lp:ubuntu/maverick/nss-pam-ldapd
- Get this branch:
- bzr branch lp:ubuntu/maverick/nss-pam-ldapd
Branch information
Recent revisions
- 7. By Arthur de Jong on 2010-05-27
-
* include libpam-heimdal in libnss-ldapd recommends list of PAM
implementations (closes: #582407)
* fix a problem with empty attributes if expression-based attribute
mapping is used (patch by Nalin Dahyabhai)
* make debug logging for pam_authz_search option a little more informative
* documentation improvements
* update pam-auth-update configuration to always perform LDAP autorisation
for LDAP users - 6. By Arthur de Jong on 2010-05-13
-
* fix a problem in the session handling of the PAM module if the minimum_uid
option was used (Debian package default)
* refactor the PAM module code to be simpler and better maintainable
* perform logging from PAM module to syslog and support the debug option to
log more information
* Switch to "3.0 (native)" format. - 5. By Arthur de Jong on 2010-05-08
-
* fix a buffer overflow that should have no security consequences
* perform proper fail-over when authenticating in the PAM module
(closes: #577593)
* add an nss_initgroups_ignoreusers option to ignore user name to group
lookups for the specified users
* add an pam_authz_search option to perform a flexible authorisation check
on login (e.g. to restrict which users can login to which hosts, etc)
* implement a minimum_uid option for the PAM module to ignore users that
have a lower numeric user id and make 1000 the default value for Debian
(closes: #579574)
* change the way retries are done to error out quicker if the LDAP server
is down for some time (this should make the system more responsive when
the LDAP server is unavailable) and rename the reconnect_maxsleeptime
option to reconnect_retrytime to better describe the behaviour
* only log "connected to LDAP server" if the previous connection failed
(closes: #483795)
* documentation improvements
* debian/nslcd.config: also parse /etc/ldap.conf for systems that put NSS
and PAM configuration there - 4. By Arthur de Jong on 2010-02-27
-
* allow password modification by root using the rootpwmoddn configuration
file option (the user will be prompted for the password for rootpwmoddn
instead of the user's password)
* the LDAP password modify EXOP is first tried without the old password and
if that fails retried with the old password
* when determining the domain name (used for some value of the base and uri
options) also try to use the hostname aliases to build the domain name
(patch by Jan Schampera)
* perform locking on the pidfile on start-up to ensure that only one nslcd
process is running and implement a --check option (patch by Jan Schampera)
* documentation improvements
* upgrade to standards-version 3.8.4 (no changes needed)
* start nslcd before apache for systems that use LDAP users to run virtual
hosts (closes: #565971) - 3. By Arthur de Jong on 2009-12-28
-
* some attributes may be mapped to a shell-like expression that expand
attributes from LDAP entries; this allows attributes overrides, defaults
and much more (as a result the passwd cn attribute mapping has been
removed because the gecos mapping is now "${gecos:-$cn}" by default)
* update the NSS module to follow the change in Glibc where the addr
parameter of getnetbyaddr_r() was changed from network-byte-order to
host-byte-order
* properly escape searches for uniqueMember attributes for DN with a comma
in an attribute value
* miscellaneous improvements to the configure script implementing better
(and simpler) library detection
* some general refactoring and other miscellaneous improvements
* make configure check if we need to explicitly link to -llber
(closes: #555779)
* libnss-ldapd: recommend libpam-krb5 as an alternative to libpam-ldapd for
Kerberos environments
* updated Italian debconf translation by Vincenzo Campanella
(closes: #556107)
* fix nslcd postrm to remove old config file (thanks piuparts) - 2. By Arthur de Jong on 2009-10-20
-
* implement password changing by performing an LDAP password modify EXOP
request (closes: #550836)
* fix return of authorisation check in PAM module (patch by Howard Chu)
* fix "Use StartTLS?" debconf question when no ssl option is defined in the
config
* fix for problem when authenticating to LDAP entries without a uid
attribute in the DN
* general code clean-up and portability improvements and include all
needed header files (closes: #547206)
* provide more information with communication error messages
* updated German debconf translation by Erik Schanze (closes: #546244)
* updated Vietnamese debconf translation by Clytie Siddall (closes: #548037) - 1. By Arthur de Jong on 2009-09-01
-
* rename software to nss-pam-ldapd to indicate that PAM module is now a
standard part of the software
* split into the binary packages libnss-ldapd, libpam-ldapd and nslcd
(libpam-ldapd packaging used a patch for libpam-ldap by Steve Langasek)
(closes: #535505)
* the configuration file name has been changed to /etc/nslcd.conf (package
upgrade should migrate the configuration)
* updated Galician debconf translation by Marce Villarino (closes: #537424)
* patch by Petter Reinholdtsen to fix init script to start before autofs
(closes: #544093)
* the default values for bind_timelimit and reconnect_maxsleeptime were
lowered from 30 to 10 seconds (closes: #532874)
* upgrade to standards-version 3.8.3 (no changes needed)
* password hashes are no longer returned to non-root users (based on a patch
by Alexander V. Chernikov)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/nss-pam-ldapd