Michael Ströder michael@stroeder.com schrieb am 07.06.2022 um 08:27 in
Nachricht 7ea49afd-d5f1-b7dc-e41a-709e523fdf3e@stroeder.com:
On 6/7/22 08:25, Ulrich Windl wrote:
Michael Ströder michael@stroeder.com schrieb am 05.06.2022 um 23:16
in
Nachricht 51b7e769-522d-a547-4b4e-637e9d035ba6@stroeder.com:
On 6/5/22 23:02, Felix Schäfer wrote:
Am 05.06.2022 um 22:36 schrieb Michael Ströder michael@stroeder.com:
But, like it or not, POSIX names are case-sensitive. So with posixGroup entries you have to preserve the case for completely consistent data. >
It’s not just posix.
Believe me I'm aware of all those issues.
That's the reason why my Æ-DIR mandates lower-cased user and group names.
Ah that bug: In the past we could lock out a user by entering it's name in capitals (the user couldn't log in even with the correct password, as LDAP
did
find the user). Later the lower-case variant of the user would be locked out as well.
Hmm, which component enforced the lock out in this case?
It's quite some time ago; I can hardly remember. I searched and found it. Seems to be a different problem, but now that you were asking, I'm explaining: For NIS compatibility were were uing ent´tries like this at the end of the password file: +@dialog_users:::::: +:NO-LOGIN:::::/sbin/nologin
So all non-dialog users were denied login. When I had eneterd the user in capital letters the NO-LOGIN entry matched, but when entering the name correctly later, I could not log in. I had found out that "getent passwd user" would show /sbin/nologin as shell then.
In that case the solution was: "nscd -i passwd" (invalidate the password cache)
So a different problem it seems, and sorry for the confusion.
Regards, Ulrich
Ciao, Michael.