From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114 Description of problem: If one uses the "~user" form in a .login file AND the user in question is handled by OpenLDAP authentication AND is a member of an LDAP group, then tcsh hangs until control-C is hit. The problem does not occur with bash, nor does it occur if the user is a member of a group which appears in the local /etc/group file. Version-Release number of selected component (if applicable): tcsh-6.12-5 How reproducible: Always Steps to Reproduce: 1. Set up a Fedora workstation which connects to an LDAP server for authentication; I use the 'firstboot' dialog to do this. 2. Create an LDAP user whose group is not in /etc/group. I used the following LDIF: dn: uid=testuser, ou=people,dc=foo,dc=com uid: testuser cn: Joe Testuser homeDirectory: /home/testuser uidNumber: 508 objectClass: posixAccount objectClass: shadowAccount gidNumber: 500 userPassword: [insert password here] loginShell: /bin/tcsh and added this user with the ldapadd command. 3. In the above user's home directory, create a .login file containing the single line echo ~testuser 4. Log in as testuser. Actual Results: The echo command succeeds but no shell prompt appears until you hit control-C. Expected Results: The echo command should succeed and the prompt should then appear. Additional info: If you change the group number for testuser to 100 (the 'users' group in /etc/group), one gets the result one expects. This may be related to bug 105886, although I have never had the problem described there myself.
Fixed in tcsh-6.13-6, which should show up in rawhide after FC3t2 is released.
The package 'nss_ldap' is now obsolote (has been retired) and is no longer part of Fedora. It was superseded by 'nss-pam-ldapd' and 'sssd'. I tried to reproduce this issue with the current way of LDAP authentication via the FreeIPA/SSSD, but I was not successful. The issue has been most likely mitigated with the new identity management. And because the patch for this BZ was never accepted by the upstream (and Fedora tries to be close to upstream as much as possible), I will be removing that patch from the 'tcsh' package in the F24 version. In case anybody finds himself/herself affected by this issue in the future, feel free to reopen this BZ or create a new one.