From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D25EA158042 for ; Wed, 13 Nov 2024 15:34:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0A56EE0887; Wed, 13 Nov 2024 15:34:16 +0000 (UTC) Received: from mail.dotcomltd.ru (mail.dotcomltd.ru [89.21.149.49]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 9D067E087A for ; Wed, 13 Nov 2024 15:34:15 +0000 (UTC) Received: by mail.dotcomltd.ru (Mail server, from userid 5002) id 51149420F01; Wed, 13 Nov 2024 18:34:14 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dotcomltd.ru; s=dotcom; t=1731512054; bh=+2jtoAJsI5Za4yRYnDS4VdDYkCBu4gMa50lKcsbSx0E=; h=Date:Subject:To:References:From:In-Reply-To; b=XvHY7qj5uWcR6pySSxQnqiN4qG4nSxdi+60++h2gMAfPYOfsW2En3rqBiNqFbp3ga 1QTmEtYwDn3cSgnZTJ8qm4Z7AOkpbI0yfQjUsyTBTNPXBBKy2GHnrj8V4zbSjawEyd LiFfnlwGPqW8WrdOyH1UBdPHEZ2YMPhEfLDy/heQ= X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on phoenix.dotcomltd.ru X-Spam-Level: X-Spam-Status: No, score=-2.7 required=4.5 tests=ALL_TRUSTED,BAYES_00, DKIM_INVALID,DKIM_SIGNED,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=4.0.0 Received: from [10.8.3.6] (unknown [10.8.3.6]) by mail.dotcomltd.ru (Mail server) with ESMTPSA id F10AB4208D1 for ; Wed, 13 Nov 2024 18:34:12 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dotcomltd.ru; s=dotcom; t=1731512052; bh=+2jtoAJsI5Za4yRYnDS4VdDYkCBu4gMa50lKcsbSx0E=; h=Date:Subject:To:References:From:In-Reply-To; b=H0dzzQyYqVynJRkO0bNrR/BnVu6DsWYOzlDUT2pU1WoRNTstw4qoCk9Rh8P1wfwd4 K+Jeiq/QuaCn1L5Pe7hvsKQ9pQZkeOeiYcwVtb64Rgu+rrVc2rqUAjvEXj9pblcwSU Jpwv7tSyOJtEzsGkpSBN4ElTHTPDcV6j1ykwp+JI= Message-ID: <08474539-c5a9-471c-aa24-c5e0505f424b@dotcomltd.ru> Date: Wed, 13 Nov 2024 18:34:08 +0300 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [gentoo-user] where is pam_ldap now? To: gentoo-user@lists.gentoo.org References: <4c53567d-16b0-4fd3-bace-230510713206@dotcomltd.ru> <66b1b022-65c8-49fa-a9cf-b5c02fdf715e@gentoo.org> <14082891.RDIVbhacDa@rogueboard> Content-Language: en-US From: Evgeny Bushkov In-Reply-To: <14082891.RDIVbhacDa@rogueboard> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: dbafcd8e-f42c-4922-8e46-4e798c9db9b6 X-Archives-Hash: a7dd8165dffa4a533595b0c996c4c9a4 On 13.11.2024 18:14, Michael wrote: > On Wednesday 13 November 2024 15:12:06 GMT Eli Schwartz wrote: >> On 11/13/24 8:48 AM, Evgeny Bushkov wrote: >>> Hi , >>> >>> somehow my ldap user became blocked from access to a ssh-server. It >>> turns out pam can't find pam_ldap.so module anymore. Yes I remember I >>> removed it at recent 'emerge --depclean' session but the portage tree >>> doesn't have it anymore. I wonder where is sys-auth/pam_ldap now? >>> There's no mentioning in news nor in web search. I managed to restore >>> pam_ldap module from packages but now I'm in need for more reliable >>> decision. >> pam_ldap was masked and last rited on August 8, and deleted from >> >> ::gentoo on September 13. It wouldn't have been in the news. >> >> Here is the announcement: >> >> https://public-inbox.gentoo.org/gentoo-dev-announce/7f786219-b478-46b2-ab5c-> d2a805727063@gentoo.org/ >> >> The recommended replacement was nss-pam-ldapd. >> >> You can keep using pam_ldap if you prefer, from a local overlay. > The wiki suggests 'sys-auth/sssd' as a more recent alternative: > > https://wiki.gentoo.org/wiki/ > Centralized_authentication_using_OpenLDAP#Configuring_SSSD > > https://packages.gentoo.org/packages/sys-auth/sssd Thanks! I'll take a look at manuals and choose sssd or nss-pam-ldapd for substitution of pam_ldap.