[Bug 1646954] Re: Sync to Debian for -ldap, drop Ubuntu's -auth-client

[Andreas Hasenack]

Off the top of my head, I think the config file change is more problematic and less desirable:
- we are following upstream here by using /etc/ldap.{conf,secret}
- if we go back to adopting debian's patch, that means more config files for the user to change: /etc/libpam-ldap.{conf,secret} and /etc/libnss-ldap.{conf,secret}. 4 in total, with duplicated information
- this complicates the upgrade path: two config files need to be split into 4
- honestly, I believe upstream is correct here

Do you have rewritten documentation or a guide that shows how to use
sssd? Out of the box it doesn't work, for example. It doesn't even have
a config file to start with. Ideally we should have a wizard for it, or
debconf questions, just like we have today for lib{nss,pam}-ldap.

Anyway, this bug is not the right forum to discuss it :) Could you start
a thread in the ubuntu-server@ mailing list perhaps?

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1646954

Title:
  Sync to Debian for -ldap, drop Ubuntu's -auth-client

Status in ldap-auth-client package in Ubuntu:
  New

Bug description:
  Steps
  Sync libnss-ldap with Debian unstable (265-5)
  Sync libpam-ldap with Debian unstable (tested with 186-3 now 186-4)
  Remove src:ldap-auth-client from artful archive (and binaries ldap-auth-config, ldap-auth-client)
   * Justification - Ubuntu specific, last updated 20 Dec 2011 to make it arch foreign.  Last real update 11 Jul 2008.
  Remove src/bin:auth-client-config
   * Justification - Ubuntu specific, last updated 17 Dec 2011 to make it build with dh_python2. Last real updated 11 Jul 2008.

  sssd is by far our recommended way to do ldap auth today. We
  previously dropped to universe with the plan to drop like above some
  time after 16.04 (see bug 1408478)

  These are all related because the majority (All?) of the diffs for
  libnss-ldap/libpam-ldap is to split them up to use the two Ubuntu
  specific packages.  As we no longer maintain them, we should drop them
  and revert back to the Debian builds.

  $ reverse-depends src:auth-client-config
  No reverse dependencies found
  $ reverse-depends -b src:auth-client-config
  No reverse dependencies found
  $ reverse-depends src:ldap-auth-client
  Reverse-Recommends
  ==================
  * libnss-ldap                   (for ldap-auth-config) [Will be fixed by sync]

  Reverse-Depends
  ===============
  * libpam-ldap                   (for ldap-auth-config) [Will be fixed by sync]
  $ reverse-depends -b src:ldap-auth-client
  No reverse dependencies found

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ldap-auth-client/+bug/1646954/+subscriptions