touch-packages team mailing list archive

Thread
Date

[Bug 1393306] Re: slapd: nssov does not work with lib{nss, pam}-ldapd 0.9.x

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1393306@xxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Aug 2015 16:17:38 -0000
Reply-to: Bug 1393306 <1393306@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package openldap - 2.4.41+dfsg-1ubuntu1

---------------
openldap (2.4.41+dfsg-1ubuntu1) wily; urgency=medium

  * Merge from Debian testing (LP: #1471831). Remaining changes:
    - Enable AppArmor support:
      - d/apparmor-profile: add AppArmor profile
      - d/rules: use dh_apparmor
      - d/control: Build-Depends on dh-apparmor
      - d/slapd.README.Debian: add note about AppArmor
    - Enable GSSAPI support:
      - d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
        - Add --with-gssapi support
        - Make guess_service_principal() more robust when determining
          principal
      - d/configure.options: Configure with --with-gssapi
      - d/control: Added heimdal-dev as a build depend
    - Enable ufw support:
      - d/control: suggest ufw.
      - d/rules: install ufw profile.
      - d/slapd.ufw.profile: add ufw profile.
    - Enable nss overlay:
      - d/{patches/nssov-build,rules}: Apply, build and package the
        nss overlay.
    - d/{rules,slapd.py}: Add apport hook.
    - d/slapd.init.ldif: don't set olcRootDN since it's not defined in
      either the default DIT nor via an Authn mapping.
    - d/slapd.scripts-common:
      - add slapcat_opts to local variables.
      - Remove unused variable new_conf.
      - Fix backup directory naming for multiple reconfiguration.
    - d/{slapd.default,slapd.README.Debian}: use the new configuration style.
    - d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
      in the openldap library, as required by Likewise-Open
    - Show distribution in version:
      - d/control: added lsb-release
      - d/patches/fix-ldap-distribution.patch: show distribution in version
  * Dropped changes:
    - Fix cpp calls for GCC 5: fixed upstream (ITS#8056)
  * Upstream fixes:
    - slapd crash with auditlog overlay and large (~27KB) attribute values
      (ITS#8003) (LP: #1461276)
    - nssov updated to support recent nss-pam-ldapd client libraries
      (ITS#8097) (LP: #1393306)
  * Update d/patches/nssov-build for upstream changes.
  * Tweak d/patches/gssapi.diff to apply without fuzz.
  * d/libldap-2.4-2.symbols: Add symbols not present in Debian.
    - CLDAP (UDP) was added in 2.4.17-1ubuntu2
    - GSSAPI support was enabled in 2.4.18-0ubuntu2

 -- Ryan Tandy <ryan@xxxxxxxxx>  Fri, 24 Jul 2015 14:12:06 -0700

** Changed in: openldap (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1393306

Title:
  slapd: nssov does not work with lib{nss,pam}-ldapd 0.9.x

Status in openldap package in Ubuntu:
  Fix Released

Bug description:
  nss-pam-ldapd 0.9 introduced incompatible changes to the nslcd
  protocol, with an accompanying version bump: http://arthurdejong.org
  /nss-pam-ldapd/release-0-9-0

  nssov still speaks the old protocol, so can't be used for clients
  running utopic or vivid. slapd says:

  54698bdd connection_get(14): got connid=0
  54698bdd nssov: connection from uid=0 gid=0
  54698bdd nssov: wrong nslcd version id (33554432)

  I started on a patch (nss mostly done, pam not done) and ran out of
  time. When I have time to finish it I'll post it upstream for review.
  If someone else wants to carry on with it I'm happy to provide my WIP.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1393306/+subscriptions

References

[Bug 1393306] [NEW] slapd: nssov does not work with lib{nss, pam}-ldapd 0.9.x
From: Ryan Tandy, 2014-11-17