RSS feed

Re: Case sensitivity issue with ipProtocol

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Case sensitivity issue with ipProtocol

On Sun, 2010-10-31 at 15:34 -0400, Kaiting Chen wrote:
> Hi in most distributions the provided /etc/protocols file has protocol
> names in lowercase with protocol names in their normal case as
> aliases. This is impossible to replicate in LDAP because cn is
> caseInsensitiveMatch. I know that nss-pam-ldapd does something to
> simulate a case sensitive match on cn, and I'm not sure if this is the
> issue here, but ideally both 'tcp' and 'TCP' should match protocol #6,
> which is not the current behavior.

You cannot assign both tcp and TCP to a cn of a single entry and
searches for protocol entries are currently case sensitive. That is
indeed a bit annoying and partially a side-effect of the case sensitive
filtering that nss-pam-ldapd does.

That being said I would recommend not putting this kind of information
in LDAP and rely on to OS's /etc/protocols mostly. The same goes mostly
for /etc/services but you may need to add an entry there once or twice.

So unless someone can provide a direction in which this can be fixed
(other than updating RFC2307) or has some use case that underlines the
importance of a workaround I think the current functionality remains.

Anyway, thanks for reporting this issue.

-- arthur - - --
To unsubscribe send an email to or see