> On Jul 17, 2014, at 7:45 PM, Kenneth MacDonald <kenneth.macdon...@ed.ac.uk> > wrote: > > Quoting John Devitofranceschi <j...@optonline.net> on Thu, 17 Jul 2014 > 15:51:06 -0400: > >> >>> On Jul 17, 2014, at 12:37, Greg Hudson <ghud...@mit.edu> wrote: >>> >>>> On 07/16/2014 06:34 PM, John Devitofranceschi wrote: >>>> host/*@MYREALM.COM x */*1...@myrealm.com >>> >>> This works for me in 1.11, 1.12, and the master branch. So, your >>> expectation isn't unreasonable, but I'm not sure why it doesn't work for >>> you. >>> >>> Note that kadmind will not reread its ACL file until it is restarted. >> >> I can get it to work with other wild card use cases, like: >> >> *@MYREALM.COM cli *1/ad...@myrealm.com >> >> Just not the example I gave originally. > > This is because the wildcard matching only operates on whole > components, not substrings of them. There are various patches > floating around that extend this to regular expressions or substrings. > I have one, but I'm on holiday at the moment. I'll try to remember > to follow up when I get back.
I just started looking into this again, this time with 1.13.1 and my results are the same as when I tried last year. Any patches or advice welcome! jd
smime.p7s
Description: S/MIME cryptographic signature
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
