libnss-ldap permission problem upgrading package

To: Debian Testing <debian-testing@lists.debian.org>
Subject: libnss-ldap permission problem upgrading package
From: Xavi León <Javier.Leon-Gutierrez@upc.edu>
Date: Wed, 02 Mar 2005 10:36:20 +0100
Message-id: <[🔎] 42258914.5050704@upc.edu>

Hi!

we have a samba server for sharing files and printers and authenticateagainst a LDAP serverin the same machine. The document i read to do that said me that i haveto change the permissionsattributes for the file /etc/libnss-ldap.conf (which originaly is 600)to 644.When upgrading the package (we've installed the debian sarge package)this permissions changedwithout asking me for doing that. As a result, only the unix file/etc/passwd database is asked when

i do "getent passwd" (so, the users in the ldap directory aren't shown).
chmod 644 /etc/libnss-ldap.conf  solves the problem.

My question is if there is any special (security) reason to restrict somuch this file, i know that it canhave the bindpasswd inside but... it's usually to access anonymously tothe ldap directory and if

the system require this config file to be world readable...
I don't know, but i cannot advide why it works so.

thx if anyone replys!

Regards,
Xavi

PS: i lost 3 hours searching why the users cannot authenticate in thesamba server, so making an advise

when upgrading would be usefull, doesn't it?

PS: I've made a "dpkg -L libnss-ldap" and it shows me that it provides aman page for libnss-ldap.conf

file so i thought that it was a problem of this package, sorry if not.

Reply to:

Follow-Ups:
- Re: libnss-ldap permission problem upgrading package
  - From: Xavi León <Javier.Leon-Gutierrez@upc.edu>

Prev by Date: Kernel oops when removing USB CDROM
Next by Date: Re: larry
Previous by thread: Re: Kernel oops when removing USB CDROM
Next by thread: Re: libnss-ldap permission problem upgrading package
Index(es):
- Date
- Thread