ldapscripts doesn't use /etc/ldap.secret correctly

Bug #1090328 reported by Giacomo Orlandi on 2012-12-14
22
This bug affects 5 people
Affects Status Importance Assigned to Milestone
ldapscripts (Ubuntu)
Undecided
Unassigned

Bug Description

Hi there,

ldapscripts by default tries to use /etc/ldap.secret generated by libnss-ldap, but it fails because it contains a trailing new line.
This is the error found in /var/log/ldapscripts.log:
ldap_bind: Invalid credentials (49)

Affected version: 2.0.1-1ubuntu1 shipped with precise

That's because /etc/ldap.secret is created by libnss-ldap with a trailing new line, which is not compatible with ldapadd.
I can think of 3 possible solutions:
1) strip that new line in /usr/share/ldapscripts/runtime.debian
2) change the libnss-ldap package to save the password in /etc/ldap.secret without the new line
3) drop the support for this feature, so don't even try to use /etc/ldap.secret and update /usr/share/ldapscripts/runtime.debian, /etc/ldapscripts/ldapscripts.conf and the documentation accordingly

Imho removing this feature (solution 3) would be a bit of a shame as it almost works.

Thanks,

Giacomo

description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ldapscripts (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers