Package: cpu Version: 1.4.3-12 Severity: important Dear Maintainer,
Bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=397882 introduced a new configuration option "cn_value" for useradd / usermod / userdel. This enhancement is provided in the 10_support-inetOrgPerson-Schema.patch in Debian. Unfortunately, the short option name used for this option is "C" which is already used to specify a non-default configuration file. As a result, if using a non-default configuration file specified on command line, the CN will be erroneously set to the name of the configuration file. This of course leads to bogus entries being created in LDAP and the inability to create, modify, or delete proper users. As an example, the following command: cpu -C /etc/cpu/cpu-computers.conf useradd -o -d /nonexistent -g computers -s /bin/false pc1$ will result in adding a new user in LDAP whose CN is "/etc/cpu/cpu-computers.conf" instead of "pc1$". The same would be true for usermod and userdel operations. The fix is in fact trivial - a different short option name must be used in the source code. These are the letters that are still available: i, I, j, J, K, O, q, Q, T, W, Y (case sensitive) The change would involve src/plugins/ldap/commandline.c. Many thanks! Best regards, Peter -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.6.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages cpu depends on: ii debconf [debconf-2.0] 1.5.59 ii libc6 2.24-8 ii libcrack2 2.9.2-3 ii libldap-2.4-2 2.4.44+dfsg-2 ii ucf 3.0036 cpu recommends no packages. cpu suggests no packages. -- debconf information excluded
