Submitted bug report at the upstream GitHub project:
https://github.com/heimdal/heimdal/issues/617
On Thu, 13 Nov 2014 23:58:30 +0000 Linux Luser <linuxlu...@gmail.com> wrote:
Package: heimdal-kdc
Version: 1.6~rc2+dfsg-8
Tags: jessie
I can confirm that there is at least some difficulty with glob patterns. I
can only get the proper privs when I type out the entire name of each
principal in the kadmind.acl file, like so:
host/hostn...@example.com list,get,change-password
On the remote machine I can get:
$ kadmin -p host/hostname privs
host/hostn...@example.com's Password:
change-password, list, get
Any attempt at glob patterns fails me:
host/*@EXAMPLE.COM list,get,change-password
host/.*@EXAMPLE.COM list,get,change-password
host/hostname*@EXAMPLE.COM list,get,change-password
*/*@EXAMPLE.COM list,get,change-password
*@EXAMPLE.COM list,get,change-password
host/host*@EXAMPLE.COM list,get,change-password
All of the above example return 'none' when I issue the 'privs' command
from a remote machine.