#22: pam_mkhomedir uses user alias username instead of canonical name when
creating home directories
-------------------------------------------------+-------------------------
Reporter: musicalvegan0 | Owner: pam-
Type: defect | developers@…
Priority: major | Status: new
Version: 1.1.x | Component: modules
Keywords: sssd, ipa, active directory, | Resolution:
mkhomedir | Blocked By:
Blocking: |
-------------------------------------------------+-------------------------
Changes (by sgallagh):
* cc: sgallagh@… (added)
Comment:
Replying to [comment:1 ldv]:
You mean that in your case getpwnam(NAME)->pw_name differs from
NAME,
and getpwnam(getpwnam(NAME)->pw_name)->pw_dir differs from
getpwnam(NAME)->pw_dir?
In more detail:
"{{{getpwnam(NAME)->pw_name}}} differs from NAME" is a true statement. In
the particular inciting event, it's because the user was logging in via
SSSD to an Active Directory user named "Guest". Because AD accounts are
case-insensitive, SSSD has to normalize this user to 'guest', so the
->pw_name value doesn't match.
The user also had an empty value for the homedir on the server, which is
translated by SSSD to be {{{/path/to/homes/getpwnam(NAME)->pw_name}}}. So
'getent passwd Guest' ends up returning:
{{{
guest:*:500:500:Guest User:/home/guest:/bin/bash
}}}
So {{{getpwnam(getpwnam(NAME)->pw_name)->pw_dir}}} ''should'' be
the same
as {{{getpwnam(NAME)->pw_dir}}}
--
Ticket URL: <
https://fedorahosted.org/linux-pam/ticket/22#comment:2>
linux-pam <
http://fedorahosted.org/linux-pam>
The Linux-PAM (Pluggable Authentication Modules) project