| 1 |
Grant Goodyear [g2boojum@g.o] wrote: |
| 2 |
> I'm currently working on at least slightly revamping our openldap |
| 3 |
> ebuilds so that they aren't quite so broken. For those of you who have |
| 4 |
> successfully installed openldap, what versions are you using? Have you |
| 5 |
> found any notable bugs or problems (other than the ssh business, which I |
| 6 |
> haven't come close to looking at yet) that I need to address? |
| 7 |
> |
| 8 |
|
| 9 |
I'm using the current released ebuild. It works fine for me. |
| 10 |
FYI, the problem with ssh is not ldap, it's ssh. telnet, ftp, |
| 11 |
etc all work just fine. |
| 12 |
|
| 13 |
The problem is that the changes for priviledge seperation in OpenSSH |
| 14 |
broke the parts of PAM authentication that require root privileges |
| 15 |
to work. For example, dealing with shadow accounts (primarily |
| 16 |
surrounding expiry tests) and creating home directories. |
| 17 |
|
| 18 |
There are several bug reports about this in openssh's bugzilla |
| 19 |
already. Hopefully they'll get around to fixing it one day. I'm |
| 20 |
still digging for a patch to fix this, and if I find one that |
| 21 |
works (or write one) I'll pass it along to the openssh ebuild |
| 22 |
maintainer. |
| 23 |
|
| 24 |
-- |
| 25 |
The urge to save humanity is almost always only a false-face for the urge |
| 26 |
to rule it. |
| 27 |
--H.L. Mencken |
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-dev@g.o mailing list |
Archives