Bug#850511: cpu: 10_support-inetOrgPerson-Schema.patch broken if -C is used for external config file
Package: cpu
Version: 1.4.3-12
Severity: important
Dear Maintainer,
Bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=397882 introduced a
new configuration option "cn_value" for useradd / usermod / userdel. This
enhancement is provided in the 10_support-inetOrgPerson-Schema.patch in
Debian. Unfortunately, the short option name used for this option is "C"
which is already used to specify a non-default configuration file. As a
result, if using a non-default configuration file specified on command line,
the CN will be erroneously set to the name of the configuration file. This
of course leads to bogus entries being created in LDAP and the inability to
create, modify, or delete proper users.
As an example, the following command:
cpu -C /etc/cpu/cpu-computers.conf useradd -o -d /nonexistent -g computers -s /bin/false pc1$
will result in adding a new user in LDAP whose CN is
"/etc/cpu/cpu-computers.conf" instead of "pc1$". The same would be true for
usermod and userdel operations.
The fix is in fact trivial - a different short option name must be used in
the source code. These are the letters that are still available:
i, I, j, J, K, O, q, Q, T, W, Y (case sensitive)
The change would involve src/plugins/ldap/commandline.c.
Many thanks!
Best regards,
Peter
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.6.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages cpu depends on:
ii debconf [debconf-2.0] 1.5.59
ii libc6 2.24-8
ii libcrack2 2.9.2-3
ii libldap-2.4-2 2.4.44+dfsg-2
ii ucf 3.0036
cpu recommends no packages.
cpu suggests no packages.
-- debconf information excluded
Reply to: