[27805] in Kerberos
Re: WHy is this common syntax failing?
daemon@ATHENA.MIT.EDU (Ken Raeburn)
Mon May 21 10:51:56 2007
In-Reply-To: <CC63530A87EC114093FA76A2BCDD94B301813F99@mira-mail.mirabeau.nl>
Mime-Version: 1.0 (Apple Message framework v752.2)
Message-Id: <701864A3-5305-4650-8AE3-3512C9449743@mit.edu>
From: Ken Raeburn <raeburn@mit.edu>
Date: Mon, 21 May 2007 10:48:50 -0400
To: "Owen Carter" <ocarter@mirabeau.nl>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On May 21, 2007, at 10:41, Owen Carter wrote:
> [realms]
> MIRABEAU.NL = {
> kdc = SERV1.mirabeau.nl
> admin_server = SERV1.mirabeau.nl
> auth_to_local = {
> RULE:[2:$1](johndoe)s/^.*$/guest/
> RULE:[2:$1;$2](^.*;admin$)s/;admin$//
> RULE:[2:$2](^.*;root)s/^.*$/root/
> DEFAULT
> }
> }
>
> When I did that, Kerberos stops working.
The documentation is wrong. You need to use something like:
[realms]
MIRABEAU.NL = {
auth_to_local = RULE:blahblahblah
auth_to_local = RULE:stuffheretoo
auth_to_local = DEFAULT
}
> (as a footnote; the error message could be much, much more
> specific.. I mean, it doesn't even give a line number of where the
> error is found in the file, let alone a true reason WHY it believes
> the format is invalid.)
Yes, that would be a good improvement too....
Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
