1 |
Grant Goodyear [g2boojum@g.o] wrote: |
2 |
> I'm currently working on at least slightly revamping our openldap |
3 |
> ebuilds so that they aren't quite so broken. For those of you who have |
4 |
> successfully installed openldap, what versions are you using? Have you |
5 |
> found any notable bugs or problems (other than the ssh business, which I |
6 |
> haven't come close to looking at yet) that I need to address? |
7 |
> |
8 |
|
9 |
I'm using the current released ebuild. It works fine for me. |
10 |
FYI, the problem with ssh is not ldap, it's ssh. telnet, ftp, |
11 |
etc all work just fine. |
12 |
|
13 |
The problem is that the changes for priviledge seperation in OpenSSH |
14 |
broke the parts of PAM authentication that require root privileges |
15 |
to work. For example, dealing with shadow accounts (primarily |
16 |
surrounding expiry tests) and creating home directories. |
17 |
|
18 |
There are several bug reports about this in openssh's bugzilla |
19 |
already. Hopefully they'll get around to fixing it one day. I'm |
20 |
still digging for a patch to fix this, and if I find one that |
21 |
works (or write one) I'll pass it along to the openssh ebuild |
22 |
maintainer. |
23 |
|
24 |
-- |
25 |
The urge to save humanity is almost always only a false-face for the urge |
26 |
to rule it. |
27 |
--H.L. Mencken |
28 |
|
29 |
-- |
30 |
gentoo-dev@g.o mailing list |