Package: nslcd
Version: 0.7.13
Severity: normal
Tags: patch
When postinst is running it suggests a base DN based on the domain name
of the host. This fails when the domain consists of more than two levels.
In nslcd.config the following code is found:
# domain name to build the default base
if [ -n "$domain" ]
then
searchbase=`echo "$domain" | sed 's/^/dc=/;s/\./,dc=/'` || true
db_set nslcd/ldap-base "$searchbase"
fi
fi
The sed command is missing a flag 'g' to make the '.' to ',dc=' part to
function more than once (two level domains).
pelle@devel:~$ echo "lab.example.com" | sed 's/^/dc=/;s/\./,dc=/'
dc=lab,dc=example.com
pelle@devel:~$ echo "lab.example.com" | sed 's/^/dc=/;s/\./,dc=/g'
dc=lab,dc=example,dc=com
A rather trivial patch is attached.
- System Information:
Debian Release: 6.0.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages nslcd depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libgssapi-krb5-2 1.8.3+dfsg-4 MIT Kerberos runtime libraries - k
ii libldap-2.4-2 2.4.23-7 OpenLDAP libraries
Versions of packages nslcd recommends:
ii libnss-ldapd [libnss-ldap] 0.7.13 NSS module for using LDAP as a nam
ii libpam-ldapd [libpam-ldap] 0.7.13 PAM module for using LDAP as an au
ii nscd 2.11.2-10 Embedded GNU C Library: Name Servi
Versions of packages nslcd suggests:
pn kstart <none> (no description available)
-- debconf information:
nslcd/ldap-starttls: false
* nslcd/ldap-base: dc=lab,dc=example,dc=com
nslcd/ldap-reqcert:
* nslcd/ldap-uris: ldap://ns1 ldap://ns2
nslcd/ldap-binddn:
--- /var/lib/dpkg/info/nslcd.config 2010-12-11 23:25:42.000000000 +0100
+++ nslcd.config 2011-05-13 08:54:43.000000000 +0200
@@ -38,7 +38,7 @@
# domain name to build the default base
if [ -n "$domain" ]
then
- searchbase=`echo "$domain" | sed 's/^/dc=/;s/\./,dc=/'` || true
+ searchbase=`echo "$domain" | sed 's/^/dc=/;s/\./,dc=/g'` || true
db_set nslcd/ldap-base "$searchbase"
fi
fi