cpu-users Mailing List for Change Password Utility (Page 4)
Brought to you by:
matheny
Menu
▾
▴
cpu-users — Anything cpu related
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
(1) |
Mar
(19) |
Apr
(6) |
May
(10) |
Jun
(7) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
|
Feb
(10) |
Mar
(6) |
Apr
(16) |
May
(6) |
Jun
(8) |
Jul
(1) |
Aug
(5) |
Sep
(35) |
Oct
(14) |
Nov
(1) |
Dec
(4) |
| 2004 |
Jan
(3) |
Feb
(5) |
Mar
(9) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Needham, P. <phi...@qw...> - 2003-07-09 18:36:11
|
I have thus far been unsuccessful getting cpu to build properly on Solaris. Do you know of anyone who has? Hopefully they can tell me what I've been doing wrong. CPU looks like a strong tool, and would be very useful in our transition to ldap-based authentication. Thanks, Phillip |
|
From: Blake M. <bma...@pu...> - 2003-06-27 15:29:53
|
Hello Everyone, I'm trying to get cpu 1.4 out the door in the next week or so. There are several bug fixes in CVS, and some new features since 1.3.100. I still need to take care of a couple of user requests, but I think those shouldn't take too much time. For a while now, CPU has had the ability to have modules written for it to support other backends. The 'flatfile' backend has been in a mostly broken, but partially implemented state for some time now. If anyone is interested in finishing it, please let me know. It's not a tremendous amount of code, and the effort that implementation will take isn't taxing. That would be really great to have done for 1.4. Also, someone asked me the other day if CPU could support attributes other than those specified by RFC 2307. For some time now there has been a -a FILENAME switch, where you can specify an LDIF file to add along with that user or group. You don't have to specify the DN in the file, since it has already been built by the time the file is parsed. So you can add samba/nt/etc attributes for all your users. Thanks. -Blake -- Blake Matheny "... one of the main causes of the fall of the bma...@pu... Roman Empire was that, lacking zero, they had http://www.dbaseiv.net no way to indicate successful termination of http://ovmj.org/GNUnet/ their C programs." --Robert Firth |
|
From: Paul S. <pa...@nf...> - 2003-06-25 07:11:10
|
Alan Harper wrote: > >> >> Also, cpu has the ability to take users (and maybe groups as well) and >> import >> them from your existing flatfiles to your LDAP directory. Just thought >> people >> might want to know that. Good luck. > > How do you do this? Its my preference, the migrationtools scripts have > too much other stuff I dont use The fine cpu-ldap manual reads just fine. i.e. cpu --passfile=/etc/passwd --shadfile=/etc/shadow useradd someuser Using longopts could be a problem if you're using <= 1.3.100. The short version is well tested: cpu -F/etc/passwd -S/etc/shadow useradd someuser If your /etc/cpu.conf points to the correct passwd/shadow file you could even do: cpu -F -S useradd someuser -- ________________________________________________________________ Paul Stevens mailto:pa...@nf... NET FACILITIES GROUP PGP: finger pa...@nf... The Netherlands________________________________http://www.nfg.nl |
|
From: Alan H. <al...@au...> - 2003-06-25 03:38:26
|
> >Also, cpu has the ability to take users (and maybe groups as well) and import >them from your existing flatfiles to your LDAP directory. Just thought people >might want to know that. Good luck. How do you do this? Its my preference, the migrationtools scripts have too much other stuff I dont use |
|
From: Paul S. <pa...@nf...> - 2003-06-23 20:26:20
|
Blake Matheny wrote: > Well, by default, the cpu.conf file shouldn't work for anyone :-) After all, > your DIT is very much installation specific. In any case, most of the time > issues have to do with a bad configuration, although occasionally (Paul would > probably say frequently) it is a valid bug. Ah yes, well that's what you get from rolling out cpu-based usermanagement in a production environment. I think cpu is just great. On a different note; I'm trying to update the cpu debian packages as available on debian.nfgd.net to include your recent bugfixes. Given the current sorry state of anonymous cvs access at sf.net I was wondering if it would be possible for you to somehow publish a snapshot tarball. It seems the good people at osdn won't have anonymous access running at a workable service level until somewhere in august. -- ________________________________________________________________ Paul Stevens mailto:pa...@nf... NET FACILITIES GROUP PGP: finger pa...@nf... The Netherlands________________________________http://www.nfg.nl |
|
From: Kevin M. <ke...@eo...> - 2003-06-23 16:27:59
|
Blake Matheny wrote: > In this case I would agree, check > your config and let us know! Yep, the 'Groups' vs. 'Group' thing was what bit me. Now everything is working correctly. -- Kevin Murphy |
|
From: Blake M. <bma...@pu...> - 2003-06-23 16:01:11
|
Well, by default, the cpu.conf file shouldn't work for anyone :-) After all, your DIT is very much installation specific. In any case, most of the time issues have to do with a bad configuration, although occasionally (Paul would probably say frequently) it is a valid bug. In this case I would agree, check your config and let us know! Also, cpu has the ability to take users (and maybe groups as well) and import them from your existing flatfiles to your LDAP directory. Just thought people might want to know that. Good luck. -Blake Whatchu talkin' 'bout, Willis? > > I used the migrate_all_offline.sh from the padl.com migration tools > > package to import my existing accounts into the ldap directory. slapd > > was not running while the migrate script ran. > > > > I installed cpu-1.3.100 from source. > > > > When I run 'cpu cat' it outputs the user accounts, but seems to choke > > trying to list groups: > > > > User Accounts > > root:x:0:0:root:/root:/bin/bash > > bin:x:1:1:bin:/bin:/sbin/nologin > > daemon:x:2:2:daemon:/sbin:/sbin/nologin > > adm:x:3:4:adm:/var/adm:/sbin/nologin > > <tons of users snipped> > > somelocaluser:x:517:517::/home/somelocaluser:/bin/bash > > ldap: ldapCat: ldap_search_st: No such object > > matched DN: "dc=mydomain,dc=com" > > ldap: CPU_init: Error in ldapOperation. > Check your cpu.conf, the padl scripts put the groups into > ou=Group,dc=mydomain,dc=com > whereas cpu by default looks at ou=Groups,dc=mydomain,dc=com > > > > There's a similar error when trying to add a new account: > > > > # cpu useradd test > > > > ldap: getNextGid: ldap_search_st: No such object > > matched DN: "dc=mydomain,dc=com" > > ldap: CPU_init: Error in ldapOperation. > > > > Domain names have been changed to protect the ignorant. :-) > > > > Any clues? > > > > -- > > Kevin Murphy -- Blake Matheny "... one of the main causes of the fall of the bma...@pu... Roman Empire was that, lacking zero, they had http://www.mkfifo.net no way to indicate successful termination of http://ovmj.org/GNUnet/ their C programs." --Robert Firth |
|
From: Alan H. <al...@au...> - 2003-06-22 06:15:09
|
> I used the migrate_all_offline.sh from the padl.com migration tools > package to import my existing accounts into the ldap directory. slapd > was not running while the migrate script ran. > > I installed cpu-1.3.100 from source. > > When I run 'cpu cat' it outputs the user accounts, but seems to choke > trying to list groups: > > User Accounts > root:x:0:0:root:/root:/bin/bash > bin:x:1:1:bin:/bin:/sbin/nologin > daemon:x:2:2:daemon:/sbin:/sbin/nologin > adm:x:3:4:adm:/var/adm:/sbin/nologin > <tons of users snipped> > somelocaluser:x:517:517::/home/somelocaluser:/bin/bash > ldap: ldapCat: ldap_search_st: No such object > matched DN: "dc=mydomain,dc=com" > ldap: CPU_init: Error in ldapOperation. Check your cpu.conf, the padl scripts put the groups into ou=Group,dc=mydomain,dc=com whereas cpu by default looks at ou=Groups,dc=mydomain,dc=com > > There's a similar error when trying to add a new account: > > # cpu useradd test > > ldap: getNextGid: ldap_search_st: No such object > matched DN: "dc=mydomain,dc=com" > ldap: CPU_init: Error in ldapOperation. > > Domain names have been changed to protect the ignorant. :-) > > Any clues? > > -- > Kevin Murphy > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Cpu-users mailing list > Cpu...@li... > https://lists.sourceforge.net/lists/listinfo/cpu-users |
|
From: Kevin M. <ke...@eo...> - 2003-06-21 18:24:32
|
Hi folks, I'm attempting to migrate a Redhat 7.3 installation from files to ldap authentication. I've got the following ldap packages installed: openldap-clients-2.0.27-2.7.3 nss_ldap-189-4 openldap-devel-2.0.27-2.7.3 openldap12-1.2.13-8 openldap-2.0.27-2.7.3 openldap-servers-2.0.27-2.7.3 I used the migrate_all_offline.sh from the padl.com migration tools package to import my existing accounts into the ldap directory. slapd was not running while the migrate script ran. I installed cpu-1.3.100 from source. When I run 'cpu cat' it outputs the user accounts, but seems to choke trying to list groups: User Accounts root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin <tons of users snipped> somelocaluser:x:517:517::/home/somelocaluser:/bin/bash ldap: ldapCat: ldap_search_st: No such object matched DN: "dc=mydomain,dc=com" ldap: CPU_init: Error in ldapOperation. There's a similar error when trying to add a new account: # cpu useradd test ldap: getNextGid: ldap_search_st: No such object matched DN: "dc=mydomain,dc=com" ldap: CPU_init: Error in ldapOperation. Domain names have been changed to protect the ignorant. :-) Any clues? -- Kevin Murphy |
|
From: Blake M. <bma...@pu...> - 2003-05-16 18:34:46
|
Hello All, I just put the finishing touches on version 1.3.100. This release includes support for TLS, POSIX user and group names, LDIF support, and many bug fixes. Thanks to everyone who tested and reported, I appreciate it. -Blake |
|
From: Blake M. <bma...@pu...> - 2003-05-01 20:24:46
|
Under the [LDAP] section, you should have LDAP_URI. Check cpu.conf.doc, it has some comments about this. -Blake Paul Stevens wrote: > > Blake, > > I can confirm it works. Great, 'cause I really hate sasl. > > Only issue I have: how to specify the URI in the cpu.conf > > this works: > > cpu -x -Z ldap://ldap.nfg.nl cat > > but this fails: > > cpu -x cat > > even though cpu.conf reads: > > URI = "ldap://ldap.nfg.nl" > > what am I doing wrong here. > > > > Blake Matheny wrote: > >> Hello Everyone, >> I just applied a patch to CVS that allows people to use TLS for their >> administration sessions. This patch was provided by Jeff Clark, which >> I greatly appreciate. If you could test out CVS (and specifically the >> TLS support) and let me know if you find bugs, I would appreciate it. >> To enable TLS, specify '-x' at the command line. To specify the URI at >> the command line, use the '-Z' switch, or supply the URI and cpu.conf. >> >> -Blake >> >> >> >> ------------------------------------------------------- >> This sf.net email is sponsored by:ThinkGeek >> Welcome to geek heaven. >> http://thinkgeek.com/sf >> _______________________________________________ >> Cpu-users mailing list >> Cpu...@li... >> https://lists.sourceforge.net/lists/listinfo/cpu-users >> > > |
|
From: Blake M. <bma...@pu...> - 2003-05-01 20:23:52
|
Please feel free to post to the mailing list, I hate the forums. When you compile CPU, be sure to run ./configure --with-ldap That should fix your original error. Thanks. -Blake Nia...@be... wrote: > Hi Mathew, > I aplogise for this email, biut I wasn't sure as to how active the forums > are..I work in a hospital and we are going open source, all employees will > be stored in openldap, we are trying to implement cpu to encrypt the > employee passwords... > > I have tried to install the latest builds, but there appears to be a lib > file missing, post the install on running cpu, I get the following error... > > CPU_LoadLibrary: dlopen(libcpu_ldap.so,RTLD_NOW) failed > > CPU_LoadLibrary:libcpu_ldap.so:cannot open shared object file: no such file > or directory... > There was an error loadning the ldap directory. Exiting > > So tactics were to revert back to a previous working version of cpu..which > installed fine but when I execute cpu it stops the ldap server..... > > any advice much appreciated.... > > thank you in advance, > Niambh Scullion > > > > > > > > > > ----------------------- D I S C L A I M E R --------------------- > > The opinions, conclusions and other information expressed in the above > message, or contained within attachments to the above message, are not > given or endorsed by Beaumont Hospital unless otherwise indicated by an > authorised representative independent of this message. > > This e-mail message and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this e-mail in error please notify > the system manager. > > This e-mail has been scanned for viruses. > > ------------------------------------------------------------------ > |
|
From: Blake M. <bma...@pu...> - 2003-05-01 20:21:11
|
Fixed, apologies.
-Blake
Paul Stevens wrote:
> Blake Matheny wrote:
>
>> Hello Paul,
>> I looked at the posix specs, and according to them the character class
>> [A-Za-z0-9._-] is legal for a username, and the hyphen should not be
>> the first character of the username. I have fixed this in CVS. Thanks.
>
>
> Which broke cpu all together due to inverted boolean logic.
>
> I'm even getting some gdb practice off cpu :-)
>
> I think the following patch will fix this.
>
>
> Index: src/plugins/ldap/commandline.c
> ===================================================================
> RCS file: /cvsroot/cpu/cpu/src/plugins/ldap/commandline.c,v
> retrieving revision 1.9
> diff -u -r1.9 commandline.c
> --- src/plugins/ldap/commandline.c 29 Apr 2003 23:19:53 -0000 1.9
> +++ src/plugins/ldap/commandline.c 30 Apr 2003 08:27:21 -0000
> @@ -361,9 +361,9 @@
> return -1;
> }
> }
> - if ( !isalnum(argv[optind+1][k]) ||
> - argv[optind+1][k] != '.' ||
> - argv[optind+1][k] != '-' ||
> + if ( !isalnum(argv[optind+1][k]) &&
> + argv[optind+1][k] != '.' &&
> + argv[optind+1][k] != '-' &&
> argv[optind+1][k] != '_' )
> {
> CTEST();
>
>>
>> -Blake
>>
>> Paul Stevens wrote:
>>
>>>
>>> Blake,
>>>
>>> I would propose a small fix that will close bug #729512 as I've
>>> submitted today.
>>>
>>> I think dashes and numericals are perfectly valid in usernames and
>>> groupnames since they are valid in passwd as well.
>>>
>>> I'm not much of a c-coder, though.
>>>
>>>
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> Index: src/plugins/ldap/commandline.c
>>> ===================================================================
>>> RCS file: /cvsroot/cpu/cpu/src/plugins/ldap/commandline.c,v
>>> retrieving revision 1.7
>>> diff -u -r1.7 commandline.c
>>> --- src/plugins/ldap/commandline.c 25 Apr 2003 20:51:45 -0000 1.7
>>> +++ src/plugins/ldap/commandline.c 29 Apr 2003 12:56:11 -0000
>>> @@ -342,7 +342,7 @@
>>> string */
>>> for ( k = 0; k < strlen(argv[optind+1]); k++ )
>>> {
>>> - if ( !isalpha(argv[optind+1][k]) )
>>> + if ( !isalnum(argv[optind+1][k]) && !ispunct(argv[optind+1][k]) )
>>> {
>>> CTEST();
>>> printHelp(operation);
>>
>>
>>
>>
>>
>>
>> -------------------------------------------------------
>> This sf.net email is sponsored by:ThinkGeek
>> Welcome to geek heaven.
>> http://thinkgeek.com/sf
>> _______________________________________________
>> Cpu-users mailing list
>> Cpu...@li...
>> https://lists.sourceforge.net/lists/listinfo/cpu-users
>>
>
>
|
|
From: Ken K. <ke...@cs...> - 2003-05-01 18:23:22
|
Hi.... Downloaded and installed new version of cpu (via CVS). Attempt to try with URI/TLS gives me JUST /etc/passwd style output, no group output and more importantly (badly), a library error for libcpu_ldap.so and libgdbm.so.2. The same errors occur when I use non-tls (i.e. cpu -w cat) I've attached command output and ls -l of my libs. Can you help? Thanks.. # cpu -Z ldaps://ldapservername -w cat CPU_init: ldap: module loaded successfully ldap: parseCommand Please enter the LDAP bind password: password-entered-here User Accounts /etc/passwd style ACCOUNTS LISTED HERE.... ldap: ldapCat: ldap_search_st: No such object matched DN: "dc=cs,dc=uml,dc=edu" ldap: CPU_init: Error in ldapOperation. CPU_unloadLibrary: dlclose(libcpu_ldap.so) failed. CPU_unloadLibrary: /usr/lib/libgdbm.so.2: shared object not open There was an error unloading the libcpu_ldap.so library. Exiting. Output of ls -l /usr/local/lib/*ldap* ------------------------------------- -rw-r--r-- 1 root root 250304 May 1 14:06 /usr/local/lib/libcpu_ldap.a -rwxr-xr-x 1 root root 849 May 1 14:06 /usr/local/lib/libcpu_ldap.la lrwxrwxrwx 1 root root 20 May 1 14:06 /usr/local/lib/libcpu_ldap.so -> libcpu_ldap.so.0.0.0 lrwxrwxrwx 1 root root 20 May 1 14:06 /usr/local/lib/libcpu_ldap.so.0 -> libcpu_ldap.so.0.0.0 -rwxr-xr-x 1 root root 102940 May 1 14:06 /usr/local/lib/libcpu_ldap.so.0.0.0 Output of ls -l /usr/lib/*gdbm* ------------------------------- -rw-r--r-- 1 root root 52594 Mar 26 2002 /usr/lib/libgdbm.a -rwxr-xr-x 1 root root 692 Mar 26 2002 /usr/lib/libgdbm.la lrwxrwxrwx 1 root root 16 Aug 16 2002 /usr/lib/libgdbm.so -> libgdbm.so.2.0.0 lrwxrwxrwx 1 root root 16 Aug 16 2002 /usr/lib/libgdbm.so.2 -> libgdbm.so.2.0.0 -rwxr-xr-x 1 root root 30006 Mar 26 2002 /usr/lib/libgdbm.so.2.0.0 -- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ke...@cs... |
|
From: Paul S. <pa...@nf...> - 2003-05-01 13:21:06
|
Blake, I can confirm it works. Great, 'cause I really hate sasl. Only issue I have: how to specify the URI in the cpu.conf this works: cpu -x -Z ldap://ldap.nfg.nl cat but this fails: cpu -x cat even though cpu.conf reads: URI = "ldap://ldap.nfg.nl" what am I doing wrong here. Blake Matheny wrote: > Hello Everyone, > I just applied a patch to CVS that allows people to use TLS for their > administration sessions. This patch was provided by Jeff Clark, which I > greatly appreciate. If you could test out CVS (and specifically the TLS > support) and let me know if you find bugs, I would appreciate it. To > enable TLS, specify '-x' at the command line. To specify the URI at the > command line, use the '-Z' switch, or supply the URI and cpu.conf. > > -Blake > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Cpu-users mailing list > Cpu...@li... > https://lists.sourceforge.net/lists/listinfo/cpu-users > -- ________________________________________________________________ Paul Stevens mailto:pa...@nf... NET FACILITIES GROUP PGP: finger pa...@nf... The Netherlands________________________________http://www.nfg.nl |
|
From: Ken K. <ke...@cs...> - 2003-04-30 19:43:44
|
Sorry for the waste of bandwidth - my bad. The bootstrap utility is what I needed. I had older versions of autoconf, etc that caused bootstrap to not do anything, hence I assumed things were broken. > > Hi... > > I am a new CVS user, and not sure if I checked out right. > > I did : > > cvs -d:pserver:ano...@cv...:/cvsroot/cpu login > > cvs -z3 -d:pserver:ano...@cv...:/cvsroot/cpu co cpu > > cvs update -dP > > There is no 'configure' in my source root. Am I missing something? > > Thanks.... > > > -- > <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< > > Ken Kleiner > System Manager > Computer Science Department > Umass Lowell > > voice : 978 934 3645 > fax : 978 934 3551 > > cell : 603 930 5582 (emergencies only, please) > > ke...@cs... > > > > > Hello Everyone, > > I just applied a patch to CVS that allows people to use TLS for their > > administration sessions. This patch was provided by Jeff Clark, which I > > greatly appreciate. If you could test out CVS (and specifically the TLS > > support) and let me know if you find bugs, I would appreciate it. To > > enable TLS, specify '-x' at the command line. To specify the URI at the > > command line, use the '-Z' switch, or supply the URI and cpu.conf. > > > > -Blake > > > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > Cpu-users mailing list > > Cpu...@li... > > https://lists.sourceforge.net/lists/listinfo/cpu-users > > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Cpu-users mailing list > Cpu...@li... > https://lists.sourceforge.net/lists/listinfo/cpu-users > -- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ke...@cs... |
|
From: Ken K. <ke...@cs...> - 2003-04-30 17:55:41
|
Hi... I am a new CVS user, and not sure if I checked out right. I did : cvs -d:pserver:ano...@cv...:/cvsroot/cpu login cvs -z3 -d:pserver:ano...@cv...:/cvsroot/cpu co cpu cvs update -dP There is no 'configure' in my source root. Am I missing something? Thanks.... -- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ke...@cs... > > Hello Everyone, > I just applied a patch to CVS that allows people to use TLS for their > administration sessions. This patch was provided by Jeff Clark, which I > greatly appreciate. If you could test out CVS (and specifically the TLS > support) and let me know if you find bugs, I would appreciate it. To > enable TLS, specify '-x' at the command line. To specify the URI at the > command line, use the '-Z' switch, or supply the URI and cpu.conf. > > -Blake > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Cpu-users mailing list > Cpu...@li... > https://lists.sourceforge.net/lists/listinfo/cpu-users > |
|
From: Paul S. <pa...@nf...> - 2003-04-30 08:32:36
|
Blake Matheny wrote:
> Hello Paul,
> I looked at the posix specs, and according to them the character class
> [A-Za-z0-9._-] is legal for a username, and the hyphen should not be the
> first character of the username. I have fixed this in CVS. Thanks.
Which broke cpu all together due to inverted boolean logic.
I'm even getting some gdb practice off cpu :-)
I think the following patch will fix this.
Index: src/plugins/ldap/commandline.c
===================================================================
RCS file: /cvsroot/cpu/cpu/src/plugins/ldap/commandline.c,v
retrieving revision 1.9
diff -u -r1.9 commandline.c
--- src/plugins/ldap/commandline.c 29 Apr 2003 23:19:53 -0000 1.9
+++ src/plugins/ldap/commandline.c 30 Apr 2003 08:27:21 -0000
@@ -361,9 +361,9 @@
return -1;
}
}
- if ( !isalnum(argv[optind+1][k]) ||
- argv[optind+1][k] != '.' ||
- argv[optind+1][k] != '-' ||
+ if ( !isalnum(argv[optind+1][k]) &&
+ argv[optind+1][k] != '.' &&
+ argv[optind+1][k] != '-' &&
argv[optind+1][k] != '_' )
{
CTEST();
>
> -Blake
>
> Paul Stevens wrote:
>
>>
>> Blake,
>>
>> I would propose a small fix that will close bug #729512 as I've
>> submitted today.
>>
>> I think dashes and numericals are perfectly valid in usernames and
>> groupnames since they are valid in passwd as well.
>>
>> I'm not much of a c-coder, though.
>>
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> Index: src/plugins/ldap/commandline.c
>> ===================================================================
>> RCS file: /cvsroot/cpu/cpu/src/plugins/ldap/commandline.c,v
>> retrieving revision 1.7
>> diff -u -r1.7 commandline.c
>> --- src/plugins/ldap/commandline.c 25 Apr 2003 20:51:45 -0000 1.7
>> +++ src/plugins/ldap/commandline.c 29 Apr 2003 12:56:11 -0000
>> @@ -342,7 +342,7 @@
>> string */
>> for ( k = 0; k < strlen(argv[optind+1]); k++ )
>> {
>> - if ( !isalpha(argv[optind+1][k]) )
>> + if ( !isalnum(argv[optind+1][k]) && !ispunct(argv[optind+1][k]) )
>> {
>> CTEST();
>> printHelp(operation);
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Cpu-users mailing list
> Cpu...@li...
> https://lists.sourceforge.net/lists/listinfo/cpu-users
>
--
________________________________________________________________
Paul Stevens mailto:pa...@nf...
NET FACILITIES GROUP PGP: finger pa...@nf...
The Netherlands________________________________http://www.nfg.nl
|
|
From: Blake M. <bma...@pu...> - 2003-04-29 23:23:32
|
Hello Everyone, I just applied a patch to CVS that allows people to use TLS for their administration sessions. This patch was provided by Jeff Clark, which I greatly appreciate. If you could test out CVS (and specifically the TLS support) and let me know if you find bugs, I would appreciate it. To enable TLS, specify '-x' at the command line. To specify the URI at the command line, use the '-Z' switch, or supply the URI and cpu.conf. -Blake |
|
From: Blake M. <bma...@pu...> - 2003-04-29 23:19:05
|
Hello Paul,
I looked at the posix specs, and according to them the character class
[A-Za-z0-9._-] is legal for a username, and the hyphen should not be the
first character of the username. I have fixed this in CVS. Thanks.
-Blake
Paul Stevens wrote:
>
> Blake,
>
> I would propose a small fix that will close bug #729512 as I've
> submitted today.
>
> I think dashes and numericals are perfectly valid in usernames and
> groupnames since they are valid in passwd as well.
>
> I'm not much of a c-coder, though.
>
>
>
>
>
>
> ------------------------------------------------------------------------
>
> Index: src/plugins/ldap/commandline.c
> ===================================================================
> RCS file: /cvsroot/cpu/cpu/src/plugins/ldap/commandline.c,v
> retrieving revision 1.7
> diff -u -r1.7 commandline.c
> --- src/plugins/ldap/commandline.c 25 Apr 2003 20:51:45 -0000 1.7
> +++ src/plugins/ldap/commandline.c 29 Apr 2003 12:56:11 -0000
> @@ -342,7 +342,7 @@
> string */
> for ( k = 0; k < strlen(argv[optind+1]); k++ )
> {
> - if ( !isalpha(argv[optind+1][k]) )
> + if ( !isalnum(argv[optind+1][k]) && !ispunct(argv[optind+1][k]) )
> {
> CTEST();
> printHelp(operation);
|
|
From: Blake M. <bma...@pu...> - 2003-04-29 22:28:34
|
Did the mod work or not? That will tell me whether it's an issue with dlclose or the user_mod function. Thanks. -Blake Ken Kleiner wrote: > I installed CPU-1.3.99a today, config'd for my ldap and it seems > to work (at least usermod and cat). > > But - I get this error after succesfull operation of either usermod or cat. > (i.e. cpu usermod -c "NEW NAME" username): > > Thanks.... : > > User username successfully modified! > CPU_unloadLibrary: dlclose(libcpu_ldap.so) failed. > CPU_unloadLibrary: /usr/lib/libgdbm.so.2: shared object not open > There was an error unloading the libcpu_ldap.so library. Exiting. > > |
|
From: Ken K. <ke...@cs...> - 2003-04-29 20:55:58
|
I installed CPU-1.3.99a today, config'd for my ldap and it seems to work (at least usermod and cat). But - I get this error after succesfull operation of either usermod or cat. (i.e. cpu usermod -c "NEW NAME" username): Thanks.... : User username successfully modified! CPU_unloadLibrary: dlclose(libcpu_ldap.so) failed. CPU_unloadLibrary: /usr/lib/libgdbm.so.2: shared object not open There was an error unloading the libcpu_ldap.so library. Exiting. -- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ke...@cs... |
|
From: Paul S. <pa...@nf...> - 2003-04-29 13:01:39
|
Blake, I would propose a small fix that will close bug #729512 as I've submitted today. I think dashes and numericals are perfectly valid in usernames and groupnames since they are valid in passwd as well. I'm not much of a c-coder, though. -- ________________________________________________________________ Paul Stevens mailto:pa...@nf... NET FACILITIES GROUP PGP: finger pa...@nf... The Netherlands________________________________http://www.nfg.nl |
|
From: Blake M. <bma...@pu...> - 2003-04-25 20:54:21
|
Great, thanks Paul. I'll be sure to include that URL on future freshmeat releases. -Blake Paul Stevens wrote: > > Hi all, > > I've build new debian packages from scratch. I've also filed an ITP > bug since I intent to maintain this package for the forseable future. > I'm no official debian maintainer yet but intent to become one as > soon as I can get my gpg key signed. > > Add to your sources.list to give it a try: > > deb http://debian.nfgd.net/debian unstable/ > > And please let me know of any issues you may have with the build or > any objections to my intentions for becoming official debian > maintainer for this package. > > regards, > |
|
From: Blake M. <bma...@pu...> - 2003-04-25 20:53:29
|
Hi Paul, could you do me a favor and grab the latest CVS version? Then remove the changes you made to ldap.conf, and see if you still have the same issues, I think you won't. If that fixes the problem, I'll probably release a new version pretty soon since there are several changes in CVS, missing from CPU-1.3.99a. Thanks for the report. -Blake Paul Stevens wrote: > > Hi Blake, > > Thanks for the speedy reply. I've done some more testing. > > > Blake Matheny wrote: > >> What happens when you specify the user base with -U at the command line? > > > It lists the users just fine. Great. The grouplist is empty though. > Bummer. > > I've also tried specifying the groupbase as well. I get: > > slapd[14168]: conn=754 op=0 BIND dn="DC=NFG,DC=NL" method=128 > slapd[14168]: conn=754 op=0 RESULT tag=97 err=0 text= > slapd[14170]: conn=754 op=1 SRCH base="ou=People,dc=nfg,dc=nl" scope=2 > filter="(objectClass=posixAccount)" > slapd[14170]: conn=754 op=1 SEARCH RESULT tag=101 err=0 text= > slapd[13654]: conn=754 op=2 SRCH base="ou=People,dc=nfg,dc=nl" scope=2 > filter="(objectClass=posixGroup)" > slapd[13654]: conn=754 op=2 SEARCH RESULT tag=101 err=0 text= > slapd[13532]: conn=-1 fd=17 closed > > Mmm, looks like -B is ignored and the -U optvalue is used for the > groupbase. Let try. > > Yep, when I specify -U <groupbase> I do get the groups but an empty > userlist. > > But when I do -B <groupbase> I get an ldap_search_st: no such object > error. > > Looks like my build is seriously broken when it comes to reading the > config. Lets run a strace.... > > Ah problem solved, bug located :-) > > The machine I was testing this on didn't have a BASE defined in > /etc/ldap/ldap.conf. Defining the BASE makes cpu work as far as I can > tell. I never ran into this one before because pam-ldap and nss-ldap > worked just fine. > > > > > >> >> -Blake >> >> Paul Stevens wrote: >> >>> >>> Hi all, >>> >>> I've compiled and installed 1.3.99a >>> >>> I think I have it configured correctly but I keep getting >>> >>> #> cpu cat >>> ldap: ldapCat: ldap_search_st: No such object (32) >>> ldap: CPU_init: Error in ldapOperation. >>> #> >>> >>> Setting the debug level on my ldap server reveals: >>> >>> slapd[13539]: conn=113 op=0 BIND dn="DC=NFG,DC=NL" method=128 >>> slapd[13539]: conn=113 op=0 RESULT tag=97 err=0 text= >>> slapd[13654]: conn=113 op=1 SRCH base="" scope=2 >>> filter="(objectClass=posixAccount)" >>> slapd[13654]: conn=113 op=1 RESULT tag=101 err=32 text= >>> slapd[13532]: conn=-1 fd=9 closed >>> >>> even though I've set cpu.conf to read: >>> >>> BIND_DN = dc=nfg,dc=nl >>> BIND_PASS = xxxxxxx >>> USER_BASE = ou=People,dc=nfg,dc=nl >>> GROUP_BASE = ou=Groups,dc=nfg,dc=nl >>> USER_OBJECT_CLASS = posixAccount,shadowAccount,top >>> GROUP_OBJECT_CLASS = posixGroup,top >>> USER_FILTER = (objectClass=posixAccount) >>> GROUP_FILTER = (objectClass=posixGroup) >>> CN_STRING = cn >>> >>> Running >>> >>> ldapsearch -D dc=nfg,dc=nl -x -w xxxxxxx -b ou=People,dc=nfg,dc=nl >>> '(objectClass=posixAccount)' >>> >>> works just fine though. >>> >>> So why doesn't cpu sent the correct basedn ? >>> >>> >>> >> >> > > |
2 messages has been excluded from this view by a project administrator.
