likewise-open does not play nicely with diacritic characters in domain entities on 11.04
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
likewise-open (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: likewise-open
Let me start by explaining the system details and observed behavior. We are running ejabberd on Ubuntu 11.04 and have it interface with PAM - and thus pam_lsass from likewise-open - to authenticate domain users.
The system is fully up-to-date as of now.
Interestingly we got the PAM authentication to work for some users, but it "mysteriously" failed for others. It turned out, that those failing where failing with LW_ERROR_
The OUs - of which some also contain diacritic characters - don't seem to matter. However, the security groups and even the full name of the account owners did matter.
Sifting through a clone of the Likewise repo, I figured that the issue is likely conversion *from* UTF-16 to the MBCS of the process, though the same error is returned by the inverse operation as well. Since LANG defaults to "C" I figured that I had to pass the proper setting to the lsassd process. Proper being any UTF-8 locale, in my case I set LANG=en_US.UTF-8. This was done by modifying /usr/lib/
LANG=en_US.UTF-8
export LANG
This completely resolved the issue.
I would like to propose that the package maintainer consider using /etc/default/lwsmd to provide a less intrusive means of fixing such behavior on Debian/Ubuntu in future.
Please let me know if anything is missing or unclear.
Best regards,
// Oliver
------
[2] root@jabber:
Description: Ubuntu 11.04
Release: 11.04
[2] root@jabber:
likewise-open:
Installed: 6.0.0.53010-
Candidate: 6.0.0.53010-
Version table:
*** 6.0.0.53010-
500 http://
100 /var/lib/
description: | updated |
Changed in likewise-open (Ubuntu): | |
status: | New → Confirmed |
Hi there. Recently an upgrade to the likewise package was released. Of course this bombed my little fix. So I checked at what points I could abuse existing functionality without changing the behavior of the script otherwise. One thing I wanted to avoid, for example, was to lure the script into thinking it was running on a different system version than it is running.
It turns out that /usr/lib/ likewise- open/init- base.sh sources - unconditionally - the file /etc/rc.subr, which is only relevant on some BSD systems and as far as I could tell not used on the Linux distros we're using. So what I did was to create this file with only the following two lines:
LANG=en_US.UTF-8
export LANG
This is not invasive at all and it should survive the next upgrade of likewise.