lp:ubuntu/quantal/nss-pam-ldapd
- Get this branch:
- bzr branch lp:ubuntu/quantal/nss-pam-ldapd
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 24. By Arthur de Jong
-
* fix typo in comment (thanks Caleb Callaway)
* install a ldapns.ldif in nslcd doc directory (closes: #674591)
* ensure that time is set before starting k5start to ensure that Kerberos
ticket is granted (closes: #659227)
* properly parse and write configuration options with an optional map
parameter during debconf configuration (LP: #1029062) - 23. By Arthur de Jong
-
* New upstream release:
- documentation improvements
- fix a problem that causes the PAM module to prompt for a new password
even though the old one was wrong
- log successful password change in nslcd - 22. By Arthur de Jong
-
* new upstream release:
- allow the pam_authz_search option to be specified multiple times
- implement extra range checking of all numeric values
- make documentation up-to-date
- compatibility improvements - 21. By Arthur de Jong
-
don't clear the tls_reqcert option when using ssl without the
start_tls option or an ldaps:// URL (closes: #672301) - 20. By Arthur de Jong
-
switch PAM config back to additional because if shadow information is
provided pam_unix accepts the user and causes pam_ldap to be skipped - 19. By Arthur de Jong
-
* new upstream release:
- fix a problem in the handling of PAM requests in nslcd (closes: #670419)
- install the ldapns.schema in nslcd docs (closes: #669680)
* use the configuration file contents to determine the authentication
type, not the debconf database (closes: #670133)
* switch PAM account type to primary because it now does all the
authorisation checks that pam_unix also does
* drop functionality to check whether shadow information is exposed
in /etc/nsswitch.conf, it was no longer needed sine 0.8.4
* ensure that /var/run/nslcd is not removed during upgrades - 18. By Arthur de Jong
-
* new upstream release:
- log the first 10 search results in debug mode to make debugging
easier (patch by Matthijs Kooijman)
- provide more detailed logging information for LDAP errors, this
should especially help for TLS related problems (based on a patch by
Mel Flynn)
- fix logging of invalid pam_authz_search value (LP: #951343)
- when doing DNS queries for SRV records recognise default ldap and
ldaps ports (closes: #661955)
- make whether or not to do case-sensitive filtering configurable
(patch by Matthew L. Dailey)
- document the fact that each thread opens it's own connection (patch
by Chris Hiestand)
- some small portability improvements
- try to prevent some of the Broken pipe messages in nslcd
- increase buffer used for pam_authz_search as suggested by Chris J Arges
* update the X-Start-Before header in the init script to ensure that nslcd
is started before the display managers
* update debhelper dependency and remove lintian override
* mark nslcd as multi-arch foreign to allow it to satisfy dependencies
on any arch
* drop no-symbols-control- file lintian override which is no longer needed
* upgrade to standards-version 3.9.3 (no changes needed) - 17. By Arthur de Jong
-
* new upstream release:
- a number of code improvements by Jakub Hrozek
* switch to non-native packaging
- add debian/watch file
- update Vcs-Svn and Vcs-Browser control fields
* updated Norwegian Bokmål debconf translation by Bjørn Steensrud
(closes: #654273)
* updated Simplified Chinese debconf translation by zym (closes: #654679)
* automatically comment out mapping of uniqueMember to member on upgrades
because member is default now
* debian/copyright: copyright year updates - 16. By Arthur de Jong
-
* support larger gecos values (closes: #640781)
* updated Swedish debconf translation by Martin Bagge (closes: #640623)
* consistently handle whitespace in configuration file during package
configuration (thanks Nick) (closes: #641619)
* add a versioned dependency on libpam0g to ensure the PAM libraries are
multiarch-aware
* in debconf, treat the "hard" value for tls_reqcert as if it was "demand"
(closes: #642347)
* reduce loglevel of user not found messages to avoid spamming the logs
with useless information (thanks Wakko Warner) (closes: #641820)
* other logging improvements
* keep nslcd running during package upgrades (closes: #644892)
* explicitly parse numbers as base 10 (thanks Jakub Hrozek)
* implement FreeBSD group membership NSS function (thanks Tom Judge)
* fix an issue where changes in /etc/nsswitch.conf were not correctly
picked up and could lead to lookups being disabled on upgrade
(closes: #645599)
* fix an issue with detecting the uid of the calling process and log
denied shadow requests in debug mode
* fix a typo in the disconnect logic code (thanks Martin Poole)
* enable hardening options during build
* implement configuration file handling in pynslcd and other pynslcd
improvements (pynslcd is not in a Debian package yet)
* update debian/copyright - 15. By Arthur de Jong
-
* Upload to unstable
* switch to using the member attribute by default instead of
uniqueMember (backwards incompatible change)
* only return "x" as a password hash when the object has the shadowAccount
objectClass and nsswitch.conf is configured to do shadow lookups using
LDAP (this avoids some problems with pam_unix)
* fix problem with partial attribute name matches in DN (thanks Timothy
White)
* fix a problem with objectSid mappings with recent versions of OpenLDAP
(patch by Wesley Mason)
* set the socket timeout in a connection callback to avoid timeout
issues during the SSL handshake (patch by Stefan Völkel)
* check for unknown variables in pam_authz_search
* only check password expiration when authenticating, only check account
expiration when doing authorisation
* make buffer sizes consistent and grow all buffers holding string
representations of numbers to be able to hold 64-bit numbers
* update AX_PTHREAD from autoconf-archive
* support querying DNS SRV records from a different domain than the current
one (based on a patch by James M. Leddy)
* fix a problem with uninitialised memory while parsing the tls_ciphers
option (closes: #638872) (but doesn't work yet due to #640384)
* implement bounds checking of numeric values read from LDAP (patch by
Jakub Hrozek)
* correctly support large uid and gid values from LDAP (patch by Jakub
Hrozek)
* improvements to the configure script (patch by Jakub Hrozek)
* switch to dh for debian/rules and bump debhelper compatibility to 8
* build Debian packages with multiarch support
* ship shlibs (but still no symbol files) for libnss-ldapd since that was
the easiest way to support multiarch
* fix output in init script when restarting nslcd (closes: #637132)
* correctly handle leading and trailing spaces in preseeded debconf uri
option (patch by Andreas B. Mundt) (closes: #637863)
* support spaces around database names in /etc/nsswitch.conf while
configuring package (closes: #640185)
* updated Russian debconf translation by Yuri Kozlov (closes: #637751)
* updated French debconf translation by Christian Perrier (closes: #637756)
* added Slovak debconf translation by Slavko (closes: #637759)
* updated Danish debconf translation by Joe Hansen (closes :#637763)
* updated Brazilian Portuguese debconf translation by Denis Doria
* updated Portuguese debconf translation by Américo Monteiro
* updated Japanese debconf translation by Kenshi Muto (closes: #638195)
* updated Czech debconf translation by Miroslav Kure (closes: #639026)
* updated German debconf translation by Chris Leick (closes: #639107)
* updated Spanish debconf translation by Francisco Javier Cuadrado
(closes: #639236)
* updated Dutch debconf translation by Arthur de Jong with help from Paul
Gevers and Jeroen Schot
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/raring/nss-pam-ldapd