found 658896 1.8.5p2-1 severity 658896 serious thanks justification: Renders the package unusable on systems with LDAP/PAM
Hi!
I can confirm this bug. On a Wheezy system with nscd and libnss-ldap is
impossible to use sudo.
# apt-cache policy sudo
sudo:
Installed: 1.8.5p2-1
Candidate: 1.8.5p2-1
Version table:
*** 1.8.5p2-1 0
500 http://debian/debian/ sid/main amd64 Packages
500 http://debian/debian/ testing/main amd64 Packages
100 /var/lib/dpkg/status
1.7.4p4-2.squeeze.3 0
500 http://debian/debian/ stable/main amd64 Packages
$ sudo ls /
[sudo] password for clopez:
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to open /var/lib/sudo/clopez/1: Operation not permitted
sudo: unable to set supplementary group IDs: Operation not permitted
sudo: unable to execute /bin/ls: Operation not permitted
Downgrading the package to squeeze version fixes the problem automatically
# apt-get install sudo=1.7.4p4-2.squeeze.3
$ sudo ls /
[sudo] password for clopez:
bin boot dev etc home lib lib32 lib64 lost+found media mnt opt
proc root run sbin selinux srv sys tmp usr var
IMHO this bug should be fixed before releasing Wheezy. Sudo is not
usable on systems configured with LDAP/PAM (which is a setup widely
used). Therefore I'm raising the severity.
Thanks!
signature.asc
Description: OpenPGP digital signature
