#22: pam_mkhomedir uses user alias username instead of canonical name when
creating home directories
-------------------------------------------------+-------------------------
Reporter: musicalvegan0 | Owner: pam-
Type: defect | developers@…
Priority: major | Status: new
Version: 1.1.x | Component: modules
Keywords: sssd, ipa, active directory, | Resolution:
mkhomedir | Blocked By:
Blocking: |
-------------------------------------------------+-------------------------
Comment (by sgallagh):
Replying to [comment:5 ldv]:
The canonical name associated with the alias is not a well defined
notion.
Suppose that
- pam_get_user() returns NAME1;
- getpwnam(NAME1)->pw_name is NAME2;
- getpwnam(NAME2)->pw_name is NAME3;
- getpwnam(NAME3)->pw_name is NAME1.
What would you call the canonical name in a case like this?
Wouldn't it be better if PAM modules did no attempts to "canonicalize"
user names at all?
For what it's worth, in SSSD's LDAP provider, this situation is
impossible. We select one entry from the list of aliases (with sensible
heuristics) and it will always return that one no matter which alias you
try to use.
--
Ticket URL: <
https://fedorahosted.org/linux-pam/ticket/22#comment:6>
linux-pam <
http://fedorahosted.org/linux-pam>
The Linux-PAM (Pluggable Authentication Modules) project