Bug#515995: libapache2-mod-auth-sys-group: mod-auth-sys-group cant validade winbind groups
Package: libapache2-mod-auth-sys-group
Version: 1.1.1-6.1
Severity: important
I have a apache with mod-auth-sys-group to validade the access to a location via a group
(subversion via http with AD authentication)..
If i use a normal system group it works fine, if i use a windows AD group, via winbind, it
gives:
"GROUP: $USER not in required group(s)."
if i do a "id $USER" it gives that the user have the correct group.
If i do a "getent group |grep $GROUPNAME" also reports that the user is in the
correct group.
This config worked fine in etch, when i updated to lenny it stop working, so something
changed in lenny that broke this
i found this reference:
http://sourceforge.net/tracker/index.php?func=detail&aid=1440239&group_id=6663&atid=306663
that might solve the problem (didnt test it yet), as this is a production system.
As a workaround for the problem by extractiong the groups i need (svn-*) and merge
then in the system group file every time i update the AD groups:
getent group | grep "svn-"| tr [A-Z] [a-z] >>/etc/group
Again, this config in etch worked fine, in lenny it fails to match the AD username
with the AD group, even if the basic system tools can do it
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libapache2-mod-auth-sys-group depends on:
ii apache2.2-common 2.2.9-10+lenny2 Apache HTTP Server common files
ii libc6 2.7-18 GNU C Library: Shared libraries
libapache2-mod-auth-sys-group recommends no packages.
libapache2-mod-auth-sys-group suggests no packages.
-- no debconf information
Reply to: