← Back to team overview

maria-developers team mailing list archive

Re: [GSoC] Kerberize MariaDB -- some unclear point about the project

 

Hi Sergei,

Thanks for your reply.

After discussing with Wlad, we think it proper to use a short name as login name and enclose the full principal name in the AS clause.
This will bypass the login name constraint in MariaDB.

Thank you very much!
Sincerely, Shuang


On Jun 21, 2013, at 4:39 PM, Sergei Golubchik <serg@xxxxxxxxxxx> wrote:

> Hi, QIU!
> 
> On Jun 21, QIU Shuang wrote:
>> Hi Wlad,
>> 
>> After thinking it over again, the maximum login name length in
>> MariaDB, which is only 16 characters by default the same as in MySQL.
>> I find this https://mariadb.atlassian.net/browse/MDEV-4332 in JIRA.
>> Will the long username be well supported in subsequent releases?
> 
> As you can see, this MDEV-4332 is already marked as "Fixed", with the 
> "Fix Version/s: 5.5.31".
> 
> So this is already supported in the 5.5.31 release.
> 
> But note that - see the task description - you need to change system
> tables manually to enjoy longer user names.
> 
>> A valid GNU/Linux username is a 32 character string (see useradd(8) man page).
>> And a valid Kerberos principal name length is in between 1 and 256 inclusively. (see http://pic.dhe.ibm.com/infocenter/iseries/v6r1m0/index.jsp?topic=/cl/addkrbtkt.htm, I didn't find an official document)
>> If we put a whole valid Kerberos principal name, I think it may cause
>> problem someday for the unmatched name length.
> 
> Right. Currently (starting from 5.5.31) the code supports up to 512
> bytes long usernames. But practically the limit is 80 characters, then
> we hit a max index length limit in MyISAM.
> 
> Regards,
> Sergei


References