[Freeipa-users] libsemanage updates fail due to AD user with space
Lukas Slebodnik
lslebodn at redhat.com
Tue Apr 4 07:32:12 UTC 2017
On (04/04/17 10:13), Lachlan Musicman wrote:
>On 3 April 2017 at 19:11, Jakub Hrozek <jhrozek at redhat.com> wrote:
>
>> On Mon, Apr 03, 2017 at 11:00:21AM +1000, Lachlan Musicman wrote:
>> >
>> > With SSSD/IPA in use, in a one way trust to AD, and AD users have spaces
>> in
>> > their names, libsemanage fails to update:
>> >
>> > eg from recent monthly upgrade cycle:
>> >
>> > Updating :
>> > selinux-policy-targeted-3.13.1-102.el7_3.16.noarch
>> > 3/14
>> > libsemanage.parse_assert_ch: expected character ':', but found 'f'
>> > (/etc/selinux/targeted/tmp/seusers.local: 5):
>> > lastname firstname at domain.com:unconfined_u:s0-s0:c0.c1023 (No such file
>> or
>> > directory).
>> > libsemanage.seuser_parse: could not parse seuser record (No such file or
>> > directory).
>> > libsemanage.dbase_file_cache: could not cache file database (No such file
>> > or directory).
>> > libsemanage.semanage_base_merge_components: could not merge local
>> > modifications into policy (No such file or directory).
>> >
>>
>> Hi,
>> according to my quick testing this is solved with this PR:
>> https://github.com/SSSD/sssd/pull/189
This patch will not help with spaces in name.
it need to be fixed in selinux-policy or libsemanage.
LS
More information about the Freeipa-users
mailing list