Bug#717235: proftpd requests the whole passwd database at each login
Hilmar Preuße
hille42 at web.de
Tue Sep 20 12:37:48 UTC 2016
Am 19.09.2016 um 18:09 schrieb Marco d'Itri:
> On Sep 16, Hilmar Preusse <hille42 at web.de> wrote:
Hi Mrco
>> /* Per Debian bug report:
>> * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717235
>> * we might want to do another set{pw,gr}ent(), to play better with
>> * some NSS modules.
>> */
>> pr_auth_setpwent(p);
>> pr_auth_setgrent(p);
>> }
>>
>> I guess I can simply replace the ensure_open_passwd() function in
>> 1.3.5 by than one, right? Please confirm, patch will be in next
>> upload then.
>
> Arthur suggested a different fix: I am not sure about what effect
> a setpwent() call would have on nslcd and if it would fix the issue of
> the client process requesting the whole database.
>
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717235#39
<quote>
An alternative is to do setpwent()/getpwent()/setpwent() which should
abort the started search without wasting too much time trying to search
LDAP entries in our environment.
</quote>
...and this is exactly what has been implemented in upstream. ;-)
Hilmar
--
http://www.hilmar-preusse.de.vu/ #206401 http://counter.li.org
More information about the Pkg-proftpd-maintainers
mailing list