#22: pam_mkhomedir uses user alias username instead of canonical name when creating home directories -------------------------------------------------+------------------------- Reporter: musicalvegan0 | Owner: pam- Type: defect | developers@… Priority: major | Status: new Version: 1.1.x | Component: modules Keywords: sssd, ipa, active directory, | Resolution: mkhomedir | Blocked By: Blocking: | -------------------------------------------------+-------------------------
Comment (by sgallagh):
Replying to [comment:5 ldv]:
The canonical name associated with the alias is not a well defined
notion.
Suppose that
- pam_get_user() returns NAME1;
- getpwnam(NAME1)->pw_name is NAME2;
- getpwnam(NAME2)->pw_name is NAME3;
- getpwnam(NAME3)->pw_name is NAME1.
What would you call the canonical name in a case like this?
Wouldn't it be better if PAM modules did no attempts to "canonicalize"
user names at all?
For what it's worth, in SSSD's LDAP provider, this situation is impossible. We select one entry from the list of aliases (with sensible heuristics) and it will always return that one no matter which alias you try to use.