Your message dated Sat, 20 Oct 2007 17:17:40 -0700 (PDT)
with message-id <[EMAIL PROTECTED]>
and subject line close this as a dup
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libnss-ldap
Version: 251-7.5
Severity: normal
Hello.
/etc/libnss_ldap.conf must be world readable in order to allow programs
like id (coreutils) or finger (finger) to perform as expected when
invoqued by normal users, although nscd is running.
Look what happens (/etc/nss_ldap.conf mode 600):
homero:~# id
uid=0(root) gid=0(root) grupos=0(root),512(Domain Admins)
homero:~# id root
uid=0(root) gid=0(root) grupos=0(root),512(Domain Admins)
homero:~# id fmaresca
uid=1000(fmaresca) gid=1000(fmaresca) grupos=1000(fmaresca),
7(lp),20(dialout),24(cdrom),25(floppy),29(audio),44(video),
46(plugdev),100(users),103(lpadmin),1001(ntadmins),
512(Domain Admins),513(Domain Users)
homero:~# finger fmaresca
Login: fmaresca Name: fmaresca
Directory: /home/fmaresca Shell: /bin/bash
On since Sat Apr 28 10:16 (ART) on tty1 1 hour 49 minutes idle
(messages off)
...
Now as normal user:
[EMAIL PROTECTED]:~$ id
uid=1000(fmaresca) gid=1000(fmaresca) grupos=7(lp),20(dialout),
24(cdrom),25(floppy),29(audio),44(video),46(plugdev),100(users),
103(lpadmin),512(Domain Admins),513(Domain Users),1000(fmaresca),
1001(ntadmins)
[EMAIL PROTECTED]:~$ id fmaresca
id: ldap-nss.c:1374: do_init: La declaraciĆ³n
`cfg->ldc_uris[__session.ls_current_uri] != ((void *)0)' no se cumple.
uid=1000(fmaresca) gid=1000(fmaresca)Abortado
[EMAIL PROTECTED]:~$ finger fmaresca
finger: fmaresca: no such user.
[EMAIL PROTECTED]:~$ finger root
Login: root Name: root
Directory: /root Shell: /bin/bash
Last login Tue Apr 24 14:52 (ART) on tty2
So, finger/id can't get ldap information when invoqued as normal user,
but they works ok when invoqued as root.
Changing the mode of /etc/libnss_ldap.conf to be readable for normal
users seems to solve the problem.
Please, correct me if I'm wrong, but AFAIK the purpose of nscd is to
maintain /etc/libnss_ldap.conf mode 0600.
ITOH, I'm not completely sure that this bug report belongs to libnss-ldap.
Thanks,
Fernando
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-4-amd64 (SMP w/1 CPU core)
Locale: LANG=es_AR, LC_CTYPE=es_AR (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libnss-ldap depends on:
ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii libc6 2.5-3 GNU C Library: Shared libraries
ii libkrb53 1.4.4-8 MIT Kerberos runtime libraries
ii libldap2 2.1.30-13.4 OpenLDAP libraries
Versions of packages libnss-ldap recommends:
ii libpam-ldap 180-1.7 Pluggable Authentication Module al
ii nscd 2.5-3 GNU C Library: Name Service Cache
-- debconf information:
* libnss-ldap/dblogin: false
* shared/ldapns/base-dn: dc=laplata,dc=dnsalias,dc=org
libnss-ldap/binddn: cn=proxyuser,dc=example,dc=net
* libnss-ldap/dbrootlogin: true
libnss-ldap/override: true
* shared/ldapns/ldap-server: ldapi:///
* libnss-ldap/confperm: true
* libnss-ldap/rootbinddn: cn=admin,dc=laplata,dc=dnsalias,dc=org
* shared/ldapns/ldap_version: 3
* libnss-ldap/nsswitch:
--- End Message ---
--- Begin Message ---
sigh, I forgot the -done
--
Rick Nelson
<DarthVadr> Kira: JOIN THE DARK SIDE, YOUNG ONE.
<kira> darth, I *am* the dark side.
--- End Message ---
