On Thu, 2017-01-12 at 04:16 -0600, Elizabeth Myers wrote:
> When restarting the OpenLDAP server, nslcd often crashes on multiple
> servers with the following messages logged (I know they're not
> helpful but it's what I have at the moment):
>
> nslcd[14819]: segfault at 0 ip 7fdc51502ce4 sp 00
Hi,
On Mon, 2017-01-16 at 11:52 +0100, Thomas Wallrafen wrote:
> The aforementioned setting is probably added to the file via the
> postinstall script of the nslcd package. If one removes the line
> tls_cacertfile dir /etc/ssl/certs from the file /etc/nslcd.conf and
> runs
> # dpkg --configrue -a
end ca-certificate which is needed due to adding tls_cacertfile by
default (see #750949) and the checking of tls_cacertfile in 0.9.7
(closes: #836720)
+ * fix parsing of nslcd.conf tls_cacert option in package configuration
+(closes: #851564)
- -- Arthur de Jong Wed, 07 Sep 2016 23
Hi Elizabeth,
I have been trying to reproduce this (nslcd 0.9.7-1, slapd 2.4.40+dfsg-
1+deb8u2).
I have not been able to reproduce this when not using SSL and the
following nslcd.conf also works without problems for me:
uid nslcd
gid nslcd
uri ldaps://192.168.12.1/
base dc=thuis,dc=net
tls_reqce
On Mon, 23 Jan 2017, Elizabeth Myers wrote:
I can't reproduce it with nslcd -d. It happens reliably outside of it
though. I will try to get a core dump.
You probably want to avoid adding the core file to the bug report since it
will probably contain your client's private SSL key.
If you want
Control: severity -1 important
On Tue, 2017-02-07 at 12:42 -0500, James Valleroy wrote:
> Any update on this bug? Is it possible the severity could be lowered
> until the analysis is complete?
>
> I have some packages (plinth, freedombox-setup) that depend on nslcd,
> so I'm hoping that it won't
Control: tags -1 + pending
On Mon, 2021-12-20 at 22:03 +0100, Thomas Fargeix wrote:
> The postinst script of nslcd silently modifies the configuration file
> /etc/nslcd.conf on package upgrades. It rewrites or adds settings
> without notification to the administrator.
Thanks for this report.
> I
Control: tags -1 + upstream
FWIW, I am working supporting Python 3 upstream, see
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=221ce5a2680c1a91b7b87a36d73be5c0ad7e5ddb
This will be part of the upcoming 0.9.11 release.
--
-- arthur - adej...@debian.org - https://people.debian.org/~adejon
On Fri, 2022-02-18 at 19:11 -0800, Ryan Tandy wrote:
> I removed "pwdMustChange: TRUE" from the policy and then the tests
> passed. Not sure if this is the correct fix, but at least I don't
> currently see anything in test_pamcmds.expect that would be expecting
> a forced reset?
Applying this ch
On Sun, 2022-10-23 at 14:50 +0200, Lucas Nussbaum wrote:
> During a rebuild of all packages in sid, your package failed to build
> on amd64.
A fix has just been uploaded and is part of version 1.18-1.
If this ever needs to be backported for some reason the fix is trivial:
https://arthurdejong.org
Control: sevirity -1 normal
On Mon, 2017-08-21 at 13:17 +0200, Vincent Lefevre wrote:
> Severity: grave
> Justification: causes non-serious data loss and DoS from an end user.
The severity is a bit questionable and, at the very least not a flaw in
or unique to nslcd. Any local user that does not
On Mon, 2020-07-27 at 00:42 -0400, Sandro Tosi wrote:
> 9 months have passed and i dont see any progress on this porting to
> python3: last commits on https://arthurdejong.org/git/webcheck are
> from 2013 (!)
>
> Are you still interested in this program (which you wrote)? should we
> just remove i
On Thu, 2024-05-23 at 13:36 +0200, Santiago Vila wrote:
> Arthur: Would be ok for you if I fix this in bullseye via team
> upload?
Please do, thanks.
I only have limited time available at the moment and have quite a big
backlog of issues to pick up so any help is really welcome.
Thanks,
--
--
On Sat, 2024-06-01 at 14:59 +0200, Chris Hofstaedtler wrote:
> thanks for uploading to unstable. However the upload included
> maintainer-built binaries (for Arch: all and amd64). Migration to
> testing of these is forbidden by release team policy.
> Please upload a new version (no further changes
I was also bitten by this. At work we were hit earlier because we fetch
hosts from ldap (see #359713). We have modified /etc/init.d/udev to
edit /etc/nsswitch.conf on the fly (this is obviously a dirty hack).
Maybe it's a good idea to only enable libnss_ldap in the boot process
after networking i
Subject: nedit: looks like it is related to the composite feature
Followup-For: Bug #318261
Package: nedit
Version: 1:5.5-1
After having some stability problems with the composite feature nedit
suddenly started working when commenting out
Option "Composite" "Enable"
from the extensions section
Subject: /usr/bin/gq: exits with segmentation fault when adding or editing
server
Package: gq
Version: 1.0beta1-3
Severity: grave
Justification: renders package unusable
File: /usr/bin/gq
When I started gq with a configuration file from 2005-03-21 gq exited
immediatly with a segmentation fault. I
Would not using:
Conflicts: nfs-common (<< 1:1.1.0-13)
be a nicer solution? That way, dpkg and apt would know what to do.
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
On Tue, 2007-07-31 at 22:40 +0200, Andreas Barth wrote:
> * Arthur de Jong ([EMAIL PROTECTED]) [070731 22:37]:
> > Would not using:
> > Conflicts: nfs-common (<< 1:1.1.0-13)
> > be a nicer solution? That way, dpkg and apt would know what to do.
>
> Because that
On Mon, 2007-11-19 at 20:33 +0100, Brice Goglin wrote:
> Does it help if you add
> Option "AccelMethod" "XAA"
> in the above section? EXA is enabled by default in 2.2.0.
> But there is at least one known problem with fonts and EXA.
I can confirm that fixes the problem for me (82Q963/Q965).
On Tue, 2007-10-16 at 19:17 +0200, Sven Mueller wrote:
> Package: lirc-modules-source
> Version: 0.80.0-13
This should probably be 0.8.0-13.
Anyway, I have 0.8.0-13 installed and the tarball
/usr/src/lirc-modules.tar.gz contains the following kernel specific
directories under modules/lirc/driver
I also saw this problem today but after upgrading to 1.12.3-1 of
evolution-data-server and evolution-data-server-common (from 1.12.2-1+b1
and 1.12.2-1 respectively) everything was working as expected again
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
De
On Thu, 2008-10-02 at 10:28 +0200, Patrick Schoenfeld wrote:
> attached is a log, while the problem exists.
>
> [EMAIL PROTECTED] ~ % ls -l test
> -rw-rw-r-- 1 schoenfeld nogroup 0 12. Sep 09:49 test
>
> Interesting enough: The symptom is similar to the system behaviour, if
> nslcd is _not_ runni
(Cc-ing the nfs-utils maintainers, perhaps they have some insight that
could solve this)
On Sat, 2008-10-04 at 09:52 +0200, Patrick Schoenfeld wrote:
> > My guess is that name lookups are cached in idmapd. Can you check that
> > by restarting idmapd (/etc/init.d/nfs-common restart) the problem goe
retitle 500778 nss-ldapd: problem resolving groups and users with nfs4
severity 500778 important
tags 500778 + help
thanks
On Mon, 2008-10-06 at 11:42 +0200, Patrick Schoenfeld wrote:
> 2008/10/3 Arthur de Jong <[EMAIL PROTECTED]>:
> > Patrick, does adding "Cache-Expi
On Wed, 2008-10-01 at 13:11 +0200, Patrick Schoenfeld wrote:
> Our setup is a mixed Windows/Linux environment with a LDAP server, for
> central authentication. Linux clients use libnss-ldapd for resolution of
> usernames and groups.
Could you provide some more details? Is the LDAP server on the sy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just for the bug report, this is the patch I'd use for the NMU.
I'd like to upload today, along with the fix for #502760.
I'll do it this evening. I have the same fix pending:
http://arthurenhella.demon.nl/viewcvs/nss-ldapd/nss-ldapd/debian/libns
Bugs #506429 and #448470 are the same. Also, a workaround (if you can't
downgrade to 6.0-7) is to add
ASYNCMOUNTNFS=no
to /etc/default/rcS (at least until this is fixed).
--
-- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally si
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've tested the above patch and it seems to solve the problem. It took me
a couple of times reading though /lib/lsb/init-functions to understand why
though (use of $specified is confusing).
Also this problem doesn't seem to show in all circumstan
On Tue, 2006-11-21 at 16:56 +0100, Francesco P. Lovergine wrote:
> On Tue, Nov 21, 2006 at 10:06:03AM +0100, Arthur de Jong wrote:
> > From a quick glance at the source code the version in sarge
> > (1.2.10-15sarge1.0.1) also appears to be vulnerable. It contains the
> > same
reopen 391352
thanks
After a recent upgrade the ntp system user seems to be gone. Tracing my
steps, this is probably caused by purging the ntp-simple package after
the new ntp package is installed (from a glance at the postinst and
postrm).
Also it seems that /var/lib/ntp and /var/log/ntpstats ar
On Mon, 2009-10-26 at 11:28 +0300, Alexandra N. Kossovsky wrote:
> I've got a problem with libnss-ldpad package. In my environment, any
> (non-root) local user can break normal work of any other user.
>
> The problem is, nss-ldapd makes strange things with case of uids. For
> example:
> bash$ id
Dear stable release team,
A user reported a bug (#552433) against libnss-ldapd which causes some
problems and asked if a fix can be made available in a stable update.
I can probably backport the fix to version 0.6.7.1 but I wanted to know
if such a fix will be considered a candidate for proposed-
On Thu, 2009-11-05 at 17:32 +0100, Petter Reinholdtsen wrote:
> I really hope you find time to fix this in Lenny, as it affects Debian
> Edu. The issue is also a security issue, where users can by-pass
> netgroup based limitations by changing the case of the username they use
> when logging in. S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, 2009-12-06 at 17:48 +0100, Arthur de Jong wrote:
I have prepared a 0.6.7.2 version which can be found here: [2], [3]. The
debdiff is attached (9 source files changed, 133 insertions and 151
deletions).
Please go ahead.
Thanks, I will
On Thu, 2009-11-05 at 21:07 +0100, Arthur de Jong wrote:
> I will contact the security team and prepare an update.
I am awaiting a response from the security team whether to do this via a
security update or via proposed-updates.
An updated 0.6.7.2 package is being prepared here:
h
sswd, protocols,
+rpc, services and shadow lookups (closes: #552433)
+
+ -- Arthur de Jong Thu, 07 Nov 2009 12:00:00 +0100
+
+nss-ldapd (0.6.7.1) stable-security; urgency=high
+
+ * security upload (CVE-2009-1073)
* fix the permissions of /etc/nss-ldapd.conf to not be world readable
(
On Fri, 2010-12-10 at 11:42 +0800, David Adam wrote:
> libnss-ldapd should be used to replace libnss-ldap on squeeze upgrades. I
> am still a touch wary of libnss-ldapd, only in that adding the daemon
> introduces an additional point of failure, but have been running it on
> our Ubuntu and squee
On Sat, 2010-12-11 at 18:50 +0100, Lucas Nussbaum wrote:
> While testing the installation of all packages in squeeze, I ran
> into the following problem:
[...]
> > CONFIGURATION FILE `/ETC/VIEWVC/VIEWVC.CONF'
> > ==> MODIFIED (BY YOU OR BY A SCRIPT) SINCE INSTALLATION.
> > ==> PACKAGE DISTRIBUTOR H
tags 585968 + pending
thanks
On Tue, 2010-06-15 at 11:09 +0200, Petter Reinholdtsen wrote:
> When the DNS server is on the local machine and the nslcd.conf file
> uses DNS (name or SRV records) to find the LDAP server, nslcd
> currently fail to start at boot because it starts before the DNS
> serv
Hi Arno,
On Sun, 2012-12-23 at 12:39 +0100, Arthur de Jong wrote:
> Do you by any change have the configuration file before and after the
> upgrade?
>
> Also, can you confirm that this debconf information was in place after
> the upgrade for the broken machine:
>
> * nslcd
On Fri, 2012-10-12 at 16:04 +0200, Adrien Urban wrote:
> When trying to get the identity, after establishing the connection
> (connect /var/run/nslcd/socket), it uses select to wait on it. If the
> filedescriptor is over 1024, it still uses FD_SET to write outside of
> the fd_set, and calls select
etwork_needing_test.patch.
+ * Add use_quick_random_in_tests.patch to patch the testsuite to pass the
+--quick-random option to the gpg command to make it buildable in
+environments with limited entropy (Closes: #682648).
+
+ -- Arthur de Jong Sat, 20 Oct 2012 19:09:44 +0200
+
python-gn
Control: tags -1 + patch
On Sat, 2012-11-03 at 01:47 -0400, Michael Gilbert wrote:
> reopen 682752
> thanks
>
> This still affects unstable.
The change that was meant to fix this bug is in
http://anonscm.debian.org/loggerhead/pkg-cups/cups-filters/debian-trunk/revision/62/debian/copyright
how
ernels
This patch takes out the kernel version checks that were in place in
ncpfs. The checks in place have some special handling for kernels older
than 2.5.31. Since no-one is expected to use these old kernels any more
it is easiest to remove the checks.
Author: Arthur de Jong
Bug-Debian: http
Control: tags -1 + patch
On Tue, 2012-11-06 at 16:24 +0100, Bastian Blank wrote:
> | dpkg-source: info: local changes detected, the modified files are:
> | ncpfs-2.2.6/include/private/libncp-atomic.h
Attached is a trivial patch which fixes this issue.
--
-- arthur - adej...@debian.org - http:/
On Thu, 2012-12-20 at 22:24 +0100, Arno wrote:
> Which was caused by the removal of the line
>
> tls_cacertfile /etc/ssl/certs/loos.site.pem
>
> from nslcd.conf on upgrade.
This is really weird, nslcd package scripts shouldn't do anything with
this option (neither this version or any before).
D
On Fri, 2012-12-21 at 12:40 +0100, Dominik George wrote:
> I have looked into the config and postinst script to find some hints on
> why this might happen. Here are some remarks, be they relevant or not:
Thanks for the feedback. Always good to have another set of eyes looking
at the code.
> - Usi
upstream release.
+ * Drop the 01-setup_configure.patch which should be integrated upstream.
+
+ -- Arthur de Jong Wed, 18 Jul 2012 23:03:31 +0200
+
pysvn (1.7.5-1.1) unstable; urgency=low
* Non maintainer upload.
diff -Naur pysvn-1.7.5/debian/patches/series pysvn-1.7.6/debian/patch
1.1.1-2Pluggable Authentication Modules l
libpam-ldap recommends no packages.
Versions of packages libpam-ldap suggests:
ii libnss-ldapd [libnss-ldap]0.6.7.2NSS module for using LDAP as a nam
--
-- arthur de jong - art...@west.nl - west consulting b.v. --
--
T
On Thu, 2010-05-27 at 19:20 +0200, Christian PERRIER wrote:
> First of all, let me add a disclaimer: I am *not* the maintainer of
> libnss-ldap nor do I have much clue about LDAP auth and even that
> package.
Let me then also add my comments (I'm also not the maintainer of
libnss-ldap but I'm the
tags 618795 + pending
thanks
On Fri, 2011-03-18 at 15:46 +0100, Cyril Brulebois wrote:
> your package no longer builds on kfreebsd-*:
> | gcc -DHAVE_CONFIG_H -I. -I.. -I.. -pthread -g -O2 -pedantic -Wall
> -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wstrict-prototypes
> -Wmissing-protot
On Fri, 2010-07-02 at 09:13 +0200, Petter Reinholdtsen wrote:
> Hi. When do you plan to upload a fix for this issue into unstable?
> It affect Debian Edu, and it would be nice to have a fix in place
> soon.
I will probably make another release this weekend. This will include the
fix for #585968.
Subject: trac-ja-resource: package should be updated to 0.12 release
Package: trac-ja-resource
Version: 0.11.5.ja1-1
Severity: serious
Justification: prevents release of trac 0.12
Currently trac-ja-resource prevents migration of trac 0.12 to testing
because it will make trac-ja-resource 0.11 unins
9e1804141d131cbc3f6d4564e4e10f601ddcaa28
Author: Arthur de Jong
Date: Tue Apr 5 22:05:59 2016 +0200
Add Breaks/Replaces to allow upgrades from older versions (closes: #820025)
diff --git a/debian/changelog b/debian/changelog
index d3de377..1500cc2 100644
--- a/debian/changelog
+++ b/debian/changelog
On Mon, 2016-04-04 at 22:35 +0200, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade
> from 'testing'.
> It installed fine in 'testing', then the upgrade to 'sid' fails
> because it tries to overwrite other packages files without declaring
> a Breaks+Repl
On Sun, 2012-01-22 at 00:08 +0100, Michael Biebl wrote:
> Could you please downgrade libglib2.0 (and related packages) to
> 2.30.2-4, ie. the version from testing and see if the
> gnome-settings-daemon crashes go away?
Will try that if all else fails or things get too annoying.
> What would also
Package: gnome-settings-daemon
Version: 3.2.2-2
Severity: critical
Justification: breaks unrelated software
Occasionally gnome-settings-daemon crashes and the friendly by oh so
useless "Oh no! Something has gone wrong." message in Gnome pops up and
all the things I'm working on are unavailable.
C
Subject: exiftran: dies with Segmentation fault when rotating an image
Package: exiftran
Version: 2.07-8
Justification: renders package unusable
Severity: grave
exiftran dies when it tries to rotate a JPEG file:
$ ./exiftran -a -i -p ../20110711163247.jpg
processing ../20110711163247.jpg
Segmenta
On Tue, 2011-09-27 at 22:22 +0200, Moritz Mühlenhoff wrote:
> Feel free to NMU, either with Steve's patch or by updating to
> 2.08. Otherwise I'll upload a fix in a few weeks myself.
I've uploaded 2.07-8.1. I've introduced a patch that just uses the
jpeg/08 files from 2.08.
I've had a quick look
Control: tags -1 + security
It has been determined that this bug has security implications and
CVE-2013-0288 has been assigned to this issue. For more details see the
upstream advisory:
http://arthurdejong.org/nss-pam-ldapd/CVE-2013-0288
A Debian security advisory for this issue will be issued s
On Tue, 2013-02-19 at 21:29 +, Mark Cunningham wrote:
> Originally:
> nslcd: 0.7.15+squeeze2
> file: nslcd.orig
>
> After installing
> nslcd: 0.7.15+squeeze3
> file nslcd.conf
>
> diff nslcd.*
> 16c16
> < base ou=groups,dc=example,dc=com
> ---
> > base ou=users,ou=users,dc=example,dc=com
Tha
Control: fixed -1 0.8.5
Control: tags -1 + patch
On Thu, 2013-02-21 at 01:09 +, Mark Cunningham wrote:
> Before install, i get the defaults i configured when installed the
> package. I set these to non used variables and created the nslcd.conf
> myself.
I've been able to find the problem: the
Control: severity -1 important
Control: tags -1 + unreproducible
On Fri, 2013-03-01 at 16:02 -0800, Russ Allbery wrote:
> Should this bug be downgraded until it can be confirmed as
> reproducible? I also looked through the postinst script and, while
> it's complex, I didn't see any obvious way in
On Fri, 2013-04-26 at 02:10 +0200, Andreas Beckmann wrote:
> libnss-ldap has been converted to Multi-Arch: same, but manages the
> configuration file /etc/libnss-ldap.conf that is now shared between all
> installed architectures of the libnss-ldap package.
>
> The problem arises during purge: the
On Sun, 2013-08-04 at 15:19 +0200, Enrico Zini wrote:
> the package declares Standards-Version: 3.9.2 but the changelog is
> encoded in latin1.
I've had a look at the changelog but the version currently in the
python-modules Subversion repository is UTF-8 encoded.
The fix was in r23712 while the
On Thu, 2013-05-23 at 13:13 +0200, Arno Töll wrote:
> we are ready to upload Apache2 2.4 to Debian Sid now. This means the
> transition is effectively starting now, and going to break your modules.
I have been working on getting mod_python into shape (somewhat). I have
cleaned up the packaging (sw
Control fixed -1 libapache2-mod-python/3.3.1-10
Control tags -1 + fixed-in-experimental
On Fri, 2013-05-31 at 21:53 +0200, David Suárez wrote:
> During a rebuild of all packages in sid, your package failed to build on
> amd64.
This has been fixed in the version currently in experimental.
The fix
On Thu, 2013-10-24 at 10:25 -0400, Klee Dienes wrote:
> The issue is that libnss-ldap is ending up with a dependency on
> __libc_lock_lock, which was removed from glibc.
Thanks for the pointer to the patch. I thought I tested the release
before uploading but apparently I was mistaken. Sorry about
On Thu, 2013-10-31 at 22:16 +0100, Petter Reinholdtsen wrote:
> Any plan for fixing this bug? This RC bug caused libpam-ldap to be
> removed from testing/jessie today.
>
> Perhaps it is better to migrate users of libpam-ldap to one of the
> alternative packages (libpam-ldapd or libpam-sssd) and d
On Wed, 2013-10-02 at 00:18 +0200, Petter Reinholdtsen wrote:
> [Arthur de Jong]
> > I've been looking into how to fix this problem. I couldn't find a
> > common solution to this problem.
>
> What about moving the configuration to a arch: all package and depend
>
tags 670133 + pending
thanks
On Mon, 2012-04-23 at 12:14 +0200, Luca Capello wrote:
> Basically, with today's upgrade, my /etc/nslcd.conf was automatically
> changed and the LDAP setup completely broke.
Thank you for the detailed bug report and analysis. It helped me greatly
in pinpointing the bu
On Thu, 2016-02-11 at 14:13 +0300, Nikolay Shaplov wrote:
> This bug was not fixed for debian jessie, as I can see...
> And I think it should be fixed in all supported distributives, as it
> can cause problems.
Thanks for reminding me. I uploaded a new version for jessie yesterday.
--
-- arthur
Control: tags -1 + pending
On Wed, 2015-08-05 at 20:02 +0300, Nikolay Shaplov wrote:
> Package: nslcd
> Version: 0.9.4-3
> Severity: serious
> Justification: fails to build from source
Justification is not right but the init script return code is not
according to policy so I'll leave it at seriou
Control: tags -1 + pending
On Wed, 2014-01-01 at 20:22 +0400, Dmitry Shachnev wrote:
> Your package fails to build from source on machines which
> do not have internet connection.
Thanks. I think the wrong thing ended up in setup.py. Will do a new
upload shortly.
Thanks,
--
-- arthur - adej...
On Wed, 2013-05-01 at 23:05 +0100, Steven Chamberlain wrote:
> I noticed (by chance) there is a problem with the squeeze-security
> patch for #690319; it introduces a regression on kfreebsd and has not
> built. I'm not sure where to find build logs of this, or if they are
> public, but I think it
tly (closes: #700971)
+
+ -- Arthur de Jong Sat, 11 May 2013 20:00:00 +0200
+
nss-pam-ldapd (0.7.15+squeeze3) stable-security; urgency=high
* SECURITY FIX: Garth Mollett discovered that a file descriptor overflow
diff -Nru nss-pam-ldapd-0.7.15+squeeze3/common/tio.c nss-pam-ldapd-0.7.15+squeeze4/common/tio
77 matches
Mail list logo
