Package: libpam-modules Version: 1.0.1-5+lenny1 Severity: normal Current version of pam_listfile checks whether an user is a member of listed groups inefficiently. It actually breaks with large groups. In our case, there are some groups that contain nearly all users (Active Directory, which serves name services, makes each user a member of primary group, so some groups have more then 1500 members).
In upstream CVS this feature has been patched recently: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_listfile/pam_listfile.c?r1=1.16&r2=1.17 -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-modules depends on: ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libc6 2.7-18 GNU C Library: Shared libraries ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libselinux1 2.0.65-5 SELinux shared libraries libpam-modules recommends no packages. libpam-modules suggests no packages. -- debconf information: libpam-modules/disable-screensaver: -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

