Bug#613214: use libpam-krb5 for uidNumbers greater than 10000 only (as opposed to the default > 1000)
Package: debian-edu-config
Version: 1.446~svn72930
Severity: minor
Tags: squeeze
For integration of Kerberos5 libpam-krb5 needs to be tweaked in
a way that it will only apply krb5 pam rules to uidNumbers greater than
10000 (presuming that LDAP users on the Tjener start with 10000).
The current libpam-krb5 package hard-codes uidNumber = 1000 in
/usr/share/pam-configs/krb5
The tweak probably has to be applied via a cfengine script. However, there
exists an optional ActiveDirectory integration for Debian Edu which hacks the
/etc/pam.d/common-* files. Thus, fixing this issue should try to be compliant
with the changes performed by
<debian-edu-config.packages>/share/debian-edu-config/tools/debian-edu-winbind
-- System Information:
Debian Release: 6.0
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Versions of packages debian-edu-config depends on:
ii base-files 6.0 Debian base system
miscellaneous f
ii bind9-host [host] 1:9.7.2.dfsg.P3-1.1 Version of 'host' bundled
with BIN
ii cfengine2 2.2.10-2 Tool for configuring and
maintaini
ii debconf [debconf-2.0 1.5.36.1 Debian configuration
management sy
ii debconf-utils 1.5.36.1 debconf utilities
ii debian-edu-artwork 0.0.32-2 Debian Edu themes and artwork
ii desktop-profiles 1.4.15+nmu1 framework for setting up
desktop p
ii discover 2.1.2-5 hardware identification system
ii education-tasks 0.852~svn72130 Debian Edu tasks for tasksel
ii fping 2.4b2-to-ipv6-16.1 sends ICMP ECHO_REQUEST
packets to
ii host 1:9.7.2.dfsg.P3-1.1 Transitional package
ii ldap-utils 2.4.23-7 OpenLDAP utilities
ii libconfig-inifiles-p 2.52-1 Read .ini-style
configuration file
ii libfilesys-df-perl 0.92-3+b1 Module to obtain
filesystem disk s
ii libhtml-fromtext-per 2.05-5.1 Mark up text as HTML
ii libio-socket-ssl-per 1.33-1+squeeze1 Perl module implementing
object or
ii libjavascript-perl 1.16-3 module for executing
embedded Java
ii libnet-ldap-perl 1:0.4001-2 client interface to LDAP servers
ii libnet-netmask-perl 1.9015-4 parse, manipulate and
lookup IP ne
ii libterm-readkey-perl 2.30-4 A perl module for simple terminal
ii libtext-unaccent-per 1.08-1+b1 provides functions to
remove accen
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2
init scrip
ii mime-support 3.48-1 MIME files 'mime.types' &
'mailcap
ii net-tools 1.60-23 The NET-3 networking toolkit
ii ng-utils 0.7-1 Tool to access netgroups from the
ii openssl 0.9.8o-4 Secure Socket Layer (SSL)
binary a
ii patch 2.6-2 Apply a diff file to an original
ii python-notify 0.1.1-2+b2 Python bindings for libnotify
ii ssl-cert 1.0.28 simple debconf wrapper
for OpenSSL
ii tftp 0.17-18 Trivial file transfer
protocol cli
Versions of packages debian-edu-config recommends:
ii ddccontrol 0.4.2-6 a program to control
monitor param
ii libnotify-bin 0.5.0-2 sends desktop
notifications to a n
ii lsof 4.81.dfsg.1-1 List open files
ii memtest86+ 4.10-1.1 thorough real-mode memory tester
ii resolvconf 1.46 name server information handler
ii syslinux 2:4.02+dfsg-7 collection of boot loaders
Versions of packages debian-edu-config suggests:
ii atftpd 0.7.dfsg-9.1 advanced TFTP server
-- debconf information:
debian-edu-config/kdc-password: (password omitted)
debian-edu-config/kdc-password-again: (password omitted)
* debian-edu-config/update-hostname: false
debian-edu-config/enable-nat: false
debian-edu-config/kdc-password-empty:
debian-edu-config/kdc-password-mismatch:
Reply to: