[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#794000: marked as done (GOsa²'s post-pwchange Hook (gosa-sync) cannot handle ";" (semikolon) in passwords)

Your message dated Mon, 28 Mar 2016 18:49:03 +0000
with message-id <E1akcDn-0007Jq-Kz@franck.debian.org>
and subject line Bug#794000: fixed in debian-edu-config 1.819
has caused the Debian Bug report #794000,
regarding GOsa²'s post-pwchange Hook (gosa-sync) cannot handle ";" (semikolon) in passwords
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
794000: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794000
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: debian-edu-config
Severity: important
Version: 1.818
We encountered an important issue with GOsa² in Debian Edu: a user tried to change his password (via the adminstrative change password dialog).
The favourized password contains ";" (semicolon). Trying to use that password, results in 

"""
Post-even Hook reported problem. Could not verify password for '<user>'. Nothing done... The password change has been cancelled. 
""" (Translated from a German error message)

""" (German)
Post-even-Hook meldete ein Problem: Could not verify password for '<user>'. Nothing done... Die Passwortänderungen wurde abgebrochen. 
"""
As the above message is produced by the debian-edu-config script gosa-sync (same error message is found in that script), it needs to be fixed there. 

light+love,
Mike
--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

Attachment: pgpKprWjK3JQd.pgp
Description: Digitale PGP-Signatur


--- End Message ---
--- Begin Message --- 
Source: debian-edu-config
Source-Version: 1.819

We believe that the bug you reported is fixed in the latest version of
debian-edu-config, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 794000@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated debian-edu-config package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 28 Mar 2016 18:26:23 +0000
Source: debian-edu-config
Binary: debian-edu-config
Architecture: source
Version: 1.819
Distribution: unstable
Urgency: medium
Maintainer: Debian Edu Developers <debian-edu@lists.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description:
 debian-edu-config - Configuration files for Skolelinux systems
Closes: 621787 722937 766192 785467 792042 793678 794000 794189 794602 798435 800651 801741 803911 804207 805402 815040
Changes:
 debian-edu-config (1.819) unstable; urgency=medium
 .
   [ Petter Reinholdtsen ]
   * Translation updates:
     - Updated Brazilian Portuguese translation for debconf questions
       (Closes: #785467).  Translated by Adriano Rafael Gomes.
   * Remove workaround for bug #585966 in init.d/fetch-ldap-cert, now
     that we no longer use pdns.
   * Replace 'jessie' with 'stretch' everywhere to prepare for the
     next release.
   * Split the setup of the diskless workstation envionment in LTSP
     into three parts to get some more progress bar movement during
     installation.
 .
   [ Mike Gabriel ]
   * Add quotes around DNs when evoking kadmin.local in gosa-create and
     gosa-create-host. (Closes: #792042).
   * WoL for Debian Edu clients: Make shutdown and wake-up procedure of
     Debian Edu clients configurable separately. (Closes: #801741).
     We now have four NIS netgroups available that allow configuration
     of wake-up and shutdown behaviour:
     - shutdown-at-night-hosts: hosts to wake-up and shutdown.
     - no-shutdown-at-night-hosts: blacklist of hosts not to wake-up nor
       to shutdown.
     - wakeup-in-the-morning-hosts: hosts to wake-up in the morning, overrides
       hostlist given via shutdown-at-night-hosts NIS netgroup, this also expects
       host blacklisting to be handled via the below NIS netgroup.
     - no-wakeup-in-the-morning-hosts: blacklist of hosts that are not
       to be woken up in the morning.
    * shutdown-at-night/client-generator: Use same NIS netgroup "namespace"
     for all shutdown-at-night NIS netgroups:
     - shutdown-at-night-hosts (unchanged)
     - shutdown-at-night-hosts-blacklist (renamed)
     - shutdown-at-night-wakeup-hosts (renamed)
     - shutdown-at-night-wakeup-hosts-blacklist (renamed)
   * Chmod a+x on all scripts in share/debian-edu-config/tools/.
   * debian-edu-fsautoresize: Always use mapper names instead of kernel names
     when detecting supported mount points. (Closes: #800651). Thanks
     to Wolfgang Schweer and Giorgio Pioda.
   * gosa-sync: Test if a given user account actually is a Kerberos account. If
     not, don't try to set the Kerberos password for this account. (Closes:
     #798435).
   * gosa-sync: Fix escaping double quotes and semicolons. (Closes: #794000).
   * Drop deprecated README.ldap file. (Closes: #621787).
   * exim4 mainserver configuration: Allow Debian Edu clients on the default
     Debian Edu network to directly send mails to the main server (by white-
     listing the 10./8 network). This fixes console mailing and system mails
     on Debian Edu clients (Closes: #794602).
   * Following Holger Levsen's suggestion about dropping
     share/debian-edu-config/tools/qemu-test-network. (Closes: #766192).
   * Remove qemu-test-network from Makefile. Fix FTBFS of d-e-c.
   * debian/debian-edu-config.postrm:
     + Remove directory /var/lib/dovecot (which we create in d-e-c.postinst),
       if empty (Closes: #722937).
   * Set configVersion="Managed-by-Debian-Edu" in gosa.conf. (Closes: #794189).
     This requires gosa (>= 2.7.4+reloaded2-1+deb8u2~) to be installed on the
     main server.
   * Add LDAP posixGroup "printer-admins" to LDAP bootstrap and make this
     group the system group in CUPS. (Closes: #793678).
   * Apache2+LDAP: Add /etc/apache2/include/debian-edu-ldapauth.inc containing
     a working include block that eases setting up LDAP authentication
     in Apache2.
   * Create shutdown-at-night-wakeup-hosts-blacklist NIS netgroup during LDAP
     bootstrap.
   * etc/gosa/gosa.conf: Typo fix in comment.
   * LDAP bootstrap: Create generic host (CNAME record for tjener) ipp.intern.
   * wpad.dat: Use DIRECT connects for URL hosts being in network 127./8 and
     for hosts being in the .local domain. (Closes: #803911).
   * GOsa: Add POSTLOCK and POSTUNLOCK hooks for GOsa password locking. These
     hook scripts (gosa-lock-user, gosa-unlock-user) take care of locking/
     unlocking the Kerberos part of user accounts. (Closes: #804207).
   * Adapt to a code injection prevention fix in GOsa (starting with Debian
     package gosa 2.7.4+reloaded2-1+deb8u2): Don't mention the sambaHashHook
     parameter in gosa.conf anymore (as hashed passwords now have to be base64
     encoded). Already existing gosa.conf files on deployed servers should drop
     the sambaHashHook from the gosa.conf file, as well, once gosa is updated to
     the above referenced GOsa version.
   * CUPS: Do hostname lookups, so https redirects are done to the FQDN of the
     CUPS server instead of to its IP address. (Closes: #805402).
   * Improve gosa-lock-user, gosa-unlock-user: When logging success/failure,
     differentiate between non-existent and non-kerberized accounts.
   * Don't create home dir and Kerberos principal for GOsa user template
     account. (Closes: #815040).
   * shutdown-at-night/clients-generator: Empty NIS netgroups for
     s-a-n-wakeup-hosts and s-a-n-wakeup-hosts-blacklists are now recognized
     as empty lists. Thus, all systems can be blocked from waking-up by placing
     an empty NIS netgroup s-a-n-wakeup-hosts into LDAP.
Checksums-Sha1:
 009993d1a8e6349952e97b875f8c7583abb0ef10 1901 debian-edu-config_1.819.dsc
 394cdab1455137dad9ef8aa1e0493cff4b1c6fb2 500732 debian-edu-config_1.819.tar.gz
Checksums-Sha256:
 6feea0fa3667de32ce1fadbdfad6dd042dde2c5191ee08133c240071bd623db3 1901 debian-edu-config_1.819.dsc
 5102a97d4a03c7b87630d9590e56cb470ec88454fe754b5808033917f9e0918a 500732 debian-edu-config_1.819.tar.gz
Files:
 36209b951badab02b7c0ab1901eab714 1901 misc extra debian-edu-config_1.819.dsc
 f753860ba4e5b1deac7a2c8f043d6c88 500732 misc extra debian-edu-config_1.819.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW+Xr5AAoJEIEoCqCHuvsO+roQAKC/adDFpwdBEZZvyA935UYJ
CZEC7Hk3rSCx+3BBQR6+d3C9/n8UjK6/ZCHjgUdhOV5q+5krMcPN68gMArtOUYFn
CWy32wmnB/+ELTl+Ga0emSFGGdJOQ6g9WcawUar9jfHkVkMfwpLGubxe2LkWWKRO
3mPZhRNocAQzB+WcVb9d6pu6AkjTtHAoRNFpLkKN7GeQl+p1RdPydi4AqDXaL7YF
kK7uCD2LKZCiK1m36RIJy68nzI/7fzmQDDzuzwlXvINrqa09REQf/hAgnxn45bCm
JNKlso7hbuHcYELKbbFGvWk3p0NZYhSnyt2q9IuA/jMeNg+UNbnYSF+YDYxSb4yK
KJeDzpuFprsThYhMaxwaz1/coD+arEpcq6316SLY7AlsDIRTH7tRtrpa5XKGrARk
b2WVwONCzDQ/Ch1EYNNMR1XDKMPHSG3rsxTl2bmL8EeL4X1ueUU5YyA3vcKNm4zC
kzkIhPQ8kX3WRV49PLNdHDoKCgItTRV13NI1ST4R+HwVGfJqzbfeLyaG0YUuNV4V
69Tm8xh9SO2TF2HJ5KLJa2zQ2uHHPa79QsCNkzSV4w0hl8mcNDnqpmzZiL3npYZa
513yiYAegNHLffX8uYg+YsVe9qefuy8VMVniyYouos+29tc3u4NA7VFZepy7JKqF
Vb8FIjqcnIZNsn9kCJVb
=Ktun
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: