On (04/04/17 10:13), Lachlan Musicman wrote: >On 3 April 2017 at 19:11, Jakub Hrozek <jhro...@redhat.com> wrote: > >> On Mon, Apr 03, 2017 at 11:00:21AM +1000, Lachlan Musicman wrote: >> > >> > With SSSD/IPA in use, in a one way trust to AD, and AD users have spaces >> in >> > their names, libsemanage fails to update: >> > >> > eg from recent monthly upgrade cycle: >> > >> > Updating : >> > selinux-policy-targeted-3.13.1-102.el7_3.16.noarch >> > 3/14 >> > libsemanage.parse_assert_ch: expected character ':', but found 'f' >> > (/etc/selinux/targeted/tmp/seusers.local: 5): >> > lastname firstn...@domain.com:unconfined_u:s0-s0:c0.c1023 (No such file >> or >> > directory). >> > libsemanage.seuser_parse: could not parse seuser record (No such file or >> > directory). >> > libsemanage.dbase_file_cache: could not cache file database (No such file >> > or directory). >> > libsemanage.semanage_base_merge_components: could not merge local >> > modifications into policy (No such file or directory). >> > >> >> Hi, >> according to my quick testing this is solved with this PR: >> https://github.com/SSSD/sssd/pull/189 This patch will not help with spaces in name.
it need to be fixed in selinux-policy or libsemanage. LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
