Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users

To: Julien Cristau <jcristau@debian.org>, 545414@bugs.debian.org
Cc: release-notes@packages.debian.org
Subject: Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
From: Arthur de Jong <adejong@debian.org>
Date: Wed, 05 Jan 2011 22:43:39 +0100
Message-id: <[🔎] 1294263820.3150.72.camel@sorbet.thuis.net>
In-reply-to: <[🔎] 20110102122453.GO2813@radis.liafa.jussieu.fr>
References: <alpine.DEB.1.10.1012062342150.28216@martello.ucc.gu.uwa.edu.au> <1291930644.13129.21.camel@sorbet.thuis.net> <20101209220743.GI4343@dan.olp.net> <alpine.DEB.1.10.1012101136450.28216@martello.ucc.gu.uwa.edu.au> <1291991508.2854.219.camel@sorbet.thuis.net> <1293462938.5888.32.camel@sorbet.thuis.net> <20101227153632.GV2813@radis.liafa.jussieu.fr> <1293467965.5888.134.camel@sorbet.thuis.net> <20101227164337.GY2813@radis.liafa.jussieu.fr> <[🔎] 1293970128.8582.55.camel@sorbet.thuis.net> <[🔎] 20110102122453.GO2813@radis.liafa.jussieu.fr>

Thanks for your remarks and sorry for the somewhat slow response.

I've used your comments to update the patch (see attachment).

Btw, do you know if there is some style guide available for the release
notes (or general info)?

-- 
-- arthur - adejong@debian.org - http://people.debian.org/~adejong --

Index: whats-new.dbk
===================================================================
--- whats-new.dbk	(revision 8022)
+++ whats-new.dbk	(working copy)
@@ -437,6 +437,42 @@
 
 </section>
 
+<section id="ldap">
+  <title><acronym>LDAP</acronym> support</title>
+  <indexterm><primary>LDAP</primary></indexterm>
+  <para>
+    This Debian release comes with several options for implementing
+    client-side authentication using LDAP.
+    Users of the <systemitem role="package">libnss-ldap</systemitem> and
+    <systemitem role="package">libpam-ldap</systemitem> packages should
+    consider upgrading to
+    <systemitem role="package">libnss-ldapd</systemitem> and
+    <systemitem role="package">libpam-ldapd</systemitem>.
+  </para>
+  <para>
+    These newer packages delegate the <acronym>LDAP</acronym> queries to a central unprivileged
+    daemon (<command>nslcd</command>) that provides separation between the process using the <acronym>LDAP</acronym>
+    information and the daemon performing <acronym>LDAP</acronym> queries. This simplifies
+    handling of secured <acronym>LDAP</acronym> connections,
+    <acronym>LDAP</acronym> authentication credentials, provides a simpler
+    mechanism to perform connection fail-over and debugging and avoids
+    loading <acronym>LDAP</acronym> and related libraries into most
+    applications.
+  </para>
+  <para>
+    Upgrading to <systemitem role="package">libnss-ldapd</systemitem> and
+    <systemitem role="package">libpam-ldapd</systemitem> should be easy
+    as existing configuration information will be mostly reused.
+    Only for advanced configuration should any manual reconfiguration be
+    necessary.
+  </para>
+  <para>
+    These packages however currently lack support for nested groups and only
+    support password change using the <acronym>LDAP</acronym> password modify
+    EXOP operation.
+  </para>
+</section>
+
 <section id="proposed-updates-intro">
   <title>The proposed-updates section</title>
   <para>

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
  - From: Julien Cristau <jcristau@debian.org>

References:
- Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
  - From: Arthur de Jong <adejong@debian.org>
- Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#609029: release-notes: [squeeze] various
Next by Date: Bug#599813: release-notes: GNOME additions for the release notes
Previous by thread: Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
Next by thread: Re: Bug#545414: sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users
Index(es):
- Date
- Thread