On Tue, 29 Jan 2013, Jakub Hrozek wrote:
On Tue, Jan 29, 2013 at 10:50:02PM +0200, Alexander Bokovoy wrote:
And here I'm coming to grave error in the SSSD code: the name of
explicit mapping file contains non-filtered domain name, which contains
dot. krb5.conf manual page states that includedir allows to source all
files which names are constructed from alpha-numeric chars, dashes and
underscores.
Files with other characters are ignored. So dots as in
domain_realm_example.com are ignored and our mapping is never sourced.
For IDN domains we also will need to transform the name into its
Punycode (RFC3492) to avoid breaking out of alpha-numeric space.
I'd suggest replacing dots with underscores.
Please file a ticket
https://bugzilla.redhat.com/show_bug.cgi?id=905650
https://fedorahosted.org/sssd/ticket/1795
--
/ Alexander Bokovoy
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
