[Bug 809245] New: zypper dup from 12.2 to 12.3 replace /etc/ldap.conf
https://bugzilla.novell.com/show_bug.cgi?id=809245 https://bugzilla.novell.com/show_bug.cgi?id=809245#c0 Summary: zypper dup from 12.2 to 12.3 replace /etc/ldap.conf Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: HP OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: joerg.rohrer@upc-cablecom.ch QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20100101 Firefox/19.0 zypper dup from 12.2 to 12.3 replace a working /etc/ldap.conf. The original ldap.conf is renamed to .rpmsave. The new "wrong" ldap.conf just contains this: #Don't try forever if the LDAP server is not reacheable bind_policy soft Therefore ldap logins are not working Reproducible: Always Steps to Reproduce: 1. 2. 3. Actual Results: working ldap.conf is replaced Expected Results: just as the new file as .rpmnew -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c1
--- Comment #1 from Joerg Rohrer
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c2
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c3
--- Comment #3 from Joerg Rohrer
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c4
--- Comment #4 from Yang Lifu
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c5
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c6
--- Comment #6 from Ralf Haferkamp
Retrieving: pam_ldap-32bit-186-4.1.1.x86_64.rpm ..........................[done] Digest verification failed for pam_ldap-32bit-186-4.1.1.x86_64.rpm. Expected 9553409e88e84f568bf624fbd071c5e61732c1df6a10c3950ee370655b6b564d, found 5f304752ec4f997bcbff6018f0ecaea5280e54166e3e3f5a15a1aaae87931f82. Continue? [yes/no] (no): no
I am not sure what you are trying to tell me with that :). But this seems to be completely unrelated to this bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c7
--- Comment #7 from Joerg Rohrer
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c8
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c9
--- Comment #9 from Ralf Haferkamp
For me it looks like that the /etc/ldap.conf belong to pam_ldap. Or nss_ldap. That doesn't matter much I guess :). I just put it into nss_ldap.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c10
--- Comment #10 from Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c11
--- Comment #11 from Joerg Rohrer
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c12
--- Comment #12 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c13
--- Comment #13 from Joerg Rohrer
Hmm. Even if authenticate to a local installed openldap? So, i can get rid of pam_ldap? and use nss_ldap. No. I guess you got me wrong. What I wanted to say is that it is perfectly valid and makes sense in some scenarios (not everywhere) to setup nss_ldap with using pam_ldap. Hence it makes sense to put the ldap.conf file into the nss_ldap package. In most cases people will still have both, nss_ldap and
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c14
--- Comment #14 from Ralf Haferkamp
What will be used if you do a complete yast configuration? For resolving and authenticating LDAP based users? sssd nowadays :). Support to setup nss_ldap and pam_ldap has been dropped from YaST in 12.2.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c15
--- Comment #15 from Ralf Haferkamp
I suggest do the same fix for every package which is trying to install or modify the ldap.conf. I just can say that from a user (Admin) perspective. Huh? What other packages are trying to install/modify /etc/ldap.conf?
Besides that. A file can only be owned by a single package. Which was pwdutils in the past. And will be nss_ldap now. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c16
--- Comment #16 from Joerg Rohrer
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c17
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c18
Ralf Haferkamp
https://bugzilla.novell.com/show_bug.cgi?id=809245
https://bugzilla.novell.com/show_bug.cgi?id=809245#c19
--- Comment #19 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com