lp:ubuntu/saucy/nss-pam-ldapd

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/saucy/nss-pam-ldapd
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

27. By Arthur de Jong

* New upstream release
  - include an extra sanity check to ensure not too many file
    descriptors are open
  - fix handling of gid configuration option if it listed before the uid
    option
  - return NSS_STATUS_TRYAGAIN on zero-length (but not-NULL) buffer (thanks
    Jakub Hrozek)
  - provide an _nss_ldap_version symbol in the NSS module to help debug
    problems with a newer nslcd
  - retry updating the lastChange attribute with the normal nslcd LDAP
    connection if the update with the user's connection failed
  - avoid processing passwd_byuid requests for uids below nss_min_uid
  - fix a few minor or very unlikely to occur memory leaks
  - miscellaneous minor changes, fixes and compatibility improvements
* drop 01-fix-set-usec-instead-of-sec.patch which is part of 0.8.13
* remove compatibility code that converted nss-ldapd.conf to nslcd.conf
  for upgrading from pre-0.7 versions of nss-ldapd (thanks Dominik George)
* remove code for fixing permissions when upgrading from a pre-0.6.7.1
  version
* updated Turkish debconf translation by Atila KOÇ (closes: #701067)
* drop Richard A Nelson from uploaders
* add build dependency on autotools-dev to ensure config.sub and
  config.guess are automatically updated during build

26. By Arthur de Jong

01-use-poll-instead-of-select.patch: update patch to fix a problem in
the timeout calculation used in the communication protocol between
nslcd and the NSS and PAM modules, thanks Julien Cristau

25. By Arthur de Jong

* fix a problem in sed logic for commenting out disabled options
  (closes: #689296)
* support "EXTERNAL" SASL mechanism in debconf configuration (LP: #1063923)
  (the debconf template has been postponed to avoid having to update all
  translations for a relatively minor change)
* 01-use-poll-instead-of-select.patch: use poll() instead of select()
  for checking file descriptor activity to also correctly work if more
  than FD_SETSIZE files are already open (closes: #690319)

24. By Arthur de Jong

* fix typo in comment (thanks Caleb Callaway)
* install a ldapns.ldif in nslcd doc directory (closes: #674591)
* ensure that time is set before starting k5start to ensure that Kerberos
  ticket is granted (closes: #659227)
* properly parse and write configuration options with an optional map
  parameter during debconf configuration (LP: #1029062)

23. By Arthur de Jong

* New upstream release:
  - documentation improvements
  - fix a problem that causes the PAM module to prompt for a new password
    even though the old one was wrong
  - log successful password change in nslcd

22. By Arthur de Jong

* new upstream release:
  - allow the pam_authz_search option to be specified multiple times
  - implement extra range checking of all numeric values
  - make documentation up-to-date
  - compatibility improvements

21. By Arthur de Jong

don't clear the tls_reqcert option when using ssl without the
start_tls option or an ldaps:// URL (closes: #672301)

20. By Arthur de Jong

switch PAM config back to additional because if shadow information is
provided pam_unix accepts the user and causes pam_ldap to be skipped

19. By Arthur de Jong

* new upstream release:
  - fix a problem in the handling of PAM requests in nslcd (closes: #670419)
  - install the ldapns.schema in nslcd docs (closes: #669680)
* use the configuration file contents to determine the authentication
  type, not the debconf database (closes: #670133)
* switch PAM account type to primary because it now does all the
  authorisation checks that pam_unix also does
* drop functionality to check whether shadow information is exposed
  in /etc/nsswitch.conf, it was no longer needed sine 0.8.4
* ensure that /var/run/nslcd is not removed during upgrades

18. By Arthur de Jong

* new upstream release:
  - log the first 10 search results in debug mode to make debugging
    easier (patch by Matthijs Kooijman)
  - provide more detailed logging information for LDAP errors, this
    should especially help for TLS related problems (based on a patch by
    Mel Flynn)
  - fix logging of invalid pam_authz_search value (LP: #951343)
  - when doing DNS queries for SRV records recognise default ldap and
    ldaps ports (closes: #661955)
  - make whether or not to do case-sensitive filtering configurable
    (patch by Matthew L. Dailey)
  - document the fact that each thread opens it's own connection (patch
    by Chris Hiestand)
  - some small portability improvements
  - try to prevent some of the Broken pipe messages in nslcd
  - increase buffer used for pam_authz_search as suggested by Chris J Arges
* update the X-Start-Before header in the init script to ensure that nslcd
  is started before the display managers
* update debhelper dependency and remove lintian override
* mark nslcd as multi-arch foreign to allow it to satisfy dependencies
  on any arch
* drop no-symbols-control-file lintian override which is no longer needed
* upgrade to standards-version 3.9.3 (no changes needed)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers