Bug#698649: Bug#792120: ldap2zone: ldap2bind does not work with ldapi:/// URI

Dominik George nik at naturalnet.de
Fri Jul 17 06:55:21 UTC 2015


On 12.07.2015 09:28, Petter Reinholdtsen wrote:
> Btw, do you have time to test the patch in #698649?  We are unsure what
> to do about it.

I have looked into that bug report and the patch, but am a bit confused
as to what it has to do with the current ldap2bind in Debian.

As I understand it, the linked code on GitHub implements an sdb LDAP
backend for bind, while the ldap2bind/ldap2zone pair of tools creates
BIND configuration and zone files outside of BIND.

The approaches are entirely different, however, there seems to be shared
code between the two, the reason for which I do not yet understand (does
that bind9-ldap thing do some sort of just-in-time dump from LDAP to
zone files, or something?

The author of the patch did not see this difference, as it appears, or
the patch is incomplete. The patch updates ldap2zone, the C program that
gets a single zone from LDAP and dumps it to a BIND9 zone file. However,
in the accompanying bug mail, the author talks about passing a password
to the ldapsearch command - which obviously is not in the ldap2zone
program, but would rather be found in the ldap2bind wrapper script. This
script, however, is not patched and so the patch has nothing to do with
the described intention.

In any case, I do not think the two should be mixed. bind9-ldap could
certainly go into Debian, but not as a patch or replacement for ldap2zone.

I am currently doing a full rewrite of ldap2bind and ldap2zone, which
will work as a drop-in replacement, and cover the things the author desired.


PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17  FD26 B79A 3C16 A0C4 F296

Teckids e.V. · FrOSCon e.V. · OpenRheinRuhr e.V.
Fellowship of the FSFE · Piratenpartei Deutschland
Debian Contributor

LPIC-3 Linux Enterprise Professional (Security)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 888 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/debian-edu-pkg-team/attachments/20150717/055b9442/attachment.sig>

More information about the Debian-edu-pkg-team mailing list