Bug#613214: marked as done (use libpam-krb5 for uidNumbers greater than 10000 only (as opposed to the default > 1000))

[Debian Bug Tracking System]

Your message dated Mon, 7 Mar 2011 14:35:50 +0100
with message-id <201103071435.51304.hol...@layer-acht.org>
and subject line Re: Bug#613214: use libpam-krb5 for uidNumbers greater than 
10000 only (as opposed to the default > 1000)
has caused the Debian Bug report #613214,
regarding use libpam-krb5 for uidNumbers greater than 10000 only (as opposed to 
the default > 1000)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
613214: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613214
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: debian-edu-config
Version: 1.446~svn72930
Severity: minor
Tags: squeeze


For integration of Kerberos5 libpam-krb5 needs to be tweaked in
a way that it will only apply krb5 pam rules to uidNumbers greater than
10000 (presuming that LDAP users on the Tjener start with 10000).

The current libpam-krb5 package hard-codes uidNumber = 1000 in

  /usr/share/pam-configs/krb5

The tweak probably has to be applied via a cfengine script. However, there
exists an optional ActiveDirectory integration for Debian Edu which hacks the
/etc/pam.d/common-* files. Thus, fixing this issue should try to be compliant
with the changes performed by





-- System Information:
Debian Release: 6.0
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages debian-edu-config depends on:

ii  debconf-utils        1.5.36.1            debconf utilities
ii  debian-edu-artwork   0.0.32-2            Debian Edu themes and artwork

ii  discover             2.1.2-5             hardware identification system
ii  education-tasks      0.852~svn72130      Debian Edu tasks for tasksel

ii  host                 1:9.7.2.dfsg.P3-1.1 Transitional package
ii  ldap-utils           2.4.23-7            OpenLDAP utilities

ii  libhtml-fromtext-per 2.05-5.1            Mark up text as HTML

ii  libnet-ldap-perl     1:0.4001-2          client interface to LDAP servers

ii  libterm-readkey-perl 2.30-4              A perl module for simple terminal

ii  net-tools            1.60-23             The NET-3 networking toolkit
ii  ng-utils             0.7-1               Tool to access netgroups from the

ii  patch                2.6-2               Apply a diff file to an original
ii  python-notify        0.1.1-2+b2          Python bindings for libnotify


Versions of packages debian-edu-config recommends:

ii  lsof                       4.81.dfsg.1-1 List open files
ii  memtest86+                 4.10-1.1      thorough real-mode memory tester
ii  resolvconf                 1.46          name server information handler
ii  syslinux                   2:4.02+dfsg-7 collection of boot loaders

Versions of packages debian-edu-config suggests:
ii  atftpd                      0.7.dfsg-9.1 advanced TFTP server

-- debconf information:
  debian-edu-config/kdc-password: (password omitted)
  debian-edu-config/kdc-password-again: (password omitted)
* debian-edu-config/update-hostname: false
  debian-edu-config/enable-nat: false
  debian-edu-config/kdc-password-empty:
  debian-edu-config/kdc-password-mismatch:

<debian-edu-config.packages>/share/debian-edu-config/tools/debian-edu-winbind ii base-files 6.0 Debian base system miscellaneous f ii bind9-host [host] 1:9.7.2.dfsg.P3-1.1 Version of 'host' bundled with BIN ii cfengine2 2.2.10-2 Tool for configuring and maintaini ii debconf [debconf-2.0 1.5.36.1 Debian configuration management sy ii desktop-profiles 1.4.15+nmu1 framework for setting up desktop p ii fping 2.4b2-to-ipv6-16.1 sends ICMP ECHO_REQUEST packets to ii libconfig-inifiles-p 2.52-1 Read .ini-style configuration file ii libfilesys-df-perl 0.92-3+b1 Module to obtain filesystem disk s ii libio-socket-ssl-per 1.33-1+squeeze1 Perl module implementing object or ii libjavascript-perl 1.16-3 module for executing embedded Java ii libnet-netmask-perl 1.9015-4 parse, manipulate and lookup IP ne ii libtext-unaccent-per 1.08-1+b1 provides functions to remove accen ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii mime-support 3.48-1 MIME files 'mime.types' & 'mailcap ii openssl 0.9.8o-4 Secure Socket Layer (SSL) binary a ii ssl-cert 1.0.28 simple debconf wrapper for OpenSSL ii tftp 0.17-18 Trivial file transfer protocol cli ii ddccontrol 0.4.2-6 a program to control monitor param ii libnotify-bin 0.5.0-2 sends desktop notifications to a n
--- End Message ---

--- Begin Message ---

Hi Mike,

(sorry for the late reply...)

On Sonntag, 13. Februar 2011, Mike Gabriel wrote:
> Please close this bug, I will file another bug against the
> adduser<->LDAP uidNumber range conflict (as we are absolutely
> off-topic already here).

I've closed the bug now, but you could have done the same :)
http://www.debian.org/Bugs/server-control explains this in detail.

Please file a new bug about the adduser<->LDAP uidNumber range conflict! 


thanks,
        Holger

signature.asc
Description: This is a digitally signed message part.

--- End Message ---