Package: nslcd
Version: 0.9.7-2
Severity: important
Quack,
I was annoyed by slapd warning me about "unrecognized control", and as
we do not use ppolicy I decided to set "pam_authc_ppolicy no". I
realized this setting breaks PAM authentication on my system.
nslcd/authc reports "Unknown error" when I try to authenticate.
From what I can see in the source code this error only applies to
ppolicy processing ('compat/ldap_passwordpolicy_err2txt.c'). If I'm not
mistaken the authenticate() function in 'pynslcd/pam.py' should check
for 'cfg->pam_authc_ppolicy' before binding with a
'PasswordPolicyControl()' unconditionally.
Regards.
-- System Information:
Debian Release: 9.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=C
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages nslcd depends on:
ii adduser 3.115
ii debconf [debconf-2.0] 1.5.61
ii libc6 2.24-11+deb9u3
ii libgssapi-krb5-2 1.15-1+deb9u1
ii libldap-2.4-2 2.4.44+dfsg-5+deb9u1
ii lsb-base 9.20161125
Versions of packages nslcd recommends:
ii bind9-host [host] 1:9.10.3.dfsg.P4-12.3+deb9u4
ii ca-certificates 20161130+nmu1
ii ldap-utils 2.4.44+dfsg-5+deb9u1
ii libnss-ldapd [libnss-ldap] 0.9.7-2
ii libpam-ldapd [libpam-ldap] 0.9.7-2
ic nscd 2.11.2-2
pn nslcd-utils <none>
Versions of packages nslcd suggests:
pn kstart <none>
-- debconf information excluded
--
Marc Dequènes
