On Sun, 2022-10-23 at 14:50 +0200, Lucas Nussbaum wrote:
> During a rebuild of all packages in sid, your package failed to build
> on amd64.
A fix has just been uploaded and is part of version 1.18-1.
If this ever needs to be backported for some reason the fix is trivial:
On Fri, 2022-02-18 at 19:11 -0800, Ryan Tandy wrote:
> I removed "pwdMustChange: TRUE" from the policy and then the tests
> passed. Not sure if this is the correct fix, but at least I don't
> currently see anything in test_pamcmds.expect that would be expecting
> a forced reset?
Applying this
Control: tags -1 + pending
On Mon, 2021-12-20 at 22:03 +0100, Thomas Fargeix wrote:
> The postinst script of nslcd silently modifies the configuration file
> /etc/nslcd.conf on package upgrades. It rewrites or adds settings
> without notification to the administrator.
Thanks for this report.
>
On Mon, 2020-07-27 at 00:42 -0400, Sandro Tosi wrote:
> 9 months have passed and i dont see any progress on this porting to
> python3: last commits on https://arthurdejong.org/git/webcheck are
> from 2013 (!)
>
> Are you still interested in this program (which you wrote)? should we
> just remove
Control: tags -1 + upstream
FWIW, I am working supporting Python 3 upstream, see
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=221ce5a2680c1a91b7b87a36d73be5c0ad7e5ddb
This will be part of the upcoming 0.9.11 release.
--
-- arthur - adej...@debian.org -
Control: sevirity -1 normal
On Mon, 2017-08-21 at 13:17 +0200, Vincent Lefevre wrote:
> Severity: grave
> Justification: causes non-serious data loss and DoS from an end user.
The severity is a bit questionable and, at the very least not a flaw in
or unique to nslcd. Any local user that does not
Control: severity -1 important
On Tue, 2017-02-07 at 12:42 -0500, James Valleroy wrote:
> Any update on this bug? Is it possible the severity could be lowered
> until the analysis is complete?
>
> I have some packages (plinth, freedombox-setup) that depend on nslcd,
> so I'm hoping that it won't
On Mon, 23 Jan 2017, Elizabeth Myers wrote:
I can't reproduce it with nslcd -d. It happens reliably outside of it
though. I will try to get a core dump.
You probably want to avoid adding the core file to the bug report since it
will probably contain your client's private SSL key.
If you
Hi Elizabeth,
I have been trying to reproduce this (nslcd 0.9.7-1, slapd 2.4.40+dfsg-
1+deb8u2).
I have not been able to reproduce this when not using SSL and the
following nslcd.conf also works without problems for me:
uid nslcd
gid nslcd
uri ldaps://192.168.12.1/
base dc=thuis,dc=net
end ca-certificate which is needed due to adding tls_cacertfile by
default (see #750949) and the checking of tls_cacertfile in 0.9.7
(closes: #836720)
+ * fix parsing of nslcd.conf tls_cacert option in package configuration
+(closes: #851564)
- -- Arthur de Jong <adej...@debian.
Hi,
On Mon, 2017-01-16 at 11:52 +0100, Thomas Wallrafen wrote:
> The aforementioned setting is probably added to the file via the
> postinstall script of the nslcd package. If one removes the line
> tls_cacertfile dir /etc/ssl/certs from the file /etc/nslcd.conf and
> runs
> # dpkg --configrue
On Thu, 2017-01-12 at 04:16 -0600, Elizabeth Myers wrote:
> When restarting the OpenLDAP server, nslcd often crashes on multiple
> servers with the following messages logged (I know they're not
> helpful but it's what I have at the moment):
>
> nslcd[14819]: segfault at 0 ip 7fdc51502ce4 sp
On Mon, 2016-04-04 at 22:35 +0200, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade
> from 'testing'.
> It installed fine in 'testing', then the upgrade to 'sid' fails
> because it tries to overwrite other packages files without declaring
> a
9e1804141d131cbc3f6d4564e4e10f601ddcaa28
Author: Arthur de Jong <adej...@debian.org>
Date: Tue Apr 5 22:05:59 2016 +0200
Add Breaks/Replaces to allow upgrades from older versions (closes: #820025)
diff --git a/debian/changelog b/debian/changelog
index d3de377..1500cc2 100644
--- a/debian/changelog
On Thu, 2016-02-11 at 14:13 +0300, Nikolay Shaplov wrote:
> This bug was not fixed for debian jessie, as I can see...
> And I think it should be fixed in all supported distributives, as it
> can cause problems.
Thanks for reminding me. I uploaded a new version for jessie yesterday.
--
--
Control: tags -1 + pending
On Wed, 2015-08-05 at 20:02 +0300, Nikolay Shaplov wrote:
Package: nslcd
Version: 0.9.4-3
Severity: serious
Justification: fails to build from source
Justification is not right but the init script return code is not
according to policy so I'll leave it at serious.
Control: tags -1 + pending
On Wed, 2014-01-01 at 20:22 +0400, Dmitry Shachnev wrote:
Your package fails to build from source on machines which
do not have internet connection.
Thanks. I think the wrong thing ended up in setup.py. Will do a new
upload shortly.
Thanks,
--
-- arthur -
On Thu, 2013-10-31 at 22:16 +0100, Petter Reinholdtsen wrote:
Any plan for fixing this bug? This RC bug caused libpam-ldap to be
removed from testing/jessie today.
Perhaps it is better to migrate users of libpam-ldap to one of the
alternative packages (libpam-ldapd or libpam-sssd) and drop
On Thu, 2013-10-24 at 10:25 -0400, Klee Dienes wrote:
The issue is that libnss-ldap is ending up with a dependency on
__libc_lock_lock, which was removed from glibc.
Thanks for the pointer to the patch. I thought I tested the release
before uploading but apparently I was mistaken. Sorry about
On Wed, 2013-10-02 at 00:18 +0200, Petter Reinholdtsen wrote:
[Arthur de Jong]
I've been looking into how to fix this problem. I couldn't find a
common solution to this problem.
What about moving the configuration to a arch: all package and depend
on it from the arch: any packages
On Fri, 2013-04-26 at 02:10 +0200, Andreas Beckmann wrote:
libnss-ldap has been converted to Multi-Arch: same, but manages the
configuration file /etc/libnss-ldap.conf that is now shared between all
installed architectures of the libnss-ldap package.
The problem arises during purge: the
On Sun, 2013-08-04 at 15:19 +0200, Enrico Zini wrote:
the package declares Standards-Version: 3.9.2 but the changelog is
encoded in latin1.
I've had a look at the changelog but the version currently in the
python-modules Subversion repository is UTF-8 encoded.
The fix was in r23712 while the
Control fixed -1 libapache2-mod-python/3.3.1-10
Control tags -1 + fixed-in-experimental
On Fri, 2013-05-31 at 21:53 +0200, David Suárez wrote:
During a rebuild of all packages in sid, your package failed to build on
amd64.
This has been fixed in the version currently in experimental.
The fix
On Thu, 2013-05-23 at 13:13 +0200, Arno Töll wrote:
we are ready to upload Apache2 2.4 to Debian Sid now. This means the
transition is effectively starting now, and going to break your modules.
I have been working on getting mod_python into shape (somewhat). I have
cleaned up the packaging
2013-05-11 20:17:27.0 +0200
@@ -1,3 +1,11 @@
+nss-pam-ldapd (0.7.15+squeeze4) stable-security; urgency=low
+
+ * fix FTBFS on kFreeBSD (see #690319)
+ * debian/nslcd.config: handle options that are specified multiple times
+in nslcd.conf consistently (closes: #700971)
+
+ -- Arthur de
On Wed, 2013-05-01 at 23:05 +0100, Steven Chamberlain wrote:
I noticed (by chance) there is a problem with the squeeze-security
patch for #690319; it introduces a regression on kfreebsd and has not
built. I'm not sure where to find build logs of this, or if they are
public, but I think it is
Control: severity -1 important
Control: tags -1 + unreproducible
On Fri, 2013-03-01 at 16:02 -0800, Russ Allbery wrote:
Should this bug be downgraded until it can be confirmed as
reproducible? I also looked through the postinst script and, while
it's complex, I didn't see any obvious way in
Control: fixed -1 0.8.5
Control: tags -1 + patch
On Thu, 2013-02-21 at 01:09 +, Mark Cunningham wrote:
Before install, i get the defaults i configured when installed the
package. I set these to non used variables and created the nslcd.conf
myself.
I've been able to find the problem: the
On Tue, 2013-02-19 at 21:29 +, Mark Cunningham wrote:
Originally:
nslcd: 0.7.15+squeeze2
file: nslcd.orig
After installing
nslcd: 0.7.15+squeeze3
file nslcd.conf
diff nslcd.*
16c16
base ou=groups,dc=example,dc=com
---
base ou=users,ou=users,dc=example,dc=com
Thanks, this
Control: tags -1 + security
It has been determined that this bug has security implications and
CVE-2013-0288 has been assigned to this issue. For more details see the
upstream advisory:
http://arthurdejong.org/nss-pam-ldapd/CVE-2013-0288
A Debian security advisory for this issue will be issued
Hi Arno,
On Sun, 2012-12-23 at 12:39 +0100, Arthur de Jong wrote:
Do you by any change have the configuration file before and after the
upgrade?
Also, can you confirm that this debconf information was in place after
the upgrade for the broken machine:
* nslcd/ldap-auth-type: none
On Thu, 2012-12-20 at 22:24 +0100, Arno wrote:
Which was caused by the removal of the line
tls_cacertfile /etc/ssl/certs/loos.site.pem
from nslcd.conf on upgrade.
This is really weird, nslcd package scripts shouldn't do anything with
this option (neither this version or any before).
Do
On Fri, 2012-12-21 at 12:40 +0100, Dominik George wrote:
I have looked into the config and postinst script to find some hints on
why this might happen. Here are some remarks, be they relevant or not:
Thanks for the feedback. Always good to have another set of eyes looking
at the code.
- Using
Control: tags -1 + patch
On Sat, 2012-11-03 at 01:47 -0400, Michael Gilbert wrote:
reopen 682752
thanks
This still affects unstable.
The change that was meant to fix this bug is in
http://anonscm.debian.org/loggerhead/pkg-cups/cups-filters/debian-trunk/revision/62/debian/copyright
version checks that were in place in
ncpfs. The checks in place have some special handling for kernels older
than 2.5.31. Since no-one is expected to use these old kernels any more
it is easiest to remove the checks.
Author: Arthur de Jong adej...@debian.org
Bug-Debian: http://bugs.debian.org
Control: tags -1 + patch
On Tue, 2012-11-06 at 16:24 +0100, Bastian Blank wrote:
| dpkg-source: info: local changes detected, the modified files are:
| ncpfs-2.2.6/include/private/libncp-atomic.h
Attached is a trivial patch which fixes this issue.
--
-- arthur - adej...@debian.org -
to pass the
+--quick-random option to the gpg command to make it buildable in
+environments with limited entropy (Closes: #682648).
+
+ -- Arthur de Jong adej...@debian.org Sat, 20 Oct 2012 19:09:44 +0200
+
python-gnupg (0.3.0-1) unstable; urgency=low
* New upstream release
diff -Nru
On Fri, 2012-10-12 at 16:04 +0200, Adrien Urban wrote:
When trying to get the identity, after establishing the connection
(connect /var/run/nslcd/socket), it uses select to wait on it. If the
filedescriptor is over 1024, it still uses FD_SET to write outside of
the fd_set, and calls select
release.
+ * Drop the 01-setup_configure.patch which should be integrated upstream.
+
+ -- Arthur de Jong adej...@debian.org Wed, 18 Jul 2012 23:03:31 +0200
+
pysvn (1.7.5-1.1) unstable; urgency=low
* Non maintainer upload.
diff -Naur pysvn-1.7.5/debian/patches/series pysvn-1.7.6/debian
tags 670133 + pending
thanks
On Mon, 2012-04-23 at 12:14 +0200, Luca Capello wrote:
Basically, with today's upgrade, my /etc/nslcd.conf was automatically
changed and the LDAP setup completely broke.
Thank you for the detailed bug report and analysis. It helped me greatly
in pinpointing the
On Sun, 2012-01-22 at 00:08 +0100, Michael Biebl wrote:
Could you please downgrade libglib2.0 (and related packages) to
2.30.2-4, ie. the version from testing and see if the
gnome-settings-daemon crashes go away?
Will try that if all else fails or things get too annoying.
What would also be
Package: gnome-settings-daemon
Version: 3.2.2-2
Severity: critical
Justification: breaks unrelated software
Occasionally gnome-settings-daemon crashes and the friendly by oh so
useless Oh no! Something has gone wrong. message in Gnome pops up and
all the things I'm working on are unavailable.
On Tue, 2011-09-27 at 22:22 +0200, Moritz Mühlenhoff wrote:
Feel free to NMU, either with Steve's patch or by updating to
2.08. Otherwise I'll upload a fix in a few weeks myself.
I've uploaded 2.07-8.1. I've introduced a patch that just uses the
jpeg/08 files from 2.08.
I've had a quick look
Subject: exiftran: dies with Segmentation fault when rotating an image
Package: exiftran
Version: 2.07-8
Justification: renders package unusable
Severity: grave
exiftran dies when it tries to rotate a JPEG file:
$ ./exiftran -a -i -p ../20110711163247.jpg
processing ../20110711163247.jpg
tags 618795 + pending
thanks
On Fri, 2011-03-18 at 15:46 +0100, Cyril Brulebois wrote:
your package no longer builds on kfreebsd-*:
| gcc -DHAVE_CONFIG_H -I. -I.. -I.. -pthread -g -O2 -pedantic -Wall
-Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wstrict-prototypes
On Sat, 2010-12-11 at 18:50 +0100, Lucas Nussbaum wrote:
While testing the installation of all packages in squeeze, I ran
into the following problem:
[...]
CONFIGURATION FILE `/ETC/VIEWVC/VIEWVC.CONF'
== MODIFIED (BY YOU OR BY A SCRIPT) SINCE INSTALLATION.
== PACKAGE DISTRIBUTOR HAS
On Fri, 2010-12-10 at 11:42 +0800, David Adam wrote:
libnss-ldapd should be used to replace libnss-ldap on squeeze upgrades. I
am still a touch wary of libnss-ldapd, only in that adding the daemon
introduces an additional point of failure, but have been running it on
our Ubuntu and squeeze
On Fri, 2010-07-02 at 09:13 +0200, Petter Reinholdtsen wrote:
Hi. When do you plan to upload a fix for this issue into unstable?
It affect Debian Edu, and it would be nice to have a fix in place
soon.
I will probably make another release this weekend. This will include the
fix for #585968.
tags 585968 + pending
thanks
On Tue, 2010-06-15 at 11:09 +0200, Petter Reinholdtsen wrote:
When the DNS server is on the local machine and the nslcd.conf file
uses DNS (name or SRV records) to find the LDAP server, nslcd
currently fail to start at boot because it starts before the DNS
server
On Thu, 2010-05-27 at 19:20 +0200, Christian PERRIER wrote:
First of all, let me add a disclaimer: I am *not* the maintainer of
libnss-ldap nor do I have much clue about LDAP auth and even that
package.
Let me then also add my comments (I'm also not the maintainer of
libnss-ldap but I'm the
-2Pluggable Authentication Modules l
libpam-ldap recommends no packages.
Versions of packages libpam-ldap suggests:
ii libnss-ldapd [libnss-ldap]0.6.7.2NSS module for using LDAP as a nam
--
-- arthur de jong - art...@west.nl - west consulting b.v. --
--
To UNSUBSCRIBE, email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, 2009-12-06 at 17:48 +0100, Arthur de Jong wrote:
I have prepared a 0.6.7.2 version which can be found here: [2], [3]. The
debdiff is attached (9 source files changed, 133 insertions and 151
deletions).
Please go ahead.
Thanks, I
, services and shadow lookups (closes: #552433)
+
+ -- Arthur de Jong adej...@debian.org Thu, 07 Nov 2009 12:00:00 +0100
+
+nss-ldapd (0.6.7.1) stable-security; urgency=high
+
+ * security upload (CVE-2009-1073)
* fix the permissions of /etc/nss-ldapd.conf to not be world readable
(file can
On Thu, 2009-11-05 at 21:07 +0100, Arthur de Jong wrote:
I will contact the security team and prepare an update.
I am awaiting a response from the security team whether to do this via a
security update or via proposed-updates.
An updated 0.6.7.2 package is being prepared here:
http
On Thu, 2009-11-05 at 17:32 +0100, Petter Reinholdtsen wrote:
I really hope you find time to fix this in Lenny, as it affects Debian
Edu. The issue is also a security issue, where users can by-pass
netgroup based limitations by changing the case of the username they use
when logging in. See
On Mon, 2009-10-26 at 11:28 +0300, Alexandra N. Kossovsky wrote:
I've got a problem with libnss-ldpad package. In my environment, any
(non-root) local user can break normal work of any other user.
The problem is, nss-ldapd makes strange things with case of uids. For
example:
bash$ id
Dear stable release team,
A user reported a bug (#552433) against libnss-ldapd which causes some
problems and asked if a fix can be made available in a stable update.
I can probably backport the fix to version 0.6.7.1 but I wanted to know
if such a fix will be considered a candidate for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've tested the above patch and it seems to solve the problem. It took me
a couple of times reading though /lib/lsb/init-functions to understand why
though (use of $specified is confusing).
Also this problem doesn't seem to show in all
Bugs #506429 and #448470 are the same. Also, a workaround (if you can't
downgrade to 6.0-7) is to add
ASYNCMOUNTNFS=no
to /etc/default/rcS (at least until this is fixed).
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just for the bug report, this is the patch I'd use for the NMU.
I'd like to upload today, along with the fix for #502760.
I'll do it this evening. I have the same fix pending:
retitle 500778 nss-ldapd: problem resolving groups and users with nfs4
severity 500778 important
tags 500778 + help
thanks
On Mon, 2008-10-06 at 11:42 +0200, Patrick Schoenfeld wrote:
2008/10/3 Arthur de Jong [EMAIL PROTECTED]:
Patrick, does adding Cache-Expiration = 10 to /etc/idmapd.conf
(Cc-ing the nfs-utils maintainers, perhaps they have some insight that
could solve this)
On Sat, 2008-10-04 at 09:52 +0200, Patrick Schoenfeld wrote:
My guess is that name lookups are cached in idmapd. Can you check that
by restarting idmapd (/etc/init.d/nfs-common restart) the problem goes
On Thu, 2008-10-02 at 10:28 +0200, Patrick Schoenfeld wrote:
attached is a log, while the problem exists.
[EMAIL PROTECTED] ~ % ls -l test
-rw-rw-r-- 1 schoenfeld nogroup 0 12. Sep 09:49 test
Interesting enough: The symptom is similar to the system behaviour, if
nslcd is _not_ running.
On Wed, 2008-10-01 at 13:11 +0200, Patrick Schoenfeld wrote:
Our setup is a mixed Windows/Linux environment with a LDAP server, for
central authentication. Linux clients use libnss-ldapd for resolution of
usernames and groups.
Could you provide some more details? Is the LDAP server on the
I also saw this problem today but after upgrading to 1.12.3-1 of
evolution-data-server and evolution-data-server-common (from 1.12.2-1+b1
and 1.12.2-1 respectively) everything was working as expected again
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
On Mon, 2007-11-19 at 20:33 +0100, Brice Goglin wrote:
Does it help if you add
Option AccelMethod XAA
in the above section? EXA is enabled by default in 2.2.0.
But there is at least one known problem with fonts and EXA.
I can confirm that fixes the problem for me (82Q963/Q965).
--
--
On Tue, 2007-10-16 at 19:17 +0200, Sven Mueller wrote:
Package: lirc-modules-source
Version: 0.80.0-13
This should probably be 0.8.0-13.
Anyway, I have 0.8.0-13 installed and the tarball
/usr/src/lirc-modules.tar.gz contains the following kernel specific
directories under
On Tue, 2007-07-31 at 22:40 +0200, Andreas Barth wrote:
* Arthur de Jong ([EMAIL PROTECTED]) [070731 22:37]:
Would not using:
Conflicts: nfs-common ( 1:1.1.0-13)
be a nicer solution? That way, dpkg and apt would know what to do.
Because that would remove nfs-common.
Thanks. Shouldn't
Would not using:
Conflicts: nfs-common ( 1:1.1.0-13)
be a nicer solution? That way, dpkg and apt would know what to do.
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
On Tue, 2006-11-21 at 16:56 +0100, Francesco P. Lovergine wrote:
On Tue, Nov 21, 2006 at 10:06:03AM +0100, Arthur de Jong wrote:
From a quick glance at the source code the version in sarge
(1.2.10-15sarge1.0.1) also appears to be vulnerable. It contains the
same code snippet
reopen 391352
thanks
After a recent upgrade the ntp system user seems to be gone. Tracing my
steps, this is probably caused by purging the ntp-simple package after
the new ntp package is installed (from a glance at the postinst and
postrm).
Also it seems that /var/lib/ntp and /var/log/ntpstats
I was also bitten by this. At work we were hit earlier because we fetch
hosts from ldap (see #359713). We have modified /etc/init.d/udev to
edit /etc/nsswitch.conf on the fly (this is obviously a dirty hack).
Maybe it's a good idea to only enable libnss_ldap in the boot process
after networking
Subject: nedit: looks like it is related to the composite feature
Followup-For: Bug #318261
Package: nedit
Version: 1:5.5-1
After having some stability problems with the composite feature nedit
suddenly started working when commenting out
Option Composite Enable
from the extensions section of
Subject: /usr/bin/gq: exits with segmentation fault when adding or editing
server
Package: gq
Version: 1.0beta1-3
Severity: grave
Justification: renders package unusable
File: /usr/bin/gq
When I started gq with a configuration file from 2005-03-21 gq exited
immediatly with a segmentation fault.
74 matches
Mail list logo