Steps to reproduce:
$ ipa config-mod --maxusername 255 $ ipa user-add $(printf "x%.s" {1..255}) --first Test --last User
Got:
ipa: ERROR: invalid 'login': may only include letters, numbers, _, -, . and $
Expected:
---------------------------- Added user "xxxxx...x" ---------------------------- ...
The root cause is uid pattern in baseuser.py
pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$'
it results in rejecting usernames longer than 254 characters.
I propose replacing "{0,252}" with "*", the length is checked on other places anyway.
mbasti: just replacing '{0, 252}' with '*' in regexp (twice) + open doc bug for RHEL7.3 because the regexp is listed there dkupka: there are more similar regexps (group (cn), idviews (uid), topology (topologysegmentname)) maybe it is worth to take look on them too. [mkosek] do not boil the oceans :-) I would do the fix that mbasti suggests (4-liner) and move to more important tickets
This ticket is out of scope of 4.4.0 release. Moving to 4.4.1. Note that 4.4.1 needs to be triaged, therefore not everything will be implemented.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1375596 (Red Hat Enterprise Linux 7)
master:
ipa-4-4:
Metadata Update from @dkupka: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.4.2
Login to comment on this ticket.