On Thu, 2006-03-02 at 00:52 +0200, Alexander Gattin wrote: > Hi! > > On Mon, Feb 27, 2006 at 07:20:45AM +0100, Christian Perrier wrote: > > > > P.S. The requred infrastructure will be ready soon. > > > And now, one month later? > > And now, *two* months later? :-) > > Oh, yeah, now it's 2 months closer to completion ;) > > Actually, a lot of different and I'd say boring job > found me meanwhile, but in rare free time I did some > experiments. > > WRT the bug, I'd like to know what schemes etc. did > the bug submitter use. Greg?
Hi... sorry for the long silence, change of job etc... just trying to reproduce this bug and the symptoms seem to have changed, I dont get a segfault but su is still failing: with TLS_CACERTDIR: $ su - Sorry. $ with TLS_CACERT: $ su - Password: # current pkg versions on debian sarge host: libnss-ldap 238-1 libpam-ldap 178-1sarge1 wrt schemas, I assume you mean the relevant objectclasses for my user object? In this case I am using the rather restrictive "account", with "posixAccount" and "shadowAccount". The server is using the following schema files: include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/locking.schema include /usr/local/etc/openldap/schema/solaris.schema include /usr/local/etc/openldap/schema/DUAConfig.schema include /usr/local/etc/openldap/schema/automount.schema include /usr/local/etc/openldap/schema/eduperson.schema but locking, solaris and eduperson are not being used. Another datapoint: if I strace the "su -" I do actually get prompted for a password (without strace I get an instant "Sorry."), and the error "su: Authentication failure" G > -- Greg Matthews 01491 692445 Head of UNIX/Linux, iTSS Wallingford -- This message (and any attachments) is for the recipient only. NERC is subject to the Freedom of Information Act 2000 and the contents of this email and any reply you make may be disclosed by NERC unless it is exempt from release under the Act. Any material supplied to NERC may be stored in an electronic records management system. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]