This bit us on trial upgrades to Squeeze, and as this has not yet been
fixed I would strongly recommend a section in the release notes on
"Possible issues during upgrade" or "Issues to be aware of for squeeze",
perhaps along the following lines:
"libnss-ldap and libpam-ldap: updates to the cryptography libraries mean
that any programs which attempt to change their effective privileges,
including sudo(8), may fail when libnss-ldap is configured to use an LDAP
server using TLS or SSL.
To work around this problem, you can replace libnss-ldap with
libnss-ldapd, a newer library which uses separate daemon (nslcd) for all
LDAP lookups. The replacement for libpam-ldap is libpam-ldapd.
Note that libnss-ldapd recommends the NSS caching daemon, nscd, which you
should evaluate for suitability in your environment before installing.
Further information is available in bugs #566351 and #545414."
UCC Wheel Member
To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact email@example.com