On Mon, Apr 03, 2017 at 11:00:21AM +1000, Lachlan Musicman wrote: > Hola, > > I've reported this issue before (with a different symptom iirc), but > thought I should mention again, as I have no idea how to competently report > it to selinux. > > With SSSD/IPA in use, in a one way trust to AD, and AD users have spaces in > their names, libsemanage fails to update: > > eg from recent monthly upgrade cycle: > > Updating : > selinux-policy-targeted-3.13.1-102.el7_3.16.noarch > 3/14 > libsemanage.parse_assert_ch: expected character ':', but found 'f' > (/etc/selinux/targeted/tmp/seusers.local: 5): > lastname firstn...@domain.com:unconfined_u:s0-s0:c0.c1023 (No such file or > directory). > libsemanage.seuser_parse: could not parse seuser record (No such file or > directory). > libsemanage.dbase_file_cache: could not cache file database (No such file > or directory). > libsemanage.semanage_base_merge_components: could not merge local > modifications into policy (No such file or directory). >
Hi, according to my quick testing this is solved with this PR: https://github.com/SSSD/sssd/pull/189 (Please note that we haven't ran all regression tests on this PR so I can't in fact tell if it's correct or not. The code does look OK, though). I was also able to work around the issue by setting: override_space = _ in sssd.conf -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project