nscd monitors files in /etc and invalidates the cache automatically when
they change. However, for other mechanisms it recommends issuing a
manual flush in its manual page. Flush nscd passwd and group database
caches after all user operations (not just rename operation, just to be
sure).
- Move diagnostics into main module instead of action script.
- Ability run diagnostics as non-root user (because it runs in Plinth
instead of action).
- Diagnose whether LDAP server is listening.
- Diagnose directory entities created during setup.
- Merge all ldap actions into one action.
- Setup ldapscripts using augeas.
- Use the default mechanisms used by ldapscripts.
- Remove adding admin users to 'sudo' group. Mixing LDAP groups and
local groups is not a good practice. 'admin' LDAP group will be added
to sudoers in another patch to freedombox-setup.
- Make all users posixAccount and all groups posixGroup for simplicity.
Shell access can be restricted in other ways.
- Work around ldapscripts not able to set password using SASL auth.
- Work around ldapscripts having issues with current locale.
