This was fixed in 3.0-22
** Changed in: xfonts-jmk (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1400095
Title:
Homepage is a dead link
To manage notifi
Very belatedly, this was fixed in 3.0.4-1.
** Changed in: libnet-ldapapi-perl (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/670207
Title:
SASL mechanism
debug to the end of the pam_krb5.so options will produce more
verbose logging. If you don't see any additional logging at DEBUG level
in syslog, that means that the module isn't running at all.
--
Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>
--
Yo
Thomas Schweikle <1852...@bugs.launchpad.net> writes:
> pam_krb5.so is supposed to set and export KRB5CCNAME as stated in the
> man pages, but does not.
This seems like the same problem as your other bug: pam_krb5.so doesn't
seem to actually be running.
--
Russ Allbery
e to create the keyring store as root, then change
> the UID of the owner, which handles the keyring store over to the user
> in question.
That would be great -- I have no idea how to do that, though. Do you have
any pointers?
--
Russ Allbery (r...@debian.org) <https://www
r other security
goals in using persistent keyrings.
It should be possible to use session keyrings instead, although you'll
need a pam_keyinit with https://github.com/linux-pam/linux-pam/issues/149
fixed first.
--
Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>
Debian has released the fix for both stable and oldstable. As I said
above, I personally don't use Ubuntu, don't maintain the Ubuntu package,
and don't have upload rights to Ubuntu, so I'm afraid I can't help with
fixing the bug in Ubuntu. Presumably you need to find someone who works
on Ubuntu t
sftp is natively supported by sshd (with ForceCommand internal-sftp and
ChrootDirectory), so that avoids the problem that rssh has where ssh
keeps adding new features that add new security vulnerabilities in the
rssh model. That's probably the best solution if you're currently using
scp.
--
You r
Thanks for the report! While I don't use or maintain the Ubuntu version
of rssh, it looks like Ubuntu is importing the Debian security fixes,
and this is indeed a regression in Debian as well. I'm working on a fix
now, and checking with the Debian security team to confirm that it's
worth a regressi
olving this. The public KDC
certificate is, well, public, so maybe don't put it in /var/lib/krb5kdc,
which is not? (I always put mine in /etc/krb5kdc.)
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification becau
ackages have
beem removed from Debian testing for the same reason.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1
Yes, if KRB5CCNAME were set in the environment of the screen saver, it
would fix this problem.
To be clear, this isn't a bug in libpam-krb5, but in the means by which
the screen saver is launched without the user's environment set properly
(which should be created via the pam_setcred and pam_open_
would be another relatively clean solution.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/369575
Title:
Why is
t propagation into Ubuntu, but I think Ubuntu might pull
from Debian unstable during our release freezes.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscrib
pstream release rather than trying to cherry-pick specific
patches.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/16
In order to take the path of moving this setting to a krb5.conf snippet
that's included by the default krb5.conf, at the very least it needs to
work with both Heimdal and MIT. I don't think Heimdal supports
including krb5.conf snippets, which means we can't use the include
functionality in kerbero
ssible that the upstream author has lost interest, gone off-line, or
otherwise isn't planning on doing further development. (The Debian and
Ubuntu versions are already pretty forked from the original.)
I suppose I'll just drop the homepage link from the next version of the
package.
Note that all that pam-krb5 specifically cares about is KRB5CCNAME, so
an alternative approach that may require less refactoring and would work
for that PAM module would be to preserve the PAM environment from
pam_getenvlist and set those variables in the environment before
invoking PAM for unlock.
Karl-Philipp Richter writes:
> According to http://web.mit.edu/kerberos/mail-lists.html it is requested
> to send bug reports to the krb5-bugs mailing list with the `krb5-send-
> pr` program. It should be added to one of the krb5-* ubuntu packages as
> not all bugs make sense to be reported to la
While I probably could have handled the transition and notification
better, this was an intentional upstream change. See the Debian
changelog entry for 2.5.1+dfsg-1:
- The example style sheet for error templates has been moved to a
version-independent location in /usr/share/shibboleth.
kopenafs is an
exception; I wrote it from the start to have a very stable API and ABI.
But that's not the functionality you're looking for, I suspect.)
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you
ly done.
(It's possible that it already does this but there's a setuid program in
the loop, in which case the environment variables are ignored. That would
require a more complex fix. Let me know if that's the case.)
--
Russ Allbery (r...@debian.org) <http://www.eyr
be set for it to find the
user's ticket cache, but hopefully it will just work.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.l
the file after calling pam_setcred).
Oh! I'm sorry. I looked at the head commit to the branch, and didn't
realize that it diverged more than that.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you
then look in syslog after unlocking the
screen. That should provide much more detail about exactly what the
Kerberos PAM module is trying to do.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubun
Robert Ancell writes:
> Could you please try lp:~robert-ancell/lightdm/setcred-on-unlock and see
> if this fixes it?
It will surprise me if this change fixes the issue. pam-krb5 treats
PAM_REFRESH_CRED and PAM_REINITIALIZE_CRED identically.
--
Russ Allbery (r...@debi
of them had been fixed.
You can confirm that it's a problem with this program rather than with
your system configuration by running xscreensaver, locking the screen,
unlocking with your Kerberos password, and seeing if that properly
refreshes your credentials. I know that xscreensaver does PAM
n, not in Ubuntu, and folks in Ubuntu
can obviously do whatever they want, but I don't want to build the Debian
packages with Xalan support until Xalan looks to be in better shape. My
understanding is that XML-Security-C upstream does not test with Xalan and
does not recommend building with i
> Build issue fixed upstream
You probably want 1.6.6~pre2-1 (just uploaded) instead.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bu
Marking invalid since, as noted, no recompilation should be required
after the affected library package was upgraded.
** Changed in: shibboleth-sp2 (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to U
*** This bug is a duplicate of bug 884402 ***
https://bugs.launchpad.net/bugs/884402
** This bug has been marked a duplicate of bug 884402
package libapache2-mod-shib2 2.4.3+dfsg-1ubuntu1 failed to install/upgrade:
ErrorMessage: subprocess installed post-installation script returned error
*** This bug is a duplicate of bug 884402 ***
https://bugs.launchpad.net/bugs/884402
** This bug has been marked a duplicate of bug 884402
package libapache2-mod-shib2 2.4.3+dfsg-1ubuntu1 failed to install/upgrade:
ErrorMessage: subprocess installed post-installation script returned error
course, since I don't use Ubuntu, and
y'all should certainly feel free to decide on the strategy that works for
your community, but it might be an interesting data point that this was
one of my arguments against supporting Ubuntu internally in my group when
we had that discussion
ew defines, at which point you're doing all the work that
you had to do in order to cherry-pick the required changes anyway, but
doing it in a fairly unstable way.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because y
For the current development release of Ubuntu, you want to sync 1.6.2-1
from Debian experimental.
For quantal, precise, and oneiric, you want 1.6.1-3 as uploaded to
Debian unstable. I'm not sure if there are any Ubuntu-specific changes
that need to be preserved in the patch you're carrying.
For
Reassigning to krb5, as:
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-
krb5:auth): (user hildeb) credential verification failed: KDC has no
support for encryption type
is an error message from the underlying Kerberos library that libpam-
krb5 can't do anything about. libpam-krb5
This should be harmless, just noisy, but will be fixed in the next
release. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1098294
Title:
Use of uninitialized value $admin in string eq at ..
As mentioned in the reply to the original report, while I'll fix the
segfault in the next release, all that's going to do is cause pam-krb5
to always fail instead of segfault. If you're having the same problem,
it's because your local Kerberos configuration is invalid. You need to
figure out what
Oh, wow, great job with the test case. It wouldn't have occurred to me
to just do that. (And yes, you have to use the Git version because I've
been adding a ton of new tests compared to the latest full release.)
--
You received this bug notification because you are a member of Ubuntu
Bugs, whic
krb5_init_context is failing. Does running kinit from the command-line
work, or does it fail as well?
(pam-krb5 should not segfault when krb5_init_context fails, but it's
just a NULL pointer dereference on a local configuration or library
error, so it's not a particularly major bug. However, I w
I have a test case, but I'm not sure you'll particularly enjoy it, since
it isn't in a neatly isolated form. But if you:
git clone git://git.eyrie.org/kerberos/pam-krb5.git
cd pam-krb5
./autogen
./configure
and then add the username and password of an account in a test Kerberos
r
Steve Langasek writes:
> Setting this back to 'triaged', which is the more-better bug state in
> LP.
Thanks. I tried to do that but it didn't let me (probably not enough
access bits).
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
** Summary changed:
- Can't change kerberos password, pam-krb5 try_first_pass also fails
+ Can't change kerberos password
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/715765
Title:
Can't change ke
** Bug watch added: Debian Bug tracker #670457
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670457
** Also affects: krb5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670457
Importance: Unknown
Status: Unknown
--
You received this bug notification because you
Public bug reported:
MIT Kerberos 1.10 (including pre-releases and betas) exposed a bug in
the tracking of preauth mechanisms such that, if an authentication fails
after preauth was requested, all subsequent preauth-required
authentications in the same Kerberos context will also fail.
This breaks
Actually, now that I look more at this, this may be an unrelated
problem. The problem I encountered was reported upstream as a password
change problem, but this may be a slightly different issue. I'll open
another bug about the failed second authentication problem.
--
You received this bug noti
This bug was introduced in MIT Kerberos 1.10. After a failing
authentication with preauth required in a particular Kerberos context,
all subsequent authentications in that context that require preauth will
fail. Upstream has fixed this with commit 25822.
This is a fairly serious issue, blocking
At the least, not a bug in libpam-krb5, since it can't help the
permissions. There's still a mystery about what set the permissions to
0600, but I'm not sure where else to reassign the bug, so closing here.
** Changed in: libpam-krb5 (Ubuntu)
Status: Incomplete => Invalid
--
You received
Ah, in fact, I see comment #20 mentioned above is from Steve.
Steve, when would you ever want to have an account type of Primary given
those semantics? Shouldn't Primary just be treated the same as
Additional for the account stack?
--
You received this bug notification because you are a member
This analysis looks right to me, and I think may run deeper than just
this one module. If every account module should be additional and not
primary, I think that points to an error in the data model or
interpretation of the data model, rather than in individual PAM
configurations. And viewing the
> Kerberos code
> [realms]
> MYGROUP.COM = {
> kdc = kerberos.mygroup.com.:88
I'm not sure if this is your problem, but the trailing period here looks
suspicious. Try removing the period just before the colon.
--
Russ Allbery (r...@debian.org) <http://www.eyri
Steve is completely right. I just misunderstood how to do this. Will
fix in shibboleth-sp2; sorry about my failure to understand what was
going on previously.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net
Oh! It never even occurred to me that update-rc.d would change its
*option parser* based on whether you have dependency-based boot enabled.
Aie. I can confirm this behavior in Debian if I disable dependency-
based boot.
Okay, this is a bug in sysv-rc, then, which I suspect no one has noticed
on
This patch is actually wrong in Debian, so I'm not willing to take it
upstream in the Debian package. The shibd init script should have no
stop links, since it can just be killed.
This is really a bug in the upstart update-rc.d; it needs to be able to
support the new syntax for compatibility with
The version of rssh in Ubuntu is from Debian and is already patched for
Subversion support, which means that this patch doesn't apply directly
to the current package. (Subversion has already stolen the next
number.)
The patch would need to update conf_convert.sh as well and modify the
postinst sc
As of libpam-krb5 4.5, the temporary ticket cache will be written to
ccache_dir rather than /tmp if ccache_dir is set. This version is in
Debian (and has been for a little bit), but it looks like it's not yet
been imported into Ubuntu.
** Changed in: libpam-krb5 (Ubuntu)
Status: New => Fix
Permission denied from krb5_init_context probably means that
/etc/krb5.conf is not readable by the process. Could you check that?
Could you also check whether running kinit as the same user that gnome-
screensaver is running as works properly?
** Changed in: libpam-krb5 (Ubuntu)
Status: Ne
This was a problem with the Java package you were installing, not gnubg.
It was prompting you to accept the license, possibly somewhere where you
didn't see it.
** Changed in: gnubg (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bu
All recent versions of gnubg are built with current Python. It seems
unlikely at this point that anyone will go back and rebuild the packages
in old versions of the distribution.
** Changed in: gnubg (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because
Closing this as not reproducible.
** Changed in: gnubg (Ubuntu)
Status: New => Incomplete
** Changed in: gnubg (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
tc/hosts would
be sufficient without changing /etc/hostname. Could that be the
difference?
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
http
er is the unqualified "kerberos", so kprop
attempts to get initial tickets for host/kerbe...@example.net, which
fails.
Changing the system hostname of the master to kerberos.example.net will
probably fix this problem.
kprop should really gain an additional command-line option to specify
n't the greatest format for a full-blown reference manual; they don't
have very much useful structure.)
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
src/lib/crypto/krb/etypes.c
They're listed in the krb5-admin info pages included in krb5-doc under
Configuration Files.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
*** This bug is a duplicate of bug 884402 ***
https://bugs.launchpad.net/bugs/884402
** This bug has been marked a duplicate of bug 884402
package libapache2-mod-shib2 2.4.3+dfsg-1ubuntu1 failed to install/upgrade:
ErrorMessage: subprocess installed post-installation script returned error
Ubuntu-specific error caused by Ubuntu's update-rc.d not supporting the
same syntax as Debian.
Setting up libapache2-mod-shib2 (2.4.3+dfsg-1ubuntu1) ...
Installing new version of config file /etc/shibboleth/native.logger ...
Installing new version of config file /etc/shibboleth/shibd.logger ...
In
know the details of how this would work with
Ubuntu.
You could try the PPA at:
https://launchpad.net/~openafs/+archive/master
which has builds of the openafs 1.6.0 packages for various older versions
of Ubuntu including lucid. That may avoid the need to update your libc6.
--
Russ
ched version of 1.4.14+dfsg-1 or later for
Linux 2.6.38. 1.4.12 (or even an unpatched 1.4.14) won't build with that
kernel.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, whi
s the way Steve implemented this originally, and I remember that he
had some rationale for it, but I don't remember what it is. :/ I'll ask
him separately. It may be that they should change.
Thanks, that gets me pointed in the right direction.
--
Russ Allbery (r...@debian.org)
I think we need more information, such as a debug trace of what libpam-
krb5 is doing when the slowness is observed, to figure out what could be
causing this. Another useful data point would be whether kinit is slow
when libpam-krb5 is slow.
** Changed in: libpam-krb5 (Ubuntu)
Status: New
mon cases.
What's clear from your trace, though, is that this is not a libpam-krb5
problem. Everything about libpam-krb5 in your trace succeeded; some other
module is failing.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug
deal with this error?
You have some other PAM module stacked with pam-krb5 that's rejecting
password changes for that user. Probably pam_unix without /etc/shadow
data.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notif
No update or recompile of the shibboleth-sp2 package is required for
either the xml-security-c or the opensaml2 security advisories so far as
I know. Only upgrading the libraries to patched versions and then
restarting shibd and Apache is required, I think. The changes didn't
affect the external
variable which is set by DKMS, but I'm fairly sure DKMS does something
similar.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.la
dh_auto_configure
to pass the appropriate flags into configure.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/800329
Closing as requested -- oh, good, I didn't miss something when I
couldn't figure out what was going on.
** Changed in: rssh (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.
.0pre5-2 should be fairly solid (I'm using it myself), but there are
some additional fixes in the 1.6.0pre6 release that upstream is currently
working on.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because yo
I'll be backporting OpenAFS 1.6 once there's a final
release, though.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
om
Debian, or will need to package the new 1.4 upstream release from upstream
that was never in Debian, I believe.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscrib
The bug is trivially reproducible given the instructions given by the
reporter. I don't see any need for them to run apport-collect to gather
more data.
** Changed in: krb5 (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
B
get to use root's additional
margin of free space, if you didn't disable that when you built the
filesystem. But sure, I see what you're saying.
> It would be nice if we could control where the tempfile was written in
> /etc/krb5.conf like many of the other pam options.
Y
** Changed in: libpam-afs-session (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/652479
Title:
pam-afs-session cannot be managed by pam-auth-upda
tream by
> http://git.openafs.org/?p=openafs.git;a=commitdiff;h=c4537f0442ac7ecbf8c946de45004992e17d535f
Is this different from a27015099a1dc1e41001e4a4946848f958c6a09b, which is
already in the 1.4 packages?
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
-
end]" instead of "requisite" (as is the case in the
> auth stack) would address this issue.
I think I remember this issue now. The default=ignore is supposed to
cause pam_unix to be skipped when it fails, but it doesn't work properly
in the password stack for some reason?
klib thing?
I don't recall off the top of my head. I think it's always been that way
from the original version contributed by Steve Langasek. Note that by
removing minimum_uid but leaving the requisite, you've broken any password
changes for the local root account, but that&#
in even
> though they're not in /etc/passwd, so why is that an issue when changing
> password?
Well, what do your common-auth and common-password PAM configurations say?
Does one of them make pam_unix optional and the other one make it
required?
--
Russ Allbery (r...@debian.org)
it's
allowed to fail) if you don't want to change local UNIX user passwords
(since that is, after all, what pam_unix does).
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this bug notification because you are a member of Ubuntu
Bug
g is nearly the
first thing that it does on every entry point, after allocating some
memory, and everything that happens prior to that will also log if it
fails.
Note that if you attempt to change a password for an account that doesn't
exist in /etc/shadow, pam_unix will fail, wh
For anyone still watching this, the Debian Policy is still ongoing, so a
fix for this is still pending a conclusion that would allow me to ship
an upstart job in Debian.
** Changed in: openafs (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member
For those triaging or looking at this bug, just wanted to note that I
believe this is fallout from Ubuntu's handling of debug symbols, which
has diverged from Debian. I don't believe this is an issue in the
packages from the Debian perspective. I am happy to modify the package
so that it will wor
configure succeeded, so I'm afraid we'll need to see the make output to
know what's going on here. There's a bug in older versions of the
openafs dkms package that causes the make.log output to not be captured
properly. Reproducing with version 1.4.12.1+dfsg-3 or later should
result in more detai
Not a bug in openafs but rather a bug in the build system for these
kernels, so marking the openafs bug as invalid accordingly (since it was
already reported separately as a bug against the broken package).
** Changed in: openafs (Ubuntu)
Status: New => Invalid
--
You received this bug no
The log indicates that the postinst script failed, but there are no
error messages and no indication why. We'll need some more information
about what's failing in order to figure out what's going on.
** Changed in: openafs (Ubuntu)
Status: New => Incomplete
--
You received this bug notif
an your current pam_krb5 password.
If that's not it, could you send the syslog results of setting the debug
option for pam_krb5 while you're attempting to change your password?
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received this
econd thought. Use of "one" in that style as a generic
pronoun is common usage in American English.
In other words, the correction gets the description at least into the
realm of the average description. Good review and rewriting by a native
speaker can of course improve it further, but th
til after it's backgrounded,
you lose nothing by adding some pauses and repeated attempts to contact
the LDAP server.
Ideally, they should both be robust against the other not being up yet.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
You received
** Changed in: libpam-afs-session (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/652479
Title:
pam-afs-session cannot be managed by pam-auth-update
--
u
** Changed in: libpam-afs-session (Ubuntu)
Status: New => Invalid
--
libpam-afs-session gives user membership in nonexistant group
https://bugs.launchpad.net/bugs/670789
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-b
.
But this isn't a bug in pam-afs-session; indeed, for the current version
of AFS, it would be a bug if it *didn't* add that group.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
libpam-afs-session gives user membership in nonexistant group
ht
frastructure
on single machines, in which case you may have an LDAP replica and a KDC
on the same host. The LDAP replica then needs to do a GSSAPI
authentication to the master for replication, which requires access to the
KDC.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/
1 - 100 of 290 matches
Mail list logo
