231278 – net/nss-pam-ldapd: permission error for /var/run/nslcd.ctl

Bug 231278 - net/nss-pam-ldapd: permission error for /var/run/nslcd.ctl

Summary: net/nss-pam-ldapd: permission error for /var/run/nslcd.ctl

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Ryan Steinmetz

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-09-10 06:53 UTC by Matthias Pfaller
Modified:	2018-09-10 16:32 UTC (History)
CC List:	0 users

See Also:

Flags:	bugzilla: maintainer-feedback? (zi)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Pfaller 2018-09-10 06:53:22 UTC

After upgrading to nss-pam-ldapd-0.9.10 starting nslcd results in:
bind() to /var/run/nslcd.ctl failed: Permission denied

This can be worked around by removing the
 uid nslcd
 gid nslcd
lines in /usr/local/etc/nslcd.conf.
With 0.9.9 this used to work.

Comment 1 commit-hook freebsd_committer

2018-09-10 16:31:29 UTC

A commit references this bug:

Author: zi
Date: Mon Sep 10 16:30:51 UTC 2018
New revision: 479439
URL: https://svnweb.freebsd.org/changeset/ports/479439

Log:
  - Resolve socket permission issues
  - Bump PORTREVISION

  PR:		231278 [1]
  Reported by:	Matthias Pfaller <matthias.pfaller@familie-pfaller.de> [1], Johan Hendriks <joh.hendriks@gmail.com>

Changes:
  head/net/nss-pam-ldapd/Makefile
  head/net/nss-pam-ldapd/files/nslcd.in

Comment 2 Ryan Steinmetz freebsd_committer

2018-09-10 16:32:12 UTC

Just to be clear: it is not recommended to remove the uid/gid lines as this will cause nslcd to not drop privs and continue to run as root.