On Wed, Sep 21, 2011 at 09:07:36PM +0200, Arthur de Jong wrote: > On Wed, 2011-09-21 at 15:14 +0200, Philipp Kern wrote: > > so I've got nslcd installed via puppet (which probably implies > > DEBCONF_FRONTEND=noninteractive) and nslcd.conf managed by it too. When I > > upgrade to the p-u version I get a debconf prompt. It manages to parse > > everything except tls_reqcert=hard, which is then converted to never in > > the prompt without warning. > The problem is that the .config script that fills debconf doesn't > support hard for tls_reqcert. It should treat it as demand. This is a > bug that has been there since 0.6.11. > > The fix is here: > http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1546&view=revision I can confirm that this fix at least parses tls_reqcert to demand as intended. > > There is no prompt when I do an `apt-get install --reinstall' afterwards, > > so it seems that it doesn't cope with an existing installation without > > debconf use. > > The debconf stuff is pretty tricky to get right. It needs to support > preseeding, a pre-existing configuration file and uses system-dependant > default values for debconf (e.g. automatically search for an LDAP > server, construct search base using domain name, etc). Furthermore, the > debconf configuration has grown to support configuration of quite some > options. > > Thanks for reporting this. It still shows a debconf prompt, but I guess this is already better than no fix before we can push that stable update. Can you upload it? Kind regards and thanks, Philipp Kern -- .''`. Philipp Kern Debian Developer : :' : http://philkern.de Stable Release Manager `. `' xmpp:phil@0x539.de Wanna-Build Admin `- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature