Bug#792042: marked as done (gosa-create/gosa-create-hosts fail on LDAP ous containing blanks)
Your message dated Mon, 28 Mar 2016 18:49:03 +0000
with message-id <E1akcDn-0007Je-JP@franck.debian.org>
and subject line Bug#792042: fixed in debian-edu-config 1.819
has caused the Debian Bug report #792042,
regarding gosa-create/gosa-create-hosts fail on LDAP ous containing blanks
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact firstname.lastname@example.org
Debian Bug Tracking System
Contact email@example.com with problems
--- Begin Message ---
I have today stumbled over an issue in the gosa-create script (also the not-yet-used gosa-create-host is affected).
In the kadmin.local call in those script, the $USERDN (-> \"$USERDN\") and $HOSTDN (-> \"$HOSTDN\") need to be quoted. Otherwise Kerberos principal creation fails silently on DNs with blanks in OUs.
I can commit that change later, all debian-edu-config versions in Debian are affected.
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976148
GnuPG Key ID 0x25771B13
mail: firstname.lastname@example.org, http://das-netzwerkteam.de
--- End Message ---
--- Begin Message ---
- To: email@example.com
- Subject: Bug#792042: fixed in debian-edu-config 1.819
- From: Petter Reinholdtsen <firstname.lastname@example.org>
- Date: Mon, 28 Mar 2016 18:49:03 +0000
- Message-id: <E1akcDn-0007Je-JP@franck.debian.org>
We believe that the bug you reported is fixed in the latest version of
debian-edu-config, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to email@example.com,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
Petter Reinholdtsen <firstname.lastname@example.org> (supplier of updated debian-edu-config package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing email@example.com)
-----BEGIN PGP SIGNED MESSAGE-----
Date: Mon, 28 Mar 2016 18:26:23 +0000
Maintainer: Debian Edu Developers <firstname.lastname@example.org>
Changed-By: Petter Reinholdtsen <email@example.com>
debian-edu-config - Configuration files for Skolelinux systems
Closes: 621787 722937 766192 785467 792042 793678 794000 794189 794602 798435 800651 801741 803911 804207 805402 815040
debian-edu-config (1.819) unstable; urgency=medium
[ Petter Reinholdtsen ]
* Translation updates:
- Updated Brazilian Portuguese translation for debconf questions
(Closes: #785467). Translated by Adriano Rafael Gomes.
* Remove workaround for bug #585966 in init.d/fetch-ldap-cert, now
that we no longer use pdns.
* Replace 'jessie' with 'stretch' everywhere to prepare for the
* Split the setup of the diskless workstation envionment in LTSP
into three parts to get some more progress bar movement during
[ Mike Gabriel ]
* Add quotes around DNs when evoking kadmin.local in gosa-create and
gosa-create-host. (Closes: #792042).
* WoL for Debian Edu clients: Make shutdown and wake-up procedure of
Debian Edu clients configurable separately. (Closes: #801741).
We now have four NIS netgroups available that allow configuration
of wake-up and shutdown behaviour:
- shutdown-at-night-hosts: hosts to wake-up and shutdown.
- no-shutdown-at-night-hosts: blacklist of hosts not to wake-up nor
- wakeup-in-the-morning-hosts: hosts to wake-up in the morning, overrides
hostlist given via shutdown-at-night-hosts NIS netgroup, this also expects
host blacklisting to be handled via the below NIS netgroup.
- no-wakeup-in-the-morning-hosts: blacklist of hosts that are not
to be woken up in the morning.
* shutdown-at-night/client-generator: Use same NIS netgroup "namespace"
for all shutdown-at-night NIS netgroups:
- shutdown-at-night-hosts (unchanged)
- shutdown-at-night-hosts-blacklist (renamed)
- shutdown-at-night-wakeup-hosts (renamed)
- shutdown-at-night-wakeup-hosts-blacklist (renamed)
* Chmod a+x on all scripts in share/debian-edu-config/tools/.
* debian-edu-fsautoresize: Always use mapper names instead of kernel names
when detecting supported mount points. (Closes: #800651). Thanks
to Wolfgang Schweer and Giorgio Pioda.
* gosa-sync: Test if a given user account actually is a Kerberos account. If
not, don't try to set the Kerberos password for this account. (Closes:
* gosa-sync: Fix escaping double quotes and semicolons. (Closes: #794000).
* Drop deprecated README.ldap file. (Closes: #621787).
* exim4 mainserver configuration: Allow Debian Edu clients on the default
Debian Edu network to directly send mails to the main server (by white-
listing the 10./8 network). This fixes console mailing and system mails
on Debian Edu clients (Closes: #794602).
* Following Holger Levsen's suggestion about dropping
share/debian-edu-config/tools/qemu-test-network. (Closes: #766192).
* Remove qemu-test-network from Makefile. Fix FTBFS of d-e-c.
+ Remove directory /var/lib/dovecot (which we create in d-e-c.postinst),
if empty (Closes: #722937).
* Set configVersion="Managed-by-Debian-Edu" in gosa.conf. (Closes: #794189).
This requires gosa (>= 2.7.4+reloaded2-1+deb8u2~) to be installed on the
* Add LDAP posixGroup "printer-admins" to LDAP bootstrap and make this
group the system group in CUPS. (Closes: #793678).
* Apache2+LDAP: Add /etc/apache2/include/debian-edu-ldapauth.inc containing
a working include block that eases setting up LDAP authentication
* Create shutdown-at-night-wakeup-hosts-blacklist NIS netgroup during LDAP
* etc/gosa/gosa.conf: Typo fix in comment.
* LDAP bootstrap: Create generic host (CNAME record for tjener) ipp.intern.
* wpad.dat: Use DIRECT connects for URL hosts being in network 127./8 and
for hosts being in the .local domain. (Closes: #803911).
* GOsa: Add POSTLOCK and POSTUNLOCK hooks for GOsa password locking. These
hook scripts (gosa-lock-user, gosa-unlock-user) take care of locking/
unlocking the Kerberos part of user accounts. (Closes: #804207).
* Adapt to a code injection prevention fix in GOsa (starting with Debian
package gosa 2.7.4+reloaded2-1+deb8u2): Don't mention the sambaHashHook
parameter in gosa.conf anymore (as hashed passwords now have to be base64
encoded). Already existing gosa.conf files on deployed servers should drop
the sambaHashHook from the gosa.conf file, as well, once gosa is updated to
the above referenced GOsa version.
* CUPS: Do hostname lookups, so https redirects are done to the FQDN of the
CUPS server instead of to its IP address. (Closes: #805402).
* Improve gosa-lock-user, gosa-unlock-user: When logging success/failure,
differentiate between non-existent and non-kerberized accounts.
* Don't create home dir and Kerberos principal for GOsa user template
account. (Closes: #815040).
* shutdown-at-night/clients-generator: Empty NIS netgroups for
s-a-n-wakeup-hosts and s-a-n-wakeup-hosts-blacklists are now recognized
as empty lists. Thus, all systems can be blocked from waking-up by placing
an empty NIS netgroup s-a-n-wakeup-hosts into LDAP.
009993d1a8e6349952e97b875f8c7583abb0ef10 1901 debian-edu-config_1.819.dsc
394cdab1455137dad9ef8aa1e0493cff4b1c6fb2 500732 debian-edu-config_1.819.tar.gz
6feea0fa3667de32ce1fadbdfad6dd042dde2c5191ee08133c240071bd623db3 1901 debian-edu-config_1.819.dsc
5102a97d4a03c7b87630d9590e56cb470ec88454fe754b5808033917f9e0918a 500732 debian-edu-config_1.819.tar.gz
36209b951badab02b7c0ab1901eab714 1901 misc extra debian-edu-config_1.819.dsc
f753860ba4e5b1deac7a2c8f043d6c88 500732 misc extra debian-edu-config_1.819.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
--- End Message ---