Lines with "=" in krb5.conf
Greg Hudson
ghudson at mit.edu
Wed Jan 16 00:28:54 EST 2019
On 1/15/19 9:12 AM, Weijun Wang wrote:
> [realms]
> ATHENA.MIT.EDU = {
> auth_to_local = {
> RULE:[2:$1](johndoe)s/^.*$/guest/
> RULE:[2:$1;$2](^.*;admin$)s/;admin$//
> RULE:[2:$2](^.*;root)s/^.*$/root/
> DEFAULT
> }
> }
>
> Is this legal? I tried it with the latest MIT krb5 and saw a "krb5kdc: Improper format of Kerberos configuration file while initializing krb5" error.
>
> Or does any other krb5 vendor support this format?
I don't think so. MIT krb5 only expects relations (a = b) within a
braced subsection, and my read of the Heimdal code is that it does as well.
More information about the krbdev
mailing list