Yesterday, excited, I’ve packed up libnss-ldap with the tool and a “quick & dirty” postinst script. I’ve packaged it not as a final version, even I’m not brave enough to check it with Linitan🙂 , But It doesn’t really matter, now I’m not worrying about the correction of the package. This is just a quick solution to test how the tool update-nsswitch works in a real environment.
well… dpkg -i libpam-libnss-260.deb
YEAH, It doesn’t work!!!
Why? some Troubles have been found on our update-nsswitch.pl
- – Cannot recognize and manage, when you try to use a DB that it doesn’t exist in the local nsswitch.conf
Here is a really common nsswitch.conf. If you use the tool calling it for updating the database (e.g sendmailvars) with the source (ldap) in the last position. The database doesn’t exist as seen above. Finish with non result without errors.
- When using an “after” or “before” source to determine the position of our new source, the pattern “match too much”. What’s that? If we have two sources with the pattern as part of its name, we have a trouble.
This is just an example, files3 and filesauth, are not a valid or real sources
If we try to update the hosts database positioning ldap before files
The result is.
- If we use an “after” or “before” source that it doesn’t exist at the line, it doesn’t do anything.
This condition will include that source in a default action that will be to be the last source on the line.
After this propably the tool will be 99.9% working. Except if any of my fixes make something buggy, this afternoon will be finished and tested, into the package we were talking about before.
Probably some issues have to be fixed with the other tool update-pam.d but now the work is to have a polite nsswitch updater and good postinst scripts.