Anybody know how to use auth_to_local with Redhat's Kerberos?
Ken Raeburn
raeburn at MIT.EDU
Fri Sep 15 06:03:58 EDT 2006
On Sep 14, 2006, at 21:34, Scott Simpson wrote:
> I running Redhat 4 which uses Kerberos 1.3.4. I'm trying to get the
> "auth_to_local" rule working in the [realm] stanza. If I set
>
> auth_to_local = DEFAULT
>
> it works fine.
That looks like the correct usage.
> But if I set it to
>
> auth_to_local = { DEFAULT }
>
> it comes up but doesn't work.
Since "{ DEFAULT }" isn't a recognized type, this is probably
generating an error in the aname-to-lname mapping code, which then is
probably getting ignored in the interest of trying to make things
work as well as possible.
> If I set it to
>
> auth_to_local = {
> DEFAULT
> }
>
> I get a syntax error and krb5kdc won't even come up. Any help would be
> appreciated. Thank you.
That is indeed invalid syntax for the config file, so any program
reading it is going to report an error.
The braces aren't for grouping *values*, they're for introducing a
deeper level in the hierarchy, and the line breaks are significant.
The "{ DEFAULT }" case doesn't match the syntax for starting a new
level, so the whole string is taken as a value. And "DEFAULT" on a
line by itself isn't specifying a value for a tag; a line giving a
value has to be of the form "foo = bar".
Ken
More information about the Kerberos
mailing list