chfn only understands /etc/passwd

This is also true of chsh

The relevant PAM modules don't support this, do they? In fact, I didn't think PAM supported this at all. That would mean hacking a lot of LDAP-specific code into chfn.

No, I don't think this is at all related to PAM (the only thing PAM does with chfn and chsh is authentication)

Surely though, this would be something that applies to any NSS source, not just LDAP, right?

Also sound relevant to the Network Authentication specification.

Thank you for taking the time to report this bug and helping to make Ubuntu better. You reported this bug a while ago and there hasn't been any activity in it recently. We were wondering if this is still an issue for you. Can you try with the latest Ubuntu release? Thanks in advance.

On Sun, Feb 22, 2009 at 07:05:16PM -0000, Connor Imes wrote:
> Thank you for taking the time to report this bug and helping to make
> Ubuntu better. You reported this bug a while ago and there hasn't been
> any activity in it recently. We were wondering if this is still an issue
> for you. Can you try with the latest Ubuntu release? Thanks in advance.

The above is the standard response for old untouched bugs:

https://wiki.ubuntu.com/Bugs/Responses#Old%20untouched%20bugs

and is appropriate for "Old new bugs that haven't been touched in a quite
a while and you are unable to recreate the bug."

Please try to recreate the bug before triaging in this way.

Ryan

I'm sorry, I don't have access to a computing environment with LDAP or other network based authentication systems that I can test this bug in.
The bug was still sitting in a New status. If this is still a problem, then please just say so and I will update the bug accordingly, there is no need to be rude.
Thank you.

On Sun, Feb 22, 2009 at 08:38:07PM -0000, Connor Imes wrote:
> I'm sorry, I don't have access to a computing environment with LDAP or
> other network based authentication systems that I can test this bug in.
> The bug was still sitting in a New status. If this is still a problem,
> then please just say so and I will update the bug accordingly, there is
> no need to be rude.

I did not intend to be rude, I was just reminding you of the appropriate
way to triage bugs. If you do not have access to an environment with LDAP
you should not be triaging LDAP-related bugs. I'm sure there are many
other deserving packages on launchpad within your area of expertise that
could use your triaging.

As for the current state of this bug, you can see from both the ChangeLog
and the source code that it has not been resolved.

Ryan

Ok, based on your comments I will mark this bug as Confirmed so it's not stuck in the New status. It is still a Wishlist item.

Just as a FYI, many triagers on Launchpad are not necessarily FOSS developers, it is a community driven effort. Being able to reproduce bugs is also not usually a requirement for triage. As part of this weekend's Global Bug Jam, I elected to respond to old bugs in an effort to determine if they are still relevant, and this one had not been touched in 2 1/2 years.

Thank you for your responses, hopefully support for this bug's request can be added sometime.

There is currently no effort to get a better support for LDAP in shadow.
(patch welcome, though)

LDAP is currently supported by shadow only when the libc (NSS) or PAM provides support for LDAP.

IIRC libc developpers were already not very happy having to support LDAP (or maybe even shadow files).
And the only write operation PAM supports is for writting passwords (I don't think it will ever change).

IMHO it would be better to have wrappers like adduser to support different type of database.

If somebody wants to work on LDAP support, pwdutils might give some ideas for starting. (IIRC it used to be the same code base or shared some APIs, and it supports LDAP)