« back to all changes in this revision
Viewing changes to debian/nslcd.postinst
- Committer: Bazaar Package Importer
- Date: 2010-05-08 12:00:00 UTC
- Revision ID: james.westby@ubuntu.com-20100508120000-7hue9o7rqox4ih4q
* fix a buffer overflow that should have no security consequences
* perform proper fail-over when authenticating in the PAM module
(closes: #577593)
* add an nss_initgroups_ignoreusers option to ignore user name to group
lookups for the specified users
* add an pam_authz_search option to perform a flexible authorisation check
on login (e.g. to restrict which users can login to which hosts, etc)
* implement a minimum_uid option for the PAM module to ignore users that
have a lower numeric user id and make 1000 the default value for Debian
(closes: #579574)
* change the way retries are done to error out quicker if the LDAP server
is down for some time (this should make the system more responsive when
the LDAP server is unavailable) and rename the reconnect_maxsleeptime
option to reconnect_retrytime to better describe the behaviour
* only log "connected to LDAP server" if the previous connection failed
(closes: #483795)
* documentation improvements
* debian/nslcd.config: also parse /etc/ldap.conf for systems that put NSS
and PAM configuration there
* perform proper fail-over when authenticating in the PAM module
(closes: #577593)
* add an nss_initgroups_ignoreusers option to ignore user name to group
lookups for the specified users
* add an pam_authz_search option to perform a flexible authorisation check
on login (e.g. to restrict which users can login to which hosts, etc)
* implement a minimum_uid option for the PAM module to ignore users that
have a lower numeric user id and make 1000 the default value for Debian
(closes: #579574)
* change the way retries are done to error out quicker if the LDAP server
is down for some time (this should make the system more responsive when
the LDAP server is unavailable) and rename the reconnect_maxsleeptime
option to reconnect_retrytime to better describe the behaviour
* only log "connected to LDAP server" if the previous connection failed
(closes: #483795)
* documentation improvements
* debian/nslcd.config: also parse /etc/ldap.conf for systems that put NSS
and PAM configuration there
- files modified:
- ChangeLog
added
removed
debian/nslcd.postinst
