Your message dated Sat, 10 Mar 2007 23:02:08 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#407746: fixed in libpam-ldap 180-1.7
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libpam-ldap
Version: 180-1.6
3rd report - can we please get an acknowledgement from somebody?
The package is still broken in how it handles existing settings upon
upgrades, and these settings are critical to authentication working.
-----Original Message-----
From: Jamie ffolliott [mailto:[EMAIL PROTECTED]
Sent: Monday, February 05, 2007 11:00 PM
To: 'debian-release@lists.debian.org'
Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
Subject: FW: libpam-ldap upgrade breaks pam_ldap.conf and can't login
Package: libpam-ldap
Version: 180-1.5
I've sent the following email and did not receive a response from the
libpam-ldap maintainer. I've upgraded another sarge box since and confirmed
the bug still exists. This is a serious problem for upgrades from sarge, or
any package update, so please fix it before release.
-----Original Message-----
From: Jamie ffolliott [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 20, 2007 5:59 PM
To: '[EMAIL PROTECTED]'
Subject: libpam-ldap upgrade breaks pam_ldap.conf and can't login
Package: libpam-ldap
Version: 180-1.4
After an apt-get upgrade, the libpam-ldap packate updated, and in doing so
it rewrote parts of the /etc/pam_ldap.conf file as follows
- rewrote host, base, ldap_version, pam_password
- commented out the "uri" setting, which is an alternative setting to "host"
that supports ldap over ssl.
Since I don't use unencrypted logins to my ldap server, and I'm not sure who
would do such a thing, I cannot use the host setting. The latter step that
comments out "uri" in fact breaks authentication to this machine.
I've tried dpkg-reconfigure libpam-ldap and there's no option to preserve my
URI setting, which must be set to "ldaps://ldap.mydomain.com" for logins to
succeed.
Even if I leave "host" blank, it will still disable the "uri" setting - and
this is the heart of the issue, I can't avoid breaking the existing
libpam-ldap config.
Luckily I have ssh's pub key authentication setup, so I can get in to fix,
but without that this debian client would be rendered useless upon upgrade
from sarge to etch.
Please consider this critical, I don't want all my servers to be rendered
inaccessible after upgrading to etch which I hope to do upon release. It
locks out access to the box completely.
Thx!
--- End Message ---
--- Begin Message ---
Source: libpam-ldap
Source-Version: 180-1.7
We believe that the bug you reported is fixed in the latest version of
libpam-ldap, which is due to be installed in the Debian FTP archive:
libpam-ldap_180-1.7.diff.gz
to pool/main/libp/libpam-ldap/libpam-ldap_180-1.7.diff.gz
libpam-ldap_180-1.7.dsc
to pool/main/libp/libpam-ldap/libpam-ldap_180-1.7.dsc
libpam-ldap_180-1.7_i386.deb
to pool/main/libp/libpam-ldap/libpam-ldap_180-1.7_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steve Langasek <[EMAIL PROTECTED]> (supplier of updated libpam-ldap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 9 Mar 2007 02:35:03 -0800
Source: libpam-ldap
Binary: libpam-ldap
Architecture: source i386
Version: 180-1.7
Distribution: unstable
Urgency: high
Maintainer: Stephen Frost <[EMAIL PROTECTED]>
Changed-By: Steve Langasek <[EMAIL PROTECTED]>
Description:
libpam-ldap - Pluggable Authentication Module allowing LDAP interfaces
Closes: 407746 411545 412649 413448 413539
Changes:
libpam-ldap (180-1.7) unstable; urgency=high
.
* Non-maintainer upload.
* High-urgency upload for RC bugfix.
* Check for both 'host' and 'uri' in the existing pam_ldap.conf, so
that uri entries aren't incorrectly discarded on upgrade. Also
handle ldapi:/// URIs in the postinst, rather than mistaking this
for a host entry. Closes: #407746.
* Use ldapi:/// as the default server value, not 127.0.0.1, since
ldapi is going to be more efficient than tcp
* Incorporate a postinst fix from libnss-ldap, so updates will
preferentially be made to the first *uncommented* instance of the
option in pam_ldap.conf, not just the first instance.
* Incorporate updated debconf templates from libnss-ldap where
appropriate; thanks to Christian Perrier for the assistance.
* Debian translations:
- Copy translations from libnss-ldap. This adds Catalan, Danish,
Spanish, Galician, Norwegian Bokmål, Russian (all incomplete right now)
- Include updated Galician translation; thanks to Jacobo Tarrio.
Closes: #412649.
- Include updated Brazilian Portuguese translation; thanks to André
Luis Lopes. Closes: #411545.
- Include updated German translation; thanks to Matthias Julius.
Closes: #413448.
- Include updated Czech translation; thanks to Miroslave Kure.
Closes: #413539.
- Include updated Dutch translation; thanks to Bart Cornelis.
* Use debconf substitutions for package name and file name in
templates; no direct benefit to this package alone, but allows
translators to translate the same string only once for libpam-ldap
and libnss-ldap.
Files:
9101e2ad224596f996837b64ea58fd7c 633 admin extra libpam-ldap_180-1.7.dsc
d79ac1f21dde4e3c7e83cf78744e4950 37764 admin extra libpam-ldap_180-1.7.diff.gz
8b60c6797f3fb3852d1472ded264426a 75868 admin extra libpam-ldap_180-1.7_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF8l3/KN6ufymYLloRAqSiAJ9BqxUmyJr8cNf/3HdiwfkO8XzarwCfV9NC
X5syZzYMIBhge/CYpZwdaeo=
=y41W
-----END PGP SIGNATURE-----
--- End Message ---
