Package: libnss-ldap Version: 251-5.2 Severity: critical Justification: breaks the whole system
This version of libnss-ldap attempts to do something about the issue that the ldap server might be unreachable due to not-yet started services. (i.e. bind-policy soft) Well. There are two simple technical issues with the solution. The first one is that it attempts to touch a file in a directory that does not exist. /etc/init.d/libnss-ldap needs /lib/init/rw to exist but does not make sure. Simple fix is to create the dir manually. Second of all, from the changelog.Debian I understand that some file should be created as soon as possible after boot start. That is also not taken care of. The changelog mentions 'just before udev'. I don't know about others' systems, but on mine the root filesystem is still ro at that point in time. So I created a link /etc/rcS/S11libnss-ldap. This is done just after the root filesystem becomes writable in S10. With these two fixes things work (until now) as expected. Most of this system is testing, with a small number of unstable packages (libnss-ldap being an excellent example :-). -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-1-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages libnss-ldap depends on: ii debconf [debconf-2.0] 1.5.5 Debian configuration management sy ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries ii libkrb53 1.4.4-1 MIT Kerberos runtime libraries ii libldap2 2.1.30-13+b1 OpenLDAP libraries Versions of packages libnss-ldap recommends: ii libpam-ldap 180-1.1 Pluggable Authentication Module al ii nscd 2.3.6.ds1-4 GNU C Library: Name Service Cache -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
