tags 670133 + pending thanks On Mon, 2012-04-23 at 12:14 +0200, Luca Capello wrote: > Basically, with today's upgrade, my /etc/nslcd.conf was automatically > changed and the LDAP setup completely broke.
Thank you for the detailed bug report and analysis. It helped me greatly in pinpointing the bug. > Strangely enough, this should have already been fixed by #610117. Some > debugging and the problem in my case was clear: I did not used > debconf/dpkg-reconfigure to configure nslcd (which is perfectly fine, no > configuration method is mandatory in Debian), thus given that debconf's > nslcd/ldap-auth-type was empty /var/lib/dpkg/info/nslcd.postinst:212 > thinks that there is no authentication at all. After some digging it turned out that the change for #610117 which was introduced in 0.8.2 was actually the cause of the problem. If the authtype was set in debconf (by default "none" which is probably why you saw the problem) the configuration is overwritten. I've changed the functionality to always determine the authtype based on the configuration file if it is present and only use the debconf guessing from #610117 if installing for the first time. > The problem is present on the debconf's side as well, reproducible > with: I found a nice way to trigger the underlying bug is to use debconf to configure no authentication, then change the config by hand with the binddn and bindpw options and then reinstall or upgrade. > It seems the /etc/nslcd.conf handling is in some way broken :-( Although debconf is very nice, it is very difficult to provide configuration options that can both be preseeded and retain the system administrator's modifications that have been made outside of debconf. Thanks, -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
