[OpenAFS] Administrators with a slash
Benjamin Kaduk
kaduk@mit.edu
Sun, 3 Mar 2019 19:35:28 -0600
On Sun, Mar 03, 2019 at 11:30:41PM +0200, Ciprian Dorin Craciun wrote:
> On Tue, Jan 10, 2012 at 3:20 PM Bobb Crosbie
> <bobb.crosbie@cremeglobal.com> wrote:
> > I now recall reading about the slash -> dot remapping in the docs, but I had forgotten about it.
> >
> > I think perhaps the tools might have done a better job of indicating that there was a problem, and what it might be ?
> >
> > If slashes are remapped to dots, then perhaps ``pts createuser'' should issue a warning message if you try to create a user with a slash ?
> > As it stands (1.4.12 & 1.6.0), pts happily creates the user with the slash and also includes it in the list of entries.
>
>
> Sorry for reviving such an old thread, but I've just wasted about 4
> hours randomly trying things out in order to get OpenAFS (1.8.0) with
> Kerberos to actually work... And fortunately (?!) I've managed to
> find the solution through this random process; thus I've searched the
> mailing lists to see if anyone had the same issue...
>
> Perhaps the OpenAFS Quick Start UNIX chapters touching the Kerberos
> integration (http://docs.openafs.org/QuickStartUnix/HDRWQ53.html)
> should clearly state this issue with principals containing dots and
> using at the same time instances (i.e. slashes)...
Patches welcome! (XML sources browseable at
http://git.openafs.org/?p=openafs.git;a=tree;f=doc/xml/QuickStartUnix;h=9e4fbd3f23b81696d98b1fcb68519364fe365d3f;hb=HEAD
; preferred submissions are as gerrit changes (docs on that at
https://wiki.openafs.org/devel/GitDevelopers/) but mailed patches and
similar are fine.
> Moreover as Bobb observed almost 10 years ago, none of the OpenAFS
> tools (not even in 1.8.0) give any hint about what is happening, not
> in the logs, nor on stderr...
>
> Moreover it's still unclear to me if in `pts createuser` I should use
> the `username.admin` or `username/admin` variants? (It lets me do
> both, but I think only the former actually works.) Could someone tell
> me the "correct" syntax for OpenAFS usernames?
You should pts createuser the username.admin variants.
Of course, rxgk will let us use fancier names for things, so we'll have to
get used to a whole new world order when that finishes landing...
-Ben