[Pkg-openldap-devel] Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users

Arthur de Jong adejong at debian.org
Mon Dec 27 16:39:25 UTC 2010 

On Mon, 2010-12-27 at 16:36 +0100, Julien Cristau wrote:
> > Also, do you think it is a good idea to highlight the switch to
> > nss-pam-ldapd a bit more in the "What's new" section? I think it should
> > also be a good idea to switch for people not affected by this specific
> > problem. I can provide a patch if needed.
>  
> Sounds like a good plan to me.

I will prepare a patch (or would you prefer something in the
NewInSqueeze wiki page?).

Do you want me to commit this part (new version attached)?

> >  <title>Potential problems</title>
> > -<para> 
> > +<para>
> >  Sometimes, changes introduced in a new release have side-effects
>
> Unrelated, please drop this hunk.

Oops, editor automatically removing trailing spaces.

> I think schroot may be affected as well (#589884).

Rephrased a bit and added schroot.

> > +    Note that <systemitem role="package">libnss-ldapd</systemitem> recommends
> > +    the NSS caching daemon (<command>nscd</command>) which you should evaluate
> > +    for suitability in your environment before installing.
> 
> Maybe mention unscd here, it's supposedly less crashy than nscd.

I didn't think unscd would make it into squeeze but it's great that it
will. I've added a line about unscd. I'm using unscd on my box without
issues but then again, I never really ran into major issues with nscd.

-- 
-- arthur - adejong at debian.org - http://people.debian.org/~adejong --
-------------- next part --------------
A non-text attachment was scrubbed...
Name: release-notes-ldap-support.patch
Type: text/x-patch
Size: 2853 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20101227/76d97c04/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20101227/76d97c04/attachment-0001.pgp>

More information about the Pkg-openldap-devel mailing list