On Fri, Sep 24, 2010 at 16:46:25 -0000, Nathan Stratton Treadway wrote: > As greenmoss found, when I was running with libpam/nss-ldap and > no nscd (and didn't have any of the users in question listed in > the "ignoreusers" line), my "at" commands worked for LDAP users > but not for ones defined in /etc/passwd. (When an LDAP user > attempted to run an "at" command, the following syslog message > would appear: > atd[<PID>]: Cannot delete saved userids: Operation not permitted > > However, I found that when nscd was running... the situation was > reversed: "at" commands did work for LDAP-defined users, but not > for /etc/passwd-defined ones (and attempts to use "at" as one of > those users would cause the same error message as above to show > up in the syslog).
I'm sorry, I seem to have managed to jumble the succeeded/failed statuses given in those two paragraphs... Hopefully the following table is more clear: without ncsd: passwd user: failed (and "Cannot delete" syslog message appeared) LDAP user: succeeded with ncsd running (and after restarting the "atd" service): passwd user: succeeded LDAP user: failed (with same "Cannot delete" syslog message) Nathan -- NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd https://bugs.launchpad.net/bugs/423252 You received this bug notification because you are a member of Registry Administrators, which is the registrant for Debian. _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : [email protected] Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
