On Mon, 2012-10-01 at 11:35 +0200, Manuel Sabban wrote: > The last nslcd upgrades breaks our /etc/nslcd.conf without asking. The binddn > for group resolution is broken, it can be a problem on file server, and has to > be fixed by hand. It is specifically the "base group" option that is affected. > It might be related to #671464 and to #670133.
It sounds a bit similar to launchpad bug #1029062 [1] but it is a new bug nonetheless. The problem was triggered by the two base statements directly after each other. A simple workaround to avoid triggering this bug is to put an empty line before the "base group" option. > Here's some more information. Thank you very much for the detailed information provided. It made it very simple to track this down. The bug is fixes in SVN for unstable [2]. I'm not sure this will get fixed for squeeze any time soon because we just had a point release. Thanks. Btw, I noticed you don't have a bare base option in your config. Currently the lookup for pam_authz_search uses the bare search base. [1] https://bugs.launchpad.net/bugs/1029062 [2] http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1777&view=revision -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
