[PC-BSD Testing] System Ports Clobbering and LDAP oh my!

Kris Moore kris at pcbsd.org
Wed Jun 6 06:25:27 PDT 2012


On 06/05/2012 14:35, Eric Crist wrote:
> Kris, all,
>
> I was asked to post this here, so please feel free to direct all flames toward Dru.  It's her fault. :)
>
> We have a couple PC-BSD systems that were installed and configured back in the middle of December, 2011.  The configuration included all my rain dances to get LDAP configured for authentication, groups, and sudo.  Today, upon doing what ever updates were needed between December 15 and now, all off our PAM configs were reset, and a series of ports we installed in base, were removed.  This includes pam_ldap, nss_ldap, pam_mkhomedir, and others.
>
> I think the update procedure should do similar to mergemaster, and if a file has been changed, leave it alone.  The end result today was a user, after applying system updates, could not get into their own system.  We do not give out the system root credentials.
>
> Please let me know what the canonical way to do these configurations is, or what I can do to help you develop an update mechanism that is a bit more safe.
>
> Cheers
> -----
> Eric F Crist
>
>
>

I'll be happy to give you a hand with this. What kind of updates did you
specifically do? Did you go from 9.0 -> 9-STABLE? Or was it just the
"freebsd-update" stuff that was applied? I've not issued any patches for
9.0 which monkey around in /etc yet.

-- 
Kris Moore
PC-BSD Software
iXsystems



More information about the Testing mailing list