Bug#610391: marked as done (Defaults to "\n", not "/bin/sh", when loginShell is not set)

Tue, 18 Jan 2011 19:21:19 -0800 

Your message dated Tue, 18 Jan 2011 19:19:31 -0800 (PST)
with message-id <[email protected]>
and subject line Re: Bug#610391: Defaults to "\n", not "/bin/sh", when 
loginShell        is not set
has caused the Debian Bug report #610391,
regarding Defaults to "\n", not "/bin/sh", when loginShell is not set
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
610391: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610391
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: libnss-ldapd
Severity: normal

RFC2307 (nis.schema) doesn't require a passwordAccount object to set
any loginShell.  For such an account, PADL falls back to /bin/sh, but
this implementation falls back to "\n", which obviously is not useful.

I would like it to default to /bin/sh.  If you're feeling especially
paranoid, I would at least like it to default to (say) /bin/false, so
that I don't have spurious blank lines in my getent output.

    root@blood:~# getent passwd twb conz
    twb:x:1008:1008:Trent W. Buck:/home/twb:

    conz:x:1001:1001:Con Zymaris:/home/conz:

    root@blood:~# ldapsearch -LLL -x uid=twb
    dn: uid=twb,ou=people,dc=cybersource,dc=com,dc=au
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    cn: Trent W. Buck
    sn: Buck
    givenName: Trent
    uid: twb
    uidNumber: 1008
    gidNumber: 1008
    homeDirectory: /home/twb
    userPassword:: e1NTSEF9U24yRVQwd1Mvb0Jzd3U3V0xETTVPQkNBN3FsUFdwWmg=

    root@blood:~# ldapsearch -LLL -x uid=conz
    dn: uid=conz,ou=people,dc=cybersource,dc=com,dc=au
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    cn: Con Zymaris
    sn: Zymaris
    givenName: Con
    uid: conz
    uidNumber: 1001
    gidNumber: 1001
    homeDirectory: /home/conz
    userPassword:: e1NTSEF9V0tybHp4UjhyM0YyaHZQSXFNQkxaL0dGQ0Foby9wNzU=

PS: yes, I know my password hashes are visible to anonymous users.
This is a scratch network and my olcAccess rules are temporarily too
permissive.

-- System Information:
Debian Release: 6.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.34-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message --- 
Trent W. Buck wrote:
> Normally I would reproduce the problem under Debian *before* sending
> the bug report to debbugs, but I was about to fall asleep and I didn't
> want to forget about the bug.

I apologize; I cannot reproduce this with a Debian Squeeze client
pointing at (almost) the same lucid LDAP server.  This must be an
Ubuntuism; therefore closing this ticket.  Transcript follows.

    debian-squeeze:~# getent passwd conz twb
    conz:x:1001:1001:Con Zymaris:/home/conz:
    twb:x:1008:1008:Trent W. Buck:/home/twb:
    debian-squeeze:~# ldapsearch -LLL -x '(|(uid=conz)(uid=twb))'
    dn: uid=conz,ou=people,dc=cybersource,dc=com,dc=au
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    cn: Con Zymaris
    sn: Zymaris
    givenName: Con
    uid: conz
    uidNumber: 1001
    gidNumber: 1001
    homeDirectory: /home/conz

    dn: uid=twb,ou=people,dc=cybersource,dc=com,dc=au
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    cn: Trent W. Buck
    sn: Buck
    givenName: Trent
    uid: twb
    uidNumber: 1008
    gidNumber: 1008
    homeDirectory: /home/twb

    debian-squeeze:~# dpkg -l libnss-ldapd nslcd nscd <&- | cat
    Desired=Unknown/Install/Remove/Purge/Hold
    | 
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
    |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
    ||/ Name                            Version                Description
    
+++-===============================-======================-===================================================================
    ii  libnss-ldapd                    0.7.13                 NSS module for 
using LDAP as a naming service
    un  nscd                            <none>                 (no description 
available)
    ii  nslcd                           0.7.13                 Daemon for NSS 
and PAM lookups using LDAP
    debian-squeeze:~# su - twb
    No directory, logging in with HOME=/
    twb@debian-squeeze:/$

--- End Message ---

Reply via email to