[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#642347: pu: package nss-pam-ldapd/0.7.14

On Wed, Sep 21, 2011 at 09:07:36PM +0200, Arthur de Jong wrote:
> On Wed, 2011-09-21 at 15:14 +0200, Philipp Kern wrote:
> > so I've got nslcd installed via puppet (which probably implies
> > DEBCONF_FRONTEND=noninteractive) and nslcd.conf managed by it too.  When I
> > upgrade to the p-u version I get a debconf prompt.  It manages to parse
> > everything except tls_reqcert=hard, which is then converted to never in
> > the prompt without warning.
> The problem is that the .config script that fills debconf doesn't
> support hard for tls_reqcert. It should treat it as demand. This is a
> bug that has been there since 0.6.11.
> The fix is here:
>   http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1546&view=revision

I can confirm that this fix at least parses tls_reqcert to demand as intended.

> > There is no prompt when I do an `apt-get install --reinstall' afterwards,
> > so it seems that it doesn't cope with an existing installation without
> > debconf use.
> The debconf stuff is pretty tricky to get right. It needs to support
> preseeding, a pre-existing configuration file and uses system-dependant
> default values for debconf (e.g. automatically search for an LDAP
> server, construct search base using domain name, etc). Furthermore, the
> debconf configuration has grown to support configuration of quite some
> options.
> Thanks for reporting this.

It still shows a debconf prompt, but I guess this is already better than no fix
before we can push that stable update.  Can you upload it?

Kind regards and thanks,
Philipp Kern
 .''`.  Philipp Kern                        Debian Developer
: :' :  http://philkern.de                         Stable Release Manager
`. `'   xmpp:phil@0x539.de                         Wanna-Build Admin
  `-    finger pkern/key@db.debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: