 Mono libraries (1.0) ii mono-runtime 1.1.17.1-4 Mono runtime lat recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390011: luma: Adding a new user require to create a new group before
Package: luma Version: 2.3-1.1 Severity: wishlist When creating a new user there a text area for input a name of the primary group, but is not writable, and you have to use the selection button. So first you have to create the group and then the user. It would be nice to have a way to input a group name (defaulting to the user name) that will create it automatically, as done by the CLI tools. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages luma depends on: ii python2.4.3-11 An interactive high-level object-o ii python-ldap 2.2.0-3An LDAP interface module for Pytho ii python-qt33.16-1.2 Qt3 bindings for Python ii python-support0.5.2 automated rebuilding support for p luma recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#376868: dpkg-dev: dpkg-parsechangelog fails with a signal 13 on tail
Nicolas François wrote: Hello, On Thu, Jul 06, 2006 at 03:58:53PM +0200, Simone Piccardi wrote: Nicolas François wrote: Does cat debian/changelog | tail -n 40 works nicely? Yes, fine, [...] Then, does: perl -e 'open(STDIN, debian/changelog) || die error1; open(P,tail -n 40 |) || die error2; while(P) { } close(P); print status: $?\n' works too? Sorry for beeing late. These the results: [EMAIL PROTECTED]:~/Devel/packages/truelite-firewall$ perl -e 'open(STDIN, debian/changelog) || die error1; open(P,tail -n 40 |) || die error2; while(P) { } close(P); print status: $?\n' status: 0 [EMAIL PROTECTED]:~/Devel/packages/truelite-firewall$ [EMAIL PROTECTED]:~/Devel/packages/truelite-firewall$ dpkg-parsechangelog dpkg-parsechangelog: failure: tail of debian/changelog died from signal 13 Also, your bug report looks like http://bugs.debian.org/338863 Do you have strange messages in /var/log/messages, or are you using fakeroot? But I'm getting signal 13, that's SIGPIPE, quite different from a segment violation. I looked in the log files, also while making dpkg-parsechangelog, but nothing arises. Regards Simone -- Simone Piccardi Truelite Srl [EMAIL PROTECTED] (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736
Bug#376868: dpkg-dev: dpkg-parsechangelog fails with a signal 13 on tail
Nicolas François wrote: I can't reproduce this build failure (with the same dpkg-dev and the same dependencies) I did some more check, and the problem arises only when giving the command as normal user. If I use it as root no problem. But I do not understand why I have to be root to build a package, it worked fine (and it works fine on sarge) as a normal user until some days ago. Can you confirm that dpkg-parsechangelog fails with the changelog of the cappucino (0.4-2.1) package in Debian? Yes, it happens also with cappuccino, if I call it as normal user. But when I redo the check in a different machine (I already had the source on the previuos one) I found that also apt-source cappuccino does'nt work also as normal user, giving: [EMAIL PROTECTED]:~$ apt-get source cappuccino Reading package lists... Done Building dependency tree... Done Need to get 62.6kB of source archives. Get:1 http://ftp.it.debian.org unstable/main cappuccino 0.4-2.1 (dsc) [605B] Get:2 http://ftp.it.debian.org unstable/main cappuccino 0.4-2.1 (tar) [39.3kB] Get:3 http://ftp.it.debian.org unstable/main cappuccino 0.4-2.1 (diff) [22.7kB] Fetched 62.6kB in 0s (4958kB/s) dpkg-source: failure: md5sum cappuccino_0.4.orig.tar.gz died from signal 13 Unpack command 'dpkg-source -x cappuccino_0.4-2.1.dsc' failed. Check if the 'dpkg-dev' package is installed. E: Child process failed and I had to get the source as root. Can you also provide a full log? It's just: [EMAIL PROTECTED]:~/cappuccino-0.4$ dpkg-parsechangelog dpkg-parsechangelog: failure: tail of debian/changelog died from signal 13 Does cat debian/changelog | tail -n 40 works nicely? Yes, fine, and it gives: * New upstream release (Closes: #105715) -- Christian Surchi [EMAIL PROTECTED] Fri, 3 Aug 2001 15:19:29 -0400 cappuccino (0.3.1-1) unstable; urgency=low * New upstream release (Closes: #99248, #99249) -- Christian Surchi [EMAIL PROTECTED] Tue, 12 Jun 2001 10:01:40 -0400 cappuccino (0.3.0-1) unstable; urgency=low * New upstream release -- Christian Surchi [EMAIL PROTECTED] Mon, 12 Feb 2001 18:34:09 +0100 cappuccino (0.2.0-2) unstable; urgency=low * Updated short description (Closes: #1) -- Christian Surchi [EMAIL PROTECTED] Wed, 20 Dec 2000 23:05:06 +0100 cappuccino (0.2.0-1) unstable; urgency=low * New upstream release (Closes: #77028) -- Christian Surchi [EMAIL PROTECTED] Fri, 17 Nov 2000 18:17:23 +0100 cappuccino (0.1.5-1) unstable; urgency=low * New upstream release. -- Christian Surchi [EMAIL PROTECTED] Thu, 2 Nov 2000 03:12:15 +0100 cappuccino (0.1.2-1) unstable; urgency=low * Initial Release. -- Christian Surchi [EMAIL PROTECTED] Thu, 2 Nov 2000 03:10:24 +0100 for cappuccino, and for my package: -- Simone Piccardi [EMAIL PROTECTED] Thu, 16 Feb 2006 19:04:48 +0100 truelite-firewall (0.1-5) unstable; urgency=low * Inserite alcune funzioni di shell per il calcolo delle NETMASK dati i bit e viceversa (non necessarie per l'uso del Pre-Depends) * Inserito il Pre-Depends per iproute e netmask. -- Simone Piccardi [EMAIL PROTECTED] Fri, 10 Feb 2006 20:01:44 +0100 truelite-firewall (0.1-4) unstable; urgency=low * Parametrizzata anche l'aggiunta di servizi RPC. -- Simone Piccardi [EMAIL PROTECTED] Fri, 3 Feb 2006 22:52:30 +0100 truelite-firewall (0.1-3) unstable; urgency=low * Corretto errore di configurazione in assenza del comando ip, in tal caso prova anche ad usare route. * Corretto il firewall per non tentare di aggiungere le porte RPC quando queste non ci sono. -- Simone Piccardi [EMAIL PROTECTED] Wed, 25 Jan 2006 19:03:00 +0100 truelite-firewall (0.1-2) unstable; urgency=low * Prima versione funzionante. Definiti gli script con le funzioni per aggiungere e togliere i servizi e quello che definisce le variabili con le caratteristiche della rete (per ora solo LOCALNET). -- Simone Piccardi [EMAIL PROTECTED] Mon, 23 Jan 2006 15:21:28 +0100 truelite-firewall (0.1-1) unstable; urgency=low * Initial release -- Simone Piccardi [EMAIL PROTECTED] Thu, 20 Jan 2006 15:00:00 +0100 Regards Simone -- Simone Piccardi Truelite Srl [EMAIL PROTECTED] (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736
Bug#376868: dpkg-dev: dpkg-parsechangelog fails with a signal 13 on tail
Package: dpkg-dev Version: 1.13.22 Severity: important When I try to do a debuild or when I launch it directly dpkg-parsechangelog fails with the following error: dpkg-parsechangelog: failure: tail of debian/changelog died from signal 13 I'm getting this both with my personal development packages than with a source package from Debian (tested with cappuccino). No problem on sarge. Two weeks ago everything was ok. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages dpkg-dev depends on: ii binutils 2.17-1 The GNU assembler, linker and bina ii cpio 2.6-15 GNU cpio -- a program to manage ar ii dpkg 1.13.22package maintenance system for Deb ii make 3.81-2 The GNU version of the make util ii patch 2.5.9-4Apply a diff file to an original ii perl [perl5] 5.8.8-6Larry Wall's Practical Extraction ii perl-modules 5.8.8-6Core Perl modules Versions of packages dpkg-dev recommends: ii bzip21.0.3-2 high-quality block-sorting file co ii gcc [c-compiler] 4:4.1.1-1 The GNU C compiler ii gcc-2.95 [c-compiler]1:2.95.4-26 The GNU C compiler ii gcc-3.0 [c-compiler] 1:3.0.4-7 The GNU C compiler. ii gcc-3.3 [c-compiler] 1:3.3.6-13 The GNU C compiler ii gcc-4.0 [c-compiler] 4.0.3-4 The GNU C compiler ii gcc-4.1 [c-compiler] 4.1.1-7 The GNU C compiler -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#321433: Cannon install k3b and k3blibs
Package: k3blibs Version: 0.12.1-2 Severity: grave Justification: renders package unusable I have this error: monk:~# apt-get install k3blibs Reading package lists... Done Building dependency tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. Since you only requested a single operation it is extremely likely that the package is simply not installable and a bug report against that package should be filed. The following information may help to resolve the situation: The following packages have unmet dependencies: k3blibs: Depends: libtag1 (= 1.3.1) but it is not installable E: Broken packages I cannot install libtag1, I have libtag1c2 already installed. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.12 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages k3blibs depends on: pn dbus-qt-1 none (no description available) ii kdelibs44:3.3.2-7KDE core libraries ii libartsc0 1.3.2-4 aRts Sound system C support librar ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libflac++4 1.1.1-5 Free Lossless Audio Codec - C++ ru ii libgcc1 1:4.0.1-3GCC support library ii libhal0 0.4.8-5 Hardware Abstraction Layer - share ii libmad0 0.15.1b-2.1 MPEG audio decoder library ii libmpcdec3 1.2-1Musepack (MPC) format library ii libogg0 1.1.2-1 Ogg Bitstream Library ii libqt3c102-mt 3:3.3.4-3Qt GUI Library (Threaded runtime v ii libresmgr1 1.0-2resource manager library ii libstdc++5 1:3.3.6-7The GNU Standard C++ Library v3 pn libtag1 none (no description available) ii libvorbis0a 1.1.0-1 The Vorbis General Audio Compressi ii libvorbisenc2 1.1.0-1 The Vorbis General Audio Compressi ii libvorbisfile3 1.1.0-1 The Vorbis General Audio Compressi k3blibs recommends no packages. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#317096: kernel-image-2.6-em64t-p4-smp: kernel panic on xseries 346
Package: kernel-image-2.6-em64t-p4-smp Version: 103 Severity: important Using this kernel I got a kernel panic, the last lines are: pivot_root: No such file or directory /sbin/init: 432: cannot open dev/console: No such file Kernel panic: Attempted to kill init! It seems that the serveraid is not recognised. Using the normal 2.6.8-2-686-smp is working fine. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages kernel-image-2.6-em64t-p4-smp depends on: ii kernel-image-2.6.8-11-em64t-p 2.6.8-14 Linux kernel image for version 2.6 -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308501: webcalendar: LDAP authentication use protocol version 2
Package: webcalendar Severity: normal The /etc/webcalendar/user-ldap.php.orig file used to log user against an LDAP server use LDAPv2 protocol, so it does not work with a normal installation of OpenLDAP that has that version disabled. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308500: webcalendar: user-ldap.php has a wrong call to ldap_error()
Package: webcalendar Severity: important When using webcalendar with LDAP authentication I got this error: Warning: Wrong parameter count for ldap_error() in /etc/webcalendar/user-ldap.php on line 338 The ldap_error() function needs a paramenter (the connection handle). So if you modify the line like the following: 338c338 $error = 'Error searching LDAP server: ' . ldap_error($ds); --- $error = 'Error searching LDAP server: ' . ldap_error(); it will work. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308501: A possible solution
I found that the problem can be solved with the following changes: server:~# diff /etc/webcalendar/user-ldap.php /etc/webcalendar/user-ldap.php.orig 135d134 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); 376d374 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); Bye -- Simone Piccardi Truelite Srl [EMAIL PROTECTED] (email/jabber) Via Monferrato, 6 Tel. +39-347-103243350142 Firenze http://www.truelite.it Tel. +39-055-7879597Fax. +39-055-736 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308519: webcalendar: Admins group not working with LDAP
Package: webcalendar Severity: important Using the LDAP backend for authentication its impossible to have user on the admins group. This depends on an error on the LDAP query, the following solved the problem, at least for me: --- /etc/webcalendar/user-ldap.php.orig 2005-05-10 19:53:25.731855288 +0200 +++ /etc/webcalendar/user-ldap.php 2005-05-10 19:45:20.421633656 +0200 @@ -82,6 +82,12 @@ 'mail' //email ); +$ldap_group_attr = array( + // LDAP attribute //WebCalendar variable + 'memberUid' //member user ID +); + + /*** End Config */ @@ -132,6 +138,7 @@ $ret = false; $ds = @ldap_connect ( $ldap_server, $ldap_port ); + ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); if ( $ds ) { if ( user_search_dn ( $login, $dn) ) { $r = @ldap_bind ( $ds, $dn, $password ); @@ -325,7 +332,7 @@ // Do this search only once per request. // returns: array of admins function get_admins() { - global $error, $ds, $ldap_user_attr, $cached_admins; + global $error, $ds, $ldap_group_attr, $cached_admins; global $ldap_admin_group_name,$ldap_admin_group_attr,$ldap_admin_group_type; if ( ! empty ( $cached_admins ) ) return $cached_admins; @@ -333,7 +340,7 @@ if ($r = connect_and_bind()) { $search_filter = ($ldap_admin_group_attr=*); -$sr = @ldap_search ( $ds, $ldap_admin_group_name, $search_filter, $ldap_user_attr ); +$sr = @ldap_search ( $ds, $ldap_admin_group_name, $search_filter, $ldap_group_attr ); if (!$sr) { $error = 'Error searching LDAP server: ' . ldap_error(); } else { @@ -372,6 +379,7 @@ $ret = false; $ds = @ldap_connect ( $ldap_server, $ldap_port ); + ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); if ( $ds ) { if ( $ldap_admin_dn != '') { It contains also modification to use LDAPv3 instead of LDAPv2. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]