[SSSD] [sssd PR#515][comment] sssctl: Showing help even when sssd not configured

2018-02-15 Thread amitkumar50 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

amitkumar50 commented:
"""
Don't know why build check failed..
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/515#issuecomment-366146010
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][comment] sssctl: Showing help even when sssd not configured

2018-02-15 Thread amitkumar50 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

amitkumar50 commented:
"""
ok to test
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/515#issuecomment-366146010
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][closed] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread lslebodn 
   URL: https://github.com/SSSD/sssd/pull/503
Author: lslebodn
 Title: #503: Regression test for false possitive "corrupted" memory cache
Action: closed

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/503/head:pr503
git checkout pr503
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][+Pushed] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/503
Title: #503: Regression test for false possitive "corrupted" memory cache

Label: +Pushed
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#494][-Changes requested] Backport support for certificates in idoverrides to sssd-1.13

2018-02-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/494
Title: #494: Backport support for certificates in idoverrides to sssd-1.13

Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#494][comment] Backport support for certificates in idoverrides to sssd-1.13

2018-02-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/494
Title: #494: Backport support for certificates in idoverrides to sssd-1.13

sumit-bose commented:
"""
I added '(cherry picked from ...)' to the commit messages with a hint if fixes 
where needed or not.

Only the last patch does not have this because it isn't in master yet but under 
review in https://github.com/SSSD/sssd/pull/488.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/494#issuecomment-366036298
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#494][synchronized] Backport support for certificates in idoverrides to sssd-1.13

2018-02-15 Thread sumit-bose 
   URL: https://github.com/SSSD/sssd/pull/494
Author: sumit-bose
 Title: #494: Backport support for certificates in idoverrides to sssd-1.13
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/494/head:pr494
git checkout pr494
From 8349336ecb38fabef619eab5456e7971657cc2e0 Mon Sep 17 00:00:00 2001
From: Sumit Bose 
Date: Mon, 30 Nov 2015 12:14:16 +0100
Subject: [PATCH 01/13] sysdb: add sysdb_attrs_add_base64_blob()

Reviewed-by: Jakub Hrozek 
(cherry picked from commit 6cdeb0923c16e3fafe21aaadca6dac1d71474c31)
---
 src/db/sysdb.c  | 22 ++
 src/db/sysdb.h  |  2 ++
 src/tests/cmocka/test_sysdb_utils.c | 36 
 3 files changed, 60 insertions(+)

diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index d4366a3c7..8552d77b7 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -23,6 +23,7 @@
 #include "util/util.h"
 #include "util/strtonum.h"
 #include "util/sss_utf8.h"
+#include "util/crypto/sss_crypto.h"
 #include "db/sysdb_private.h"
 #include "confdb/confdb.h"
 #include 
@@ -634,6 +635,27 @@ int sysdb_attrs_add_mem(struct sysdb_attrs *attrs, const char *name,
 	return sysdb_attrs_add_val(attrs, name, );
 }
 
+int sysdb_attrs_add_base64_blob(struct sysdb_attrs *attrs, const char *name,
+const char *base64_str)
+{
+struct ldb_val v;
+int ret;
+
+if (base64_str == NULL) {
+return EINVAL;
+}
+
+v.data = sss_base64_decode(attrs, base64_str, );
+if (v.data == NULL) {
+DEBUG(SSSDBG_OP_FAILURE, "sss_base64_decode failed.\n");
+return ENOMEM;
+}
+
+ret = sysdb_attrs_add_val(attrs, name, );
+talloc_free(v.data);
+return ret;
+}
+
 int sysdb_attrs_add_bool(struct sysdb_attrs *attrs,
  const char *name, bool value)
 {
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 0413d2a3b..732ca14f8 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -323,6 +323,8 @@ int sysdb_attrs_add_lower_case_string(struct sysdb_attrs *attrs, bool safe,
   const char *name, const char *str);
 int sysdb_attrs_add_mem(struct sysdb_attrs *attrs, const char *name,
 const void *mem, size_t size);
+int sysdb_attrs_add_base64_blob(struct sysdb_attrs *attrs, const char *name,
+const char *base64_str);
 int sysdb_attrs_add_bool(struct sysdb_attrs *attrs,
  const char *name, bool value);
 int sysdb_attrs_add_long(struct sysdb_attrs *attrs,
diff --git a/src/tests/cmocka/test_sysdb_utils.c b/src/tests/cmocka/test_sysdb_utils.c
index b791f14b7..570fe0235 100644
--- a/src/tests/cmocka/test_sysdb_utils.c
+++ b/src/tests/cmocka/test_sysdb_utils.c
@@ -103,6 +103,41 @@ static void test_sysdb_handle_original_uuid(void **state)
 talloc_free(dest_attrs);
 }
 
+#define TEST_BASE64_ABC "YWJj"
+#define TEST_BASE64_123 "AQID"
+static void test_sysdb_attrs_add_base64_blob(void **state)
+{
+struct sysdb_attrs *attrs;
+struct ldb_message_element *el;
+char zero[] = { '\1', '\2', '\3' };
+int ret;
+
+attrs = sysdb_new_attrs(NULL);
+assert_non_null(attrs);
+
+ret = sysdb_attrs_add_base64_blob(attrs, "testAttrABC", TEST_BASE64_ABC);
+assert_int_equal(ret, EOK);
+
+ret = sysdb_attrs_add_base64_blob(attrs, "testAttr000", TEST_BASE64_123);
+assert_int_equal(ret, EOK);
+
+ret = sysdb_attrs_get_el(attrs, "testAttrABC", );
+assert_int_equal(ret, EOK);
+assert_int_equal(el->num_values, 1);
+assert_non_null(el->values);
+assert_non_null(el->values[0].data);
+assert_int_equal(el->values[0].length, 3);
+assert_memory_equal(el->values[0].data, "abc", 3);
+
+ret = sysdb_attrs_get_el(attrs, "testAttr000", );
+assert_int_equal(ret, EOK);
+assert_int_equal(el->num_values, 1);
+assert_non_null(el->values);
+assert_non_null(el->values[0].data);
+assert_int_equal(el->values[0].length, 3);
+assert_memory_equal(el->values[0].data, zero, 3);
+}
+
 int main(int argc, const char *argv[])
 {
 int rv;
@@ -116,6 +151,7 @@ int main(int argc, const char *argv[])
 
 const struct CMUnitTest tests[] = {
 cmocka_unit_test(test_sysdb_handle_original_uuid),
+cmocka_unit_test(test_sysdb_attrs_add_base64_blob),
 };
 
 /* Set debug level to invalid value so we can deside if -d 0 was used. */

From 4fa0f11a3d9f031ac920e1b6e50ce41f2c3a02cc Mon Sep 17 00:00:00 2001
From: Sumit Bose 
Date: Wed, 6 Apr 2016 11:12:30 +0200
Subject: [PATCH 02/13] sysdb: add searches by certificate with overrides

Reviewed-by: Jakub Hrozek 
(cherry picked from commit 6cb34580ee6e9e2c9190b77b10db8a3c43e3c9c8)
---
 src/db/sysdb.h|  12 ++
 src/db/sysdb_search.c |  67 +
 src/db/sysdb_views.c  | 102

[SSSD] [sssd PR#514][comment] Backport several UPN related patches to sssd-1-13

2018-02-15 Thread jhrozek 
  URL: https://github.com/SSSD/sssd/pull/514
Title: #514: Backport several UPN related patches to sssd-1-13

jhrozek commented:
"""
Kind of a bit of both. If the cherry-pick conflict couldn't be resolved 
trivially, I just opened the code from master and adjusted sssd-1-13 to match 
the behaviour in master.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/514#issuecomment-365969076
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][comment] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/503
Title: #503: Regression test for false possitive "corrupted" memory cache

lslebodn commented:
"""
master:
* 6dc1de9781ab211a43d24cbaed7969d98abc1cc1
* fd17e0925dbcafedb878ddf828a37743c115c9dd
* 8f83feea4586a8fcf4365e0d22e0a16740424cc2
* 41454a64c714e984423fd6e94ea89d183a73cc67
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/503#issuecomment-365956707
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][comment] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/503
Title: #503: Regression test for false possitive "corrupted" memory cache

lslebodn commented:
"""
Thank you for review.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/503#issuecomment-365956635
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#498][comment] DESKPROFILE: Do not require CAP_DAC_OVERRIDE

2018-02-15 Thread simo5 
  URL: https://github.com/SSSD/sssd/pull/498
Title: #498: DESKPROFILE: Do not require CAP_DAC_OVERRIDE

simo5 commented:
"""
@fidencio fidencio I do not care for unprivileged mode when it makes things way 
harder then they ought to be.
sssd can always make up a root account and escalate privileges anyway so 
running as a non privileged user is not high on my list of things to make work, 
especially because it simply can't for many tasks, making the software more 
complex (and thus buggier) for no good reason.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/498#issuecomment-365925337
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][comment] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/435
Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available

lslebodn commented:
"""
Thank you for update.
I'll run some krb5 tests for sanity checking.

So far LGTM
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/435#issuecomment-365919656
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][-Changes requested] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/435
Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available

Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][+Accepted] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/503
Title: #503: Regression test for false possitive "corrupted" memory cache

Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#503][comment] Regression test for false possitive "corrupted" memory cache

2018-02-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/503
Title: #503: Regression test for false possitive "corrupted" memory cache

sumit-bose commented:
"""
ok, I have no further comments and CI passes as well 
http://vm-031.../logs/job/84/09/summary.html (with the unrelated rawhide 
exception), so ACK.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/503#issuecomment-365912414
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][-Changes requested] sssctl: Showing help even when sssd not configured

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][comment] sssctl: Showing help even when sssd not configured

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

lslebodn commented:
"""
ok to test
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/515#issuecomment-365909737
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][comment] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/435
Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available

sumit-bose commented:
"""
Hi @lslebodn,

Thank you for the review. I removed the check from krb5_auth_cache_creds() and 
moved the debug message to the error message of sss_authtok_get_password().

The 'Backend is marked offline, retry later!' messages is ok here because we 
just want to return the offline state here. Always saying that delayed 
authentication which is not enabled by default is not available might be 
irritating.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/435#issuecomment-365901696
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][synchronized] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread sumit-bose 
   URL: https://github.com/SSSD/sssd/pull/435
Author: sumit-bose
 Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/435/head:pr435
git checkout pr435
From 0757b603dbe920a2da0f562bcc23a211beee Mon Sep 17 00:00:00 2001
From: Sumit Bose 
Date: Wed, 1 Nov 2017 18:21:40 +0100
Subject: [PATCH] krb5: call krb5_auth_cache_creds() if a pssword is available

The delayed online authentication feature is only available for password
authentication and krb5_auth_cache_creds() should only be called if a
password is available. Otherwise the error coded returned by
krb5_auth_cache_creds() will prevent proper offline authentication with
other methods e.g. Smartcard authentication.

Resolves https://pagure.io/SSSD/sssd/issue/3564
---
 src/providers/krb5/krb5_auth.c | 15 ++-
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 03ea9d88c..d40d2afed 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -253,17 +253,12 @@ static void krb5_auth_cache_creds(struct krb5_ctx *krb5_ctx,
 const char *password = NULL;
 errno_t ret;
 
-if (sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_PASSWORD) {
-DEBUG(SSSDBG_MINOR_FAILURE,
-  "Delayed authentication is only available for password "
-  "authentication (single factor).\n");
-return;
-}
-
 ret = sss_authtok_get_password(pd->authtok, , NULL);
 if (ret != EOK) {
 DEBUG(SSSDBG_FATAL_FAILURE,
-  "Failed to get password [%d] %s\n", ret, strerror(ret));
+  "Failed to get password [%d] %s. Delayed authentication is only "
+  "available for password authentication (single factor).\n",
+  ret, strerror(ret));
 *pam_status = PAM_SYSTEM_ERR;
 *dp_err = DP_ERR_OK;
 return;
@@ -1138,7 +1133,9 @@ static void krb5_auth_done(struct tevent_req *subreq)
 
 if (kr->is_offline) {
 if (dp_opt_get_bool(kr->krb5_ctx->opts,
-KRB5_STORE_PASSWORD_IF_OFFLINE)) {
+KRB5_STORE_PASSWORD_IF_OFFLINE)
+&& sss_authtok_get_type(pd->authtok)
+== SSS_AUTHTOK_TYPE_PASSWORD) {
 krb5_auth_cache_creds(state->kr->krb5_ctx,
   state->domain,
   state->be_ctx->cdb,
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#498][comment] DESKPROFILE: Do not require CAP_DAC_OVERRIDE

2018-02-15 Thread fidencio 
  URL: https://github.com/SSSD/sssd/pull/498
Title: #498: DESKPROFILE: Do not require CAP_DAC_OVERRIDE

fidencio commented:
"""
I've opened https://pagure.io/SSSD/sssd/issue/3638 and let's keep the 
discussion there.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/498#issuecomment-365878269
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][comment] sssctl: Showing help even when sssd not configured

2018-02-15 Thread amitkumar50 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

amitkumar50 commented:
"""
@tiran Done changes. Thanks.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/515#issuecomment-365862182
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][synchronized] sssctl: Showing help even when sssd not configured

2018-02-15 Thread amitkumar50 
   URL: https://github.com/SSSD/sssd/pull/515
Author: amitkumar50
 Title: #515: sssctl: Showing help even when sssd not configured
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/515/head:pr515
git checkout pr515
From 2a05965449fb4f0c43cf1f9edcff72ee2f7b8a23 Mon Sep 17 00:00:00 2001
From: amitkuma 
Date: Thu, 15 Feb 2018 18:21:10 +0530
Subject: [PATCH] sssctl: Showing help even when sssd not configured

On a clean and unconfigured system, it's not possible
to use --help.
1) dnf install sssd-tools
2) sssctl cache-remove --help
Shows:
[confdb_get_domains] (0x0010): No domains configured, fatal error!

Solution: Donot check for confdb initialization when sssctl 3rd
command line argument passed is '--help'.

Please note when we run 'sssctl --help' on unconfigured system
confdb check is not done and proper o/p is seen.

Resolves: https://pagure.io/SSSD/sssd/issue/3634
---
 src/tools/common/sss_tools.c | 16 +---
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/tools/common/sss_tools.c b/src/tools/common/sss_tools.c
index e491a1286..e04f2204f 100644
--- a/src/tools/common/sss_tools.c
+++ b/src/tools/common/sss_tools.c
@@ -333,13 +333,15 @@ errno_t sss_tool_route(int argc, const char **argv,
 return tool_ctx->init_err;
 }
 
-ret = tool_cmd_init(tool_ctx, [i]);
-if (ret != EOK) {
-DEBUG(SSSDBG_FATAL_FAILURE,
-  "Command initialization failed [%d] %s\n",
-  ret, sss_strerror(ret));
-return ret;
-}
+	if (strcmp(argv[2],"--help") != 0) {
+ret = tool_cmd_init(tool_ctx, [i]);
+if (ret != EOK) {
+DEBUG(SSSDBG_FATAL_FAILURE,
+  "Command initialization failed [%d] %s\n",
+  ret, sss_strerror(ret));
+return ret;
+}
+	}
 
 return commands[i].fn(, tool_ctx, pvt);
 }
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#391][comment] Use dbus-daemon in cwrap enviroment for test

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/391
Title: #391: Use dbus-daemon in cwrap enviroment for test

lslebodn commented:
"""
retest this please
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/391#issuecomment-365858862
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#494][+Changes requested] Backport support for certificates in idoverrides to sssd-1.13

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/494
Title: #494: Backport support for certificates in idoverrides to sssd-1.13

Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#494][comment] Backport support for certificates in idoverrides to sssd-1.13

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/494
Title: #494: Backport support for certificates in idoverrides to sssd-1.13

lslebodn commented:
"""
I assume you at least partially used cherry-pick + fixing conflicts due to 
sysdb changes.
It would be good to mention hash of original ticket in commit message (git 
cherry-pick -x)

Or in other case, it would be good to mention in commit message that was 
written from scratch and maybe that it is "similar" to some hash in master.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/494#issuecomment-365858187
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#515][+Changes requested] sssctl: Showing help even when sssd not configured

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/515
Title: #515: sssctl: Showing help even when sssd not configured

Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#514][+Changes requested] Backport several UPN related patches to sssd-1-13

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/514
Title: #514: Backport several UPN related patches to sssd-1-13

Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#514][comment] Backport several UPN related patches to sssd-1-13

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/514
Title: #514: Backport several UPN related patches to sssd-1-13

lslebodn commented:
"""
The commits "Fix iterating to next domain for initgroup lookups" and "Make 
get_object_from_cache() aware of UPN searches" does not have any info about 
commits in other/newer branches.

Were they written from scratch? or you just forgot to mention that in commit 
message.
If it is just a subset of change from bigger patch in master then it would 
still be good to mention that in commit message. (or at least ticket partially 
fix that in master) 
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/514#issuecomment-365856535
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][+Changes requested] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/435
Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available

Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#435][comment] krb5: call krb5_auth_cache_creds() if a pssword is available

2018-02-15 Thread lslebodn 
  URL: https://github.com/SSSD/sssd/pull/435
Title: #435: krb5: call krb5_auth_cache_creds() if a pssword is available

lslebodn commented:
"""
@sumit-bose,

I would like to apologize for long pending review. I added inline comment. 
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/435#issuecomment-365854911
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org