On Mon, Apr 03, 2017 at 11:00:21AM +1000, Lachlan Musicman wrote:
> Hola,
>
> I've reported this issue before (with a different symptom iirc), but
> thought I should mention again, as I have no idea how to competently report
> it to selinux.
>
> With SSSD/IPA in use, in a one way trust to AD, and AD users have spaces in
> their names, libsemanage fails to update:
>
> eg from recent monthly upgrade cycle:
>
> Updating :
> selinux-policy-targeted-3.13.1-102.el7_3.16.noarch
> 3/14
> libsemanage.parse_assert_ch: expected character ':', but found 'f'
> (/etc/selinux/targeted/tmp/seusers.local: 5):
> lastname firstn...@domain.com:unconfined_u:s0-s0:c0.c1023 (No such file or
> directory).
> libsemanage.seuser_parse: could not parse seuser record (No such file or
> directory).
> libsemanage.dbase_file_cache: could not cache file database (No such file
> or directory).
> libsemanage.semanage_base_merge_components: could not merge local
> modifications into policy (No such file or directory).
>
Hi,
according to my quick testing this is solved with this PR:
https://github.com/SSSD/sssd/pull/189
(Please note that we haven't ran all regression tests on this PR so I
can't in fact tell if it's correct or not. The code does look OK,
though).
I was also able to work around the issue by setting:
override_space = _
in sssd.conf
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
