This is becoming a bigger problem as a greater percentage of the web moves
over to HTTPS. I was trying to work on an IETF RFC draft and that's no
longer possible using libxml2 because URLs like
http://xml.resource.org/public/rfc/bibxml/reference.RFC.1321.xml now
unconditionally redirect to HTTPS.
I don't believe I reported that upstream and by now the patch is no doubt
fairly old. Since I no longer use OpenLDAP in any capacity I'm not
particularly motivated to update it & push it through.
Chris
No - at this point it's been a few years since I've supported RT at
all and it's an easy patch to update if someone still needs it.
Chris
On Jul 23, 2010, at 5:27 PM, Dominic Hargreaves wrote:
> On Thu, Jan 31, 2008 at 11:57:01AM -0800, Chris Adams wrote:
>> The atta
On Apr 21, 2008, at 1:00 AM, Richard A Nelson wrote:
Sorry for not being more responsive on this issue, it is an important
one for alot of people... I've been looking at options/alternatives/
dealing with `real life`
No problem - the same process applied on my side between the "ranting
abou
Package: wireshark-common
Version: 0.99.4-5.etch.2
Severity: minor
The wireshark files are stored one level deeper than normal - e.g:
/usr/share/wireshark/wireshark/manuf
instead of the normal
/usr/share/wireshark/manuf
-- System Information:
Debian Release: 4.0
APT prefers stable
APT pol
Package: splint
Version: 3.1.1-6
Severity: minor
I just installed splint for the first time and after looking at the man
page added +usestderr to my command-line. This produced the following
error:
Command Line: usestderr flag is obsolete. This has been replaced by more
precise flags for con
Would it be useful if I split this patch to remove the syslog additions?
libpam-ldap-search-attribute-fix.diff
Description: Binary data
Chris
smime.p7s
Description: S/MIME cryptographic signature
On Mar 17, 2008, at 6:54 PM, Simon Josefsson wrote:
Can we check whether my workaround will be included in pam_ldap
first?
Otherwise we're in the situation where some users will not be able
to
authenticate against LDAP without any obvious reason.
Hello,
well I will just wait for a negative
On Apr 3, 2008, at 3:31 PM, Quanah Gibson-Mount wrote:
In the example I included, the server timeout error was sent to
stderr if
the server was down (e.g. connect() gets an RST) but not in the
case of a
timeout (the LDIF comment is all you get).
In this case, do you mean a timeout at the *
Package: ldap-utils
Version: 2.3.30-5
Severity: minor
ldapsearch sends error messages in its data stream:
Search result
search: 2
result: 0 Success
# numResponses: 775
# numEntries: 774
It would be nice if something went to stderr in case stdout has been
redirected so an abnormal result was ob
I've filed bug # against libgnutls13 since upgrading to the version in
testing will fix the underlying failure.
I think it makes sense to implement the workaround in my patch simply
on the grounds of network efficiency since the overhead is pretty
dramatic. Should I move the operational log
Package: libgnutls13
Version: 1.4.4-3
Severity: normal
#470509 turns out to be caused by the version of libgnutls13 - if the
version from stable (1.4.4-3) is in use pam_ldap will return an
incorrect authentication error because the ldap_search_s() call will
fail when gnutls_read() returns an inter
On Mar 17, 2008, at 2:24 PM, Debian Bug Tracking System wrote:
Upgrading to the version in testing solves the problem.
Ok. I am marking the bug as fixed in that version. Since this is not
rc (speak up if you disagree), that is probably going to be the only
action I am taking.
Can we check wh
The problem appears to be related to the response size when calling
ldap_search_s() in _get_user_info():
rc = ldap_search_s (session->ld, ssd->base, ssd->scope, filter,
NULL, 0, &res);
pam_ldap works correctly if that line is changed to either not request
attribute data:
rc = ldap_sea
I've worked on a patch to add more informative syslog() use to
pam_ldap, oriented towards system administrators who are investigating
failures. With that and a number of hacked in syslog() calls in
libldap2, it's starting to appear that the problem is caused by an
underlying failure in gnut
I'm not sure if this was part of the prior discussion but when I
prepared a trimmed-down version for our Debian server VMs I planned
for a three-part split:
open-vm-tools: vmware-guestd, vmware-checkvm, libguest
open-vm-tools-modules: kernel modules (so we can avoid installing this
in favor
Package: lm-sensors
Version: 1:2.10.1-3
Severity: normal
We have a Sun x4100 M2 which has a partially-supported ADM sensor chip:
i2c_adapter i2c-1: : Unrecognized stepping 0x45. Defaulting to ADM1026.o
We have lm-sensors automatically configured and started on all of our systems.
The sensor mis
[Thu Jan 31 22:00:23 2008] [warning]: Use of uninitialized value in
string ne at /usr/share/request-tracker3.6/lib/RT/Interface/Web.pm
line 1468. (/usr/share/request-tracker3.6/lib/RT/Interface/Web.pm:1468)
-if ( $ARGSRef->{ $field . '_Date' } ne '' ) {
+if ( $ARGSRef->{ $fiel
Package: request-tracker3.6
Version: 3.6.1-4
Severity: wishlist
Tags: patch
The attached patch allows you to create a SiteConfig variable containing
a list of addresses which RT should not send email to:
Set($SquelchList, '[EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED]');
-- Package-spec
Package: request-tracker3.6
Version: 3.6.1-4
Severity: minor
Tags: patch
Web.pm uses a variable which may not always be defined - this causes the
following error:
[Thu Jan 31 19:55:49 2008] [warning]: Use of uninitialized value in
split at /usr/share/request-tracker3.6/lib/RT/Interface/Web.pm li
Package: pdftk
Version: 1.40-3
Severity: normal
Tags: patch l10n
pdftk's UpdateInfo expects all of its info to be plain ASCII. This
causes problems with UTF-8 characters (e.g. a u with an umlaut (U+00FC)
which is input as 0xC3BC will be converted to 0xFFC3 0xFFBC) which is
inconvenient for author
Package: libpdf-api2-perl
Version: 0.57-1
Severity: normal
Tags: patch l10n
PDF::API2 includes Encode but doesn't use it when checking for UTF-16
strings in metadata ($pdf->info() hash). This causes the output to be
garbled in our UTF-8 (perl -CSD) environment. The attached patch uses
Encode::det
Package: debian-installer
Severity: normal
We have a number of Sun x4100 M2 systems and have run into a significant
problem triggered by the newer ILOM service processors. The SPs provide a nifty
remote CD-over-network feature as part of their KVM function; unfortunately
this results in a race co
Package: debian-installer
Version: 20070308etch1
Severity: important
Our cluster nodes PXE boot with the following parameters:
append initrd=debian/etch/DI/amd64/initrd.gz ramdisk_size=18000
root=/dev/rd/0 devfs=mount,dall rw console=ttyS0,57600n8 auto
url=http://198.202.70.23/DI/presee
Package: netatalk
Version: 2.0.3-5
Severity: important
Our AppleVolumes.default is configured to use adouble:osx (this is a
requirement as most of our Macs are OS X NFS clients) with the following
options:
:DEFAULT: adouble:osx options:usedots,nohex,upriv cnidscheme:dbd
When afpd encounters a ._
Sorry about the delay updating this ticket - I can confirm that this
still happens on Etch for both i386 and amd64. All of our systems
have been updated so /etc/nscd.conf contains "enable-cache hosts no".
Chris
smime.p7s
Description: S/MIME cryptographic signature
I recently ran into this problem and made a very similar patch to
change the $HTTPD calls for start & configtest to include
$APACHE_ARGUMENTS (if it exists) so we can add a few needed defines
in /etc/apache2/envvars (e.g. -DTEST_SITE vs. -DPRODUCTION_SITE so we
can share a common Apache con
On Jun 22, 2007, at 1:09 PM, Noèl Köthe wrote:
tags 424683 - moreinfo
tags 424683 + fixed-upstream
thanks
That was fast - thanks!
Chris
smime.p7s
Description: S/MIME cryptographic signature
Package: samba
Version: 3.0.24-6etch1
Severity: minor
While scanning our domain this morning I noticed that smbd will crash in
api_eventlog_open_eventlog (#4 in the backtrace below) when scanned by
Microsoft's Baseline Security Analyzer. I've marked this as minor because it
doesn't interfere with
I've verified that the same fault happens on 2.3.30-5 on a clean Etch
install. With nfiles set to 8192 the following will occur quite
easily in testing:
slapd[5574]: daemon: 4096 beyond descriptor table size 4096
When this happens the connection is still accepted so the client will
wait un
Package: linux-image-2.6.18-4-686
Version: mptbase boot hang on Dell Precision 650
Severity: important
The problem is related to the Fusion-MPT SCSI card:
LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI
The last kernel which boots successfully is 2.6.18-2. 2.6.18-3,
2.6.18
Package: varnish
Version: 1.0.2-2
Severity: minor
Most similar packages use /var/cache to store cached files; the default
/etc/default/varnish uses /var/lib instead.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Shell:
Package: amd64-libs-dev
Version: 1.4
Severity: important
amd64-libs-dev has a problem similar to amd64-libs' #362960:
Setting up amd64-libs-dev (1.4) ...
dpkg-divert: rename involves overwriting `/usr/include/asm/a.out.h' with
different file `/usr/include/asm-i386/a.out.h', not allowed
-- Sys
Package: apache2
Version: 2.2.3-4
Severity: important
I have been replacing the sadly-unreliable apt-proxy with an Apache2
mod_cache setup. Opera's Debian archive turns out to be virtual hosted
and fails when used like this:
ProxyPass /opera http://deb.opera.com/opera smax=4 retry=60
tcpdump co
I'm not the original reporter but I just ran into the same problem:
I'm not sure I entirely follow what's going on when this happens.
We're in the postinst which means files from older amd64-libs packages
have been removed. If removing the diversion would cause a conflict,
then you must have bo
On 2007-01-22, at 2:09 PM, Steffen Joeris wrote:
Could you maybe check if this error still exists with the latest
version in
experimental? Just in case you need a sarge backports, you can grep
it from
this site[0].
Sure - the affected machines were running etch / amd64 so the version
ins
On 2006-11-15, at 1:05 AM, Lionel Elie Mamane wrote:
Have you created the list before setting DEFAULT_EMAIL_HOST and/or
DEFAULT_URL_HOST correctly? In this case, you need to call:
/var/lib/mailman/bin/withlist -l -r fix_url ${LISTNAME}
I'm sorry - I should have mentioned that I had already r
Package: mailman
Version: 2.1.5-8sarge5
Severity: normal
We're using mailman with a virtual domain ("lists.example.edu") on an
existing postfix server ("example.edu"). Postfix is configured to use a
mailman transport for that domain.
We have the various host variables set to "lists.example.edu":
Package: openssl
Version: 0.9.8c-3
Severity: normal
sudo openssl genrsa -aes192 -out /etc/ssl/private/host.example.edu.key 1024
[EMAIL PROTECTED] sudo password:
Generating RSA private key, 1024 bit long modulus
.++
++
e is 65537 (0x10001)
Enter pass phrase for /etc/ss
Package: spamassassin
Version: 3.1.3-0bpo1
Severity: normal
I'm attempting to add a rule which matches on a custom header set by an
outside spam filter which adds a header to identified spam (we don't
want to trust this completely but it would be a good source of a few
extra points).
Unfortunate
Package: mpt-status
Version: 1.1.6-8
Severity: wishlist
http://forum.lucidnow.com/viewtopic.php?t=144&sid=b49e9cd062a077f40de894a5c9074eaf
implies that v1.1.5 and later support the LSI SAS1064 controllers on Sun
Fire x4100 systems.
Unfortunately the latest mpt-status from testing fails, sugge
Package: mpt-status
Version: 1.1.6-8
Severity: minor
mpt-status --version returns 1.1.5 - this appears to be an upstream bug
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/ba
On 2006-09-28, at 1:11 PM, Quanah Gibson-Mount wrote:
If I change the ulimit to 1024, then it fails at:
Sep 28 13:09:59 ldap-test2 slapd[29388]: warning: cannot open /etc/
hosts.allow: Too many open files
Sep 28 13:09:59 ldap-test2 slapd[29388]: error: bad option name:
"171.64.11.148"
Sep 28
On 2006-07-16, at 6:16 PM, Quanah Gibson-Mount wrote:
If the debian build links against tcp wrappers, that may be the
actual problem. This is rather well discussed on the OpenLDAP
archives.
I couldn't find much which seemed relevant in the archives but I've
confirmed that this is not the
Package: gamin
Version: 0.1.7-2bpo1
Severity: normal
We've noticed a sporadic gam_server problem on a busy courier-imap
server. The problem initially sounded like #333205 but a little
investigation suggests otherwise.
During the problem gam_server will chew 100% CPU
strace reveals that it is mak
Package: firefox
Followup-For: Bug #385248
I've saved a copy of a core dump from Firefox here:
http://improbable.org/chris/BugReports/385248.core.bz2
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7-smp
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-
Package: nscd
Version: 2.3.2.ds1-22sarge3
Severity: important
I have not been able to determine the trigger but after some period of
time nscd will start returning failures for any attempt get the system
hostname. Here's an example from an amd64 (i386 is also affected) sarge
system:
[EMAIL PROT
On 2006-07-26, at 12:27 AM, Christian Hammers wrote:
On 2006-07-25 Chris Adams wrote:
An apt-get upgrade resulted in the following:
Can't exec "/tmp/mysql-server-4.1.config.169501": Permission
denied at
/usr/share/perl/5.8/IPC/Open3.pm line 168.
Are you using some kind o
Package: mysql-server-4.1
Version: 4.1.11a-4sarge5
Severity: normal
An apt-get upgrade resulted in the following:
Can't exec "/tmp/mysql-server-4.1.config.169501": Permission denied at
/usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/mysql-server-4.1.config.169501 configure
4.1.11a
Package: slapd
Version: 2.2.23-8
Severity: important
slapd can fail under heavy load with the following message:
Jul 14 10:12:04 economo slapd[16502]: daemon: 1024 beyond descriptor table size
1024
There are several problems here:
1) slapd uses more file descriptors than it arguably should (#
Package: pine
Version: 4.62-1
Severity: minor
Many of our Pine users have their accounts configured to use the Maildir
driver. If their connection to the server is broken Pine will save the
message to ~/.pine-interrupted-mail - unfortunately it doesn't check
that file when it you restart Pine so
Package: courier-imap
Version: 3.0.8-4sarge4
Severity: normal
We have a user with ~3500 mail folders (consolidating folders isn't an
option). An IMAP session takes several minutes and according to strace
most of the time is spent processing the courierimapacl files in each
folder. This leads to t
Package: nscd
Version: 2.3.6-7
Severity: minor
I noticed that nscd had cached an old copy of an LDAP group which we had
recently changed. After a few minutes of bad results I ran
'/etc/init.d/nscd restart' in the hope that it would cause nscd to
invalidate its cache but this didn't work. 'ncsd -
Package: nscd
Version: 2.3.6-7
Severity: minor
I noticed that nscd had cached an old copy of an LDAP group which we had
recently changed. After a few minutes of bad results I ran
'/etc/init.d/nscd restart' in the hope that it would cause nscd to
invalidate its cache but this didn't work. 'ncsd --
Package: phpwiki
Version: 1.3.11p1-1
Severity: normal
I upgraded a running phpwiki install from a sarge system. We used
external authentication in the past which meant that phpwiki bombed out
the first time it tried to hit the user table; after changing
ENABLE_USER_NEW to false I was able to logi
Package: nagios-plugins
Version: 1.4-6
Severity: minor
The check_ping plugin segfaults very infrequently:
check_ping[3913]: segfault at 5556d000 rip 55613b6d rsp
b204 error 6
check_ping[24961]: segfault at 5556d000 rip 55613b6d rsp
b204 er
Package: nagios-plugins
Version: 1.4-6
Severity: minor
check_by_ssh --help includes the following:
-w, --warning=DOUBLE
Response time to result in warning status (seconds)
-c, --critical=DOUBLE
Response time to result in critical status (seconds)
Attempting to use either option results
Package: nagios-plugins
Version: 1.4-6
Severity: normal
check_imap and check_simap will print usage options with --help which
include the following:
-w, --warning=DOUBLE
Response time to result in warning status (seconds)
-c, --critical=DOUBLE
Response time to result in critical status
Package: flashplugin-nonfree
Version: 7.0.25-5
Severity: wishlist
We have a web proxy specified both during the base system install and in
the http_proxy environmental variable. The installer should honor these
settings or be replaced a tool/library like wget or curl which has
standard proxy supp
I've noticed the same problems with the .uidvalidity files which are
created by c-client apps, most notably pine. It seems like there
should be a filter which would hide anything which is not a directory
and doesn't contain cur/new/tmp children since any attempt to access
something which is
Package: pine
Version: 4.62-1
Severity: normal
Normally pine deletes its postponed-folder when that folder is empty. If
you use Maildirs it will delete the cur, new, and tmp subdirectories but
will leave the top-level directory intact (it's possible that this is due to
Pine not deleting files it
Package: mutt
Version: 1.5.9-2
Severity: normal
/etc/Muttrc contains the following line
set smime_encrypt_command="openssl smime -encrypt -%a -outform DER -in %f %c"
The "-" before %a causes the openssl command to display the usage
information and quit when you attempt to send an enrypted messa
62 matches
Mail list logo
