Ubuntu
nss-pam-ldapd package

non-root users can't query LDAP via nslcd starting in 21.04

Bug #1954997 reported by Aren Sandersen on 2021-12-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	nss-pam-ldapd (Ubuntu)	New	Undecided	Unassigned

Bug Description

The core issue is that /var/run/nslcd is created with 750, not 755.

nslcd.postinst creates /var/run/nslcd via adduser:

adduser --system --group --home /var/run/nslcd/ \
--gecos "nslcd name service LDAP connection daemon" \
nslcd

New in Ubuntu 21.04 is that HOME_MODE=750 is in login.defs. Now the permissions assigned to the /var/run/nslcd directory make it so non-root users can't communicate with nslcd via /var/run/nslcd/socket (so they can't run "getent passwd" and get any results from LDAP, for example).

See: https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734

Aren Sandersen (aren-5) on 2021-12-16

affects:

adduser (Ubuntu) → nss-pam-ldapd (Ubuntu)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntunss-pam-ldapd package

non-root users can't query LDAP via nslcd starting in 21.04

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
nss-pam-ldapd package