Control: tags -1 + pending On Mon, 2014-06-09 at 00:59 +0530, Murukesh Mohanan wrote: > So, what I am requesting is either a new debconf setting for nslcd to > specify the CA cert file, or the generation of a line similar to the > above one *if* start_tls is enabled.
The next upload to unstable will: - add tls_cacertfile /etc/ssl/certs/ca-certificates.crt by default for new installations - add a debconf prompt for tls_cacertfile that will be asked only when relevant (depending on answers to previous questions) > As it stands, I replace the entire config file, which means, *all* > other nslcd debconf selections are rendered useless to me. This is correct, preseeding (and configuration guessing) only works on initial install if there is no nslcd.conf yet. Once a configuration file is present it takes precedence over debconf values. > I figure that the precedent established by the shared setting for > libpam-ldapd, which is: > libpam-ldapd shared/ldapns/ldap-starttls boolean true > suggests that autogeneration of a default value is the way to go, > avoiding translation issues. The shared/ldapns namespace is Ubuntu-specific and comes from the ldap-auth-config package which is not used by nss-pam-ldapd. -- -- arthur - [email protected] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part

