** No longer affects: eglibc (Ubuntu)
** No longer affects: libnss-ldap (Ubuntu)
** No longer affects: sudo (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Thanks Howard,
I'll get this reviewed and tested this week.
Adam
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications
After reviewing this bug again I've outlined a possible course of
action:
a) Revert global_init patch in all supported distro's
b) Lucid users continue to use the nscd workaround.
c) Precise, Quantal, etc - rebuild gnutls without --with-libgcrypt in order to
make use of nettle.
Unfortunately,
Forcing use of nscd is a non-starter at many sites. Aside from cache
staleness issues, and nscd's well known instability, there's also the
issue that nscd doesn't intercept get*ent enumerations so things will
still crash depending on which nsswitch functions an app calls.
It would make sense to
This additional patch fixes the crash in bug#1013798.
** Attachment added: Addition to the patch in comment#73
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/423252/+attachment/3328846/+files/dif.txt
--
You received this bug notification because you are a member of Ubuntu
Server Team,
Oops. The attachment in comment#166 includes the patch in #73, it is not
incremental.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks
The patch applied to libgcrypt breaks other software:
https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/1013798
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
suexec, and atd
To manage
Any chance of it getting to lucid-updates anytime soon?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su,
This bug was fixed in the package libgcrypt11 - 1.4.4-5ubuntu2.1
---
libgcrypt11 (1.4.4-5ubuntu2.1) lucid-proposed; urgency=low
* Do not call global_init when setting thread callbacks (LP: #423252)
-- Adam Stokes adam.sto...@canonical.com Thu, 24 May 2012 16:31:52 -0400
**
Hey, raof,
I have tested the lucid-proposed version and it works fine. sudo no
longer segfaults.
Thanks for the package! I am waiting for it to arrive at lucid-updates!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in
** Tags added: verification-done-lucid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
This bug was fixed in the package libgcrypt11 - 1.5.0-3ubuntu0.1
---
libgcrypt11 (1.5.0-3ubuntu0.1) precise-proposed; urgency=low
* Do not call global_init when setting thread callbacks (LP: #423252)
-- Adam Stokes adam.sto...@canonical.com Wed, 16 May 2012 13:35:06 -0400
**
** Tags removed: verification-done-precise
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
Hello Matt, or anyone else affected,
Accepted libgcrypt11 into lucid-proposed. The package will build now and
be available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in
** Branch linked: lp:ubuntu/lucid-proposed/libgcrypt11
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo,
Lucid-proposed debiff
** Patch added: libgcrypt11_1.4.4-5ubuntu2.1.lucid.debdiff
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/423252/+attachment/3161716/+files/libgcrypt11_1.4.4-5ubuntu2.1.lucid.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server
** Changed in: libgcrypt11 (Ubuntu Lucid)
Status: Confirmed = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
not committed until it's available in -proposed
** Changed in: libgcrypt11 (Ubuntu Lucid)
Status: Fix Committed = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
Ubuntu 12.04 Precise
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
suexec, and atd
To
Hello Martin,
I was affected by the bug ann I confirm that using the latest packages
from proposed solves the problem with my company's setup for LDAP.
Thanks a lot.
Regards.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
Hi mcguire.
Which release of Ubuntu do the updated packages solve the problem on for
you? There are fixes available for natty, oneiric, and precise.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
Hello Matt, or anyone else affected,
Accepted libgcrypt11 into precise-proposed. The package will build now
and be available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in
** Branch linked: lp:ubuntu/precise-proposed/libgcrypt11
** Branch linked: lp:ubuntu/oneiric-proposed/libgcrypt11
** Branch linked: lp:ubuntu/natty-proposed/libgcrypt11
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in
Hello, Martin.
Any chance of getting that for lucid?
Thank you in advance!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
Yes, it'll be SRUed for lucid too, I'm just waiting for Adam to finish
preparing the debdiff and I'll review and upload it to lucid-proposed.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
** Patch added: Oneiric-proposed debdiff
https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/423252/+attachment/3150693/+files/libgcrypt11_1.5.0-1ubuntu0.1.oneiric.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
natty-proposed debdiff
** Patch added: libgcrypt11_1.4.6-4ubuntu2.1.natty.debdiff
https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/423252/+attachment/3150719/+files/libgcrypt11_1.4.6-4ubuntu2.1.natty.debdiff
--
You received this bug notification because you are a member of Ubuntu
** Also affects: libgcrypt11 (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: sudo (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: libnss-ldap (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: eglibc (Ubuntu Natty)
This bug was fixed in the package libgcrypt11 - 1.5.0-3ubuntu1
---
libgcrypt11 (1.5.0-3ubuntu1) quantal; urgency=low
* Do not call global_init when setting thread callbacks (LP: #423252)
-- Adam Stokes adam.sto...@canonical.com Tue, 15 May 2012 13:56:17 -0400
** Changed in:
** Branch linked: lp:ubuntu/libgcrypt11
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
Precise debdiff for SRU
** Patch added: libgcrypt11_1.5.0-3ubuntu1.precise.debdiff
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/423252/+attachment/3149496/+files/libgcrypt11_1.5.0-3ubuntu1.precise.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server
Uploaded your debdiff to precise-proposed with two small changes:
- Targeted precise-proposed instead or precise
- Changed version to -0ubuntu0.1 instead of -0ubuntu1
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in
** Description changed:
- On Karmic (alpha 4 plus updates), changing the nsswitch.conf 'passwd'
- field to anything with 'ldap' as the first item breaks the ability to
- become root using 'su' and 'sudo' as anyone but root.
+ SRU Request:
+
+ [Impact]
+ As heavily outlined in the amount of
** Description changed:
SRU Request:
[Impact]
As heavily outlined in the amount of comments in this bug the impact is
detrimental to both community and enterprise users alike.
[Development Fix]
- Howard Chu released a patch in #73 which was later confirmed in #106 #108
as a
** Branch linked: lp:~adam-stokes/ubuntu/quantal/libgcrypt11/libgcrypt-
fix-423252
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
craig-white@139
Please file a bug against nslcd to track the problem with
pam_authz_search.
Also, in general, bug reports for any missing features are welcome.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
adejong@139
https://bugs.launchpad.net/ubuntu/+source/nss-pam-ldapd/+bug/992737
Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks
This is busted in 12.04 and we cant use sudo with LDAP and SSL.
Kind of a show stopper when it comes to enterprise deployments
I
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
I my recent experience, installing libnss-ldapd and libpam-ldapd (which
in turn install nslcd and uninstall libnss-ldap and libpam-ldap) fixes
the problem on 11.10 and 12.04.
-sbi
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
See here's the deal...
Yes, the problem seems to occur with starttls being enabled but given
the choice...
- libnss-ldap
- libpam-ldap
- nscd
or
- libnss-ldapd
- libpam-ldapd
- nslcd
The first one fails if starttls is used to connect to the ldap server
The second one fails to respect
You can replace pam_check_host_attr yes with
pam_authz_search
((objectClass=posixAccount)(uid=$username)(|(host=$hostname)(host=$fqdn)(host=\\*)))
See the nslcd.conf manual page for more details (the 0.7 series doesn't have
the fqdn value yet).
Btw, you can use libpam-ldap fine together with
adejong@138
Put that entry into /etc/nslcd.conf as you suggested (and as the man
page suggests) and removed my 'host' attribute which should prevent me
from logging into my upgraded 12.04 system but it didn't. (NSCD NSLCD
running, libnss-ldapd and libpam-ldapd installed configured)
Obviously I
A quick workaround that solved my problem with this:
First install libnss-ldap
Configure ldap stuff, test if you can login but can't use setuid apps.
Then install nslcd and configure.
After these steps my system is working, and allowing me to login with
ldap account and use sudo.
This bug is
I forgot to mention that I used 12.04 and 10.04 with the same results.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
** Changed in: gnutls26 (Debian)
Status: Unknown = New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like
Sonic, did you do any special config?
With nslcd we are running into the next problem:
# /etc/init.d/nslcd start
* Starting LDAP connection daemon nslcd
nslcd: Warning: /lib/x86_64-linux-gnu/libnss_ldap.so.2: undefined symbol:
_nss_ldap_enablelookups (probably older NSS module loaded)
wich
If you are seeing something like:
Warning: /lib/x86_64-linux-gnu/libnss_ldap.so.2: undefined symbol:
_nss_ldap_enablelookups (probably older NSS module loaded)
It means that you probably have libnss-ldap installed instead of libnss-ldapd
(note the extra d). Using nslcd works best with
Let me point out my non-technical, management-like point of view to
this:
For my company it would have been a discussable way to put Ubuntu LTS with paid
support to a row of our Desktops. But with this issue it is a complete nogo...
Rating this as a high issue isn't going far enough, for
I fully agree with kibe. While the whole licensing issues certainly lead
to a big mess, but this bug is an even bigger issue in any enterprise /
medium to large scale environment (at least those not using Kerberos).
There has to be a some viable solution. How do other Linux distributions
handle
Ah right, there would be the usecase of LDAP with SSL used by
non-GPL-compatible programmes.
So the proper fix is to have three sets of LDAP (client) libraries. The rest of
the packages (server
and utilities) can then be built against whatever of those the maintainers see
best fit.
--
You
** Also affects: openldap (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: Debian Bug tracker #658739
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658739
** Also affects: gnutls26 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658739
3 sets of LDAP client libraries? That sounds like a terrible solution.
Fwiw, I wrote a version of OpenLDAP's TLS support that could use any/all
of OpenSSL, GnuTLS, and MozillaNSS simultaneously, and never released
it, because it seemed that would be too confusing if separate apps had
different
** No longer affects: openldap (Ubuntu)
** No longer affects: openldap (Ubuntu Karmic)
** No longer affects: openldap (Ubuntu Lucid)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
On Wed, Apr 25, 2012 at 09:14:58AM -, Howard Chu wrote:
I still don't see any technical merit in supporting anything besides
OpenSSL.
As soon as someone provides an OpenSSL that it's legal for us to link to in
a Linux OS product, instead of with a wink and a nod to the GPL, we'd be
elated
My point being, if you want to accommodate multiple TLS libraries
simultaneously with only a single libldap, that code is still available
in the OpenLDAP git repo. The relevant changes are between
a225b02f17fe79f6680d5d31db37320981e24774..4dff3e6807fb3451405373c2b85e02ccf27b882f
--
You received
Re #120 (adam-stokes)
The best workable solution for me would be working official packages for
Lucid and Pangolin. Working LDAP authn/z over TLS is baseline
functionality for us (servers and academic computer labs).
I've had no problems with the patch from #73 thus far on our Lucid
servers.
Just to add something that has nothing to do directly with this bug, but
is related: we have been using SSSD for quite a while now, using Timo
Aaltonen's PPA https://launchpad.net/~sssd/+archive/updates and could
not be happier. In my opinion SSSD is the superior solution for all
things
re #108 (cdmiller)
Is this fix still a workable solution for you and have you run into any
issues not yet experienced on this bug?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
Confirmed for Precise beta.
Please, for the sake of corporate and government customers (where LDAP
and/or Kerberos is very likely to be deployed), elevate the priority of
this bug. I gather that this is of not much interest for the majority of
private desktop users, but in more professional
It is probably best to migrate to either nss-pam-ldapd, sssd or nss-pam-
ldapd in combination with the nssov slapd overlay.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
I can confirm that the use nscd workaround no longer works in the
current Precise beta. This will cause anyone updating from the current
LTS to the forthcoming LTS to be unable to run su, sudo, apache2 suexec,
and atd from LDAP accounts.
--
You received this bug notification because you are a
This will never be fixed in Lucid and Lucid has the use nscd work-
around.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
*** This bug is a duplicate of bug 926350 ***
https://bugs.launchpad.net/bugs/926350
** This bug has been marked a duplicate of bug 926350
LDAP account via SSL cannot use setuid binaries until gnutls26 is rebuilt
with nettle not libgcrypt11
--
You received this bug notification because
** This bug is no longer a duplicate of bug 926350
LDAP account via SSL cannot use setuid binaries until gnutls26 is rebuilt
with nettle not libgcrypt11
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
Rebuilding against nettle is no solution for lucid. This bug is not a
duplicate.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
PPA for the patch suggested by Howard Chu's in comment #73
https://launchpad.net/~nutznboltz/+archive/howard-chu-libgcrypt11-patch-
for-ldap-clients
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
According to Andreas Metzler
http://lists.debian.org/debian-legal/2011/02/msg6.html
{{ GnuTLS upstream has added support for different crypto backends in
2.11.x and has chosen nettle as prefered backend (2.10.x is using
libgcrypt). }}
I have started to experiment with using a gnutls26 package
This bug no longer pertains to be as it is opened against libgcrypt11
now and to me this is now a GnuTLS backend selection bug.
I put the patched gnutls into this PPA as my preferred solution.
https://launchpad.net/~nutznboltz/+archive/gnutls26-with-nettle
--
You received this bug notification
I meant to type no longer pertains to me not to be.
I am unsubscribing from this bug report.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL
I tested with Ubuntu 12.04 today and the nscd work-around no longer
works. The failure occurs with or without running nscd on Ubuntu 12.04.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
** Branch linked: lp:~nutznboltz/ubuntu/precise/libgcrypt11/fix-lp423252
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
** Tags added: precise
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2
suexec, and atd
To
Just a follow up to #106. We have been running with the libgcrypt11
patch from #73 with a couple thousand openldap and AD users using
Apache2/phpsuexec on Lucid 10.04.2 64 bit for months now with no
troubles.
--
You received this bug notification because you are a member of Ubuntu
Server Team,
Thanks a lot, works like a charm. I wish i could be of any help to
you, saved me a lot of time.
2011/10/4 cdmiller cdmil...@adams.edu:
Just a follow up to #106. We have been running with the libgcrypt11
patch from #73 with a couple thousand openldap and AD users using
Apache2/phpsuexec on
** Changed in: libnss-ldap (Ubuntu Maverick)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL breaks setuid
** Also affects: eglibc (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: libgcrypt11 (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: libnss-ldap (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: sudo
** Changed in: libgcrypt11 (Ubuntu Maverick)
Assignee: (unassigned) = Canonical Foundations Team
(canonical-foundations)
** Changed in: libgcrypt11 (Ubuntu Lucid)
Assignee: (unassigned) = Canonical Foundations Team
(canonical-foundations)
--
You received this bug notification
I also tested a patched libgcrypt11 package according to comment #73. I
can now su from a local user to a non-local user and have a non-local
user use sudo (sudo-ldap).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in
I just tried Howard's patch from #73 this morning, using the
libgcrypt11_1.4.4-5ubuntu2_amd64.deb source files to roll a new
libgcrypt11 package. I can now su to root from accounts not in the
local password file database, before I could not. That was on a Lucid
10.04.2 LTS vm. Next week
Building the openldap source with openssl instead of gnutls libraries
and installing the resulting libldap package works here.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
On Wed, Mar 23, 2011 at 08:35:56PM -, Peter Matulis wrote:
Building the openldap source with openssl instead of gnutls libraries
and installing the resulting libldap package works here.
Yes, but that results in combinations of software that are not
redistributable in the archive because
Yeah it was more as confirmation. I'm going to test a patched libgcrypt
(comment #73) next.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/423252
Title:
NSS using LDAP+SSL
bug still present in Maverick 10.10
this is the output with debug option enabled:
$ sudo -u news /usr/sbin/fetchnews
LDAP Config Summary
===
uri ldap://127.0.0.1/
ldap_version 3
sudoers_base ou=sudoers,dc=homelinux,dc=doma
binddn (anonymous)
bindpw
For completeness' sake, another bug tracker with the same issue
https://bugs.g10code.com/gnupg/issue1181
** Bug watch added: GnuPG Bugs #1181
https://bugs.g10code.com/gnupg/issue1181
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
** Summary changed:
- NSS using LDAP+SSL breaks setuid applications like su and sudo
+ NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec,
and atd
--
NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec,
and atd
86 matches
Mail list logo