Your message dated Sat, 30 Sep 2006 01:26:21 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Fixed in NMU of libnss-ldap 251-5.2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libnss-ldap
Version: 251-5
Severity: serious
Justification: required
It appears on debian testing with libnss-ldap 251-5.
When using TLS libnss-ldap don't work when non-root, you could log in
(with ssh for ex) but once logged the user id was not found, so the
.bash_profile (or rc) fail on the id command.
The user is logged in but with no enviroment at all (logic), you cannot
do anything.
It is TLS related, because without StartTLS in /etc/libnss_ldap.conf it
work well (and if your server is configured to accept unencrypted request).
Note that with the version of libnss-ldap in stable (238-1) it work
well. So for now I use this version.
Please see also the report on the nssldap mailing list at :
http://marc.theaimsgroup.com/?l=nssldap&m=115856065310984&w=2
-- System Information:
Debian Release: testing
APT prefers testing
APT policy: (700, 'testing'), (650, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages libnss-ldap depends on:
ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
ii libkrb53 1.4.4~beta1-1 MIT Kerberos runtime libraries
ii libldap2 2.1.30-13+b1 OpenLDAP libraries
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Version: 251-5.2
I've NMUed for this bug (fixing the bug to use versioning instead of the
"fixed" tag, to ease tracking through testing); here's the changelog:
> libnss-ldap (251-5.2) unstable; urgency=high
> .
> * Non-maintainer upload.
> * When doing substitutions in libnss-ldap.conf, pass the values to the Perl
> program as environment variables instead of directly to the program;
> should eliminate the problems with having to escape them.
> (Closes: #376684, #386141)
> * Change the init script policy. Instead of stopping libnss-ldap.init on
> clean shutdown (touching a file) and starting it after networking (rm-ing
> it), we touch the file in /lib/init/rw as soon as possible (right before
> udev is started, touching a file) and stop it after initial system
> bootup.
> This fixes both issues with /var being on a separate partition, and
> unclean shutdown where the file would not be created. (To make sure we
> don't get similar problems during shutdown, we create it in runlevels 0
> and 6 as before, but we don't assume it's still there when we boot, since
> it's on a tmpfs now.) (Closes: #375077)
> * Block SIGPIPE in do_atfork_child(), as some versions of libldap2 in some
> circumstances (notably with TLS enabled) write data onto our dummy socket
> during close, which raises a SIGPIPE that should not be delivered on to
> the
> application. (Closes: #376426, #388574)
/* Steinar */
--
Homepage: http://www.sesse.net/
--- End Message ---