I maintain a few ldap based samba domain controllers and will always choose one site to do a world upgrade. The one I chose on 19th April just happens to have a bunch of Appgen users to access the server with telnet. I had done an emerge --syn -q and then emerge -ua world to get a list of what would be updated first. I found sys-auth/nss_ldap-264-r1 as a package to be updated in the list that I decided would be fine so hit y and let it roll! It did not take to long before I had a call from the customer saying they where now seeing ldap messages in all their telnet client screens. On further investigation I found that they were actually nss_ldap debug messages. I decided - no probs lets just go back to the older version of nss_ldap! Emerge -Ca nss_ldap && emerge =sys-auth/nss_ldap-258. It was just the same. After hours of trying to find why nss_ldap produced the debug messages I eventually found a comment via google that talked about adding enable debug when running configure! I then looked at the nss_ldap ebuilds and everyone in the portage tree now has debug in the IUSE line! The solution was simple! put a -debug into /etc/portage/package.use for nss_ldap! Reproducible: Always Steps to Reproduce: 1.emerge nss_ldap with default ebuild IUSE flags in a world update 2. 3. Actual Results: nss_ldap now litters everything with debug messages. User stdout/stderr log files. Expected Results: nss_ldap ebuild should give and message on emerging that warns about the now enable debug flag! It is only going to happen on a system using ldap for user accounts. Whether those accounts are on a local or remote ldap server I might have picked it up if I had done an emerge -uav world and seen this new use flag! But I sort of trust developers to give a warning message about newly added IUSE flags!
And how is this a bug? *You* compiled it with IUSE="debug" enabled, so *you* requested the extra output.
equery uses nss_ldap emerge --verbose --ask (and watch out for changed use flags) and btw. for downgrading, just emerge the new version without doing emerge -C before, which leads to a missing module and longer downtime exp. on productive systems.