Re: Problems with nss_ldap - where to start?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> On Thu, 17 Dec 2009, Devin Reade wrote:
>
>> If you're going to be doing LDAP-based authentication on the server
>> that is running the LDAP server, watch out for this bug, which has been
>> around since at least FC5.  It's still a problem as of FC10:
>> 	<https://bugzilla.redhat.com/show_bug.cgi?id=182464>
>
> I disagree that this is a bug. It's not a problem if you configure
> ldap.conf properly. For example, using
>
> nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus

Actually, if this is in a business setting, and esp. if they're in server
rooms, turn *off* avahi-daemon, and fix iptables so that there's no hole
for it.

       mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux