[SSSD] [sssd PR#812][comment] Implement background refresh for IPA and AD domains and subdomains
URL: https://github.com/SSSD/sssd/pull/812 Title: #812: Implement background refresh for IPA and AD domains and subdomains jhrozek commented: """ The current version fixes the periodical task to start relative to the last task's finish time, not start time. Still todo: - [ ] Add the initgroups refresh - [ ] Add some warning if the periodical task is too slow and might result in expired entries? - [ ] Look at reducing the code duplication btw I'd like to have the whole PR reviewed and merged before me and Sumit go for a summer vacation.. """ See the full comment at https://github.com/SSSD/sssd/pull/812#issuecomment-503741016 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#832][opened] SPECFILE: Add 'make' as build dependency
URL: https://github.com/SSSD/sssd/pull/832
Author: mzidek-rh
Title: #832: SPECFILE: Add 'make' as build dependency
Action: opened
PR body:
"""
This caused some of my scripts fail when building SSSD
after fetching build dependencies from srpm because
make was not installed.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/832/head:pr832
git checkout pr832
From 31f48ed11bd097d2493a27d80cf4b01b557d4e95 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C5=BDidek?=
Date: Wed, 19 Jun 2019 16:30:06 +0200
Subject: [PATCH] SPECFILE: Add 'make' as build dependency
This caused some of my scripts fail when building SSSD
after fetching build dependencies from srpm because
make was not installed.
---
contrib/sssd.spec.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 2e971a01cc..e5a4ec2465 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -187,6 +187,7 @@ Requires: python2-sssdconfig = %{version}-%{release}
### Build Dependencies ###
+BuildRequires: make
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705 Title: #705: KCM: Add configurable quotas jhrozek commented: """ Rebased and added the title for each test. @mzidek-rh said he would look at the test failures. """ See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-503557824 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
From 9fd1cce377766e4c56b9e7d86bcaaa7d15341e4c Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Fri, 5 Oct 2018 13:17:14 +0200
Subject: [PATCH 1/7] MAN: Get rid of sssd-secrets reference
Related:
https://pagure.io/SSSD/sssd/issue/3685
There were some stray references to the secrets responder in the
sssd-kcm manual page.
---
src/man/sssd-kcm.8.xml | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/man/sssd-kcm.8.xml b/src/man/sssd-kcm.8.xml
index fff8b0a16d..90b9ad09c2 100644
--- a/src/man/sssd-kcm.8.xml
+++ b/src/man/sssd-kcm.8.xml
@@ -58,11 +58,9 @@
-the SSSD implementation stores the ccaches in the SSSD
-
-sssd-secrets5
-
-secrets store, allowing the ccaches to survive KCM server restarts or machine reboots.
+the SSSD implementation stores the ccaches in a database,
+typically located at /var/lib/sss/secrets
+allowing the ccaches to survive KCM server restarts or machine reboots.
From bab75a992b3a6414f9ee26b4aae6a849291bdc8b Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Fri, 30 Nov 2018 13:15:58 +0100
Subject: [PATCH 2/7] MAN: Document that it is enough to systemctl restart
sssd-kcm.service lately
Related:
https://pagure.io/SSSD/sssd/issue/3862
We forgot to amend the man page after implementing the sssd-kcm service
reload.
---
src/man/sssd-kcm.8.xml | 17 +++--
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/src/man/sssd-kcm.8.xml b/src/man/sssd-kcm.8.xml
index 90b9ad09c2..4e4aaa38ea 100644
--- a/src/man/sssd-kcm.8.xml
+++ b/src/man/sssd-kcm.8.xml
@@ -162,12 +162,17 @@ systemctl restart sssd-kcm.service
CONFIGURATION OPTIONS
The KCM service is configured in the kcm
-section of the sssd.conf file. Please note that currently,
-is it not sufficient to restart the sssd-kcm service, because
-the sssd configuration is only parsed and read to an internal
-configuration database by the sssd service. Therefore you
-must restart the sssd service if you change anything in the
-kcm section of sssd.conf.
+section of the sssd.conf file. Please note that because
+the KCM service is typically socket-activated, it is
+enough to just restart the sssd-kcm service
+after changing options in the kcm section
+of sssd.conf:
+
+systemctl restart sssd-kcm.service
+
+
+
+The KCM service is configured in the kcm
For a detailed syntax reference, refer to the FILE FORMAT section of the
sssd.conf
From a2d07b864ca14efee37fecc421a73460fa55ebb4 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Mon, 26 Nov 2018 13:44:08 +0100
Subject: [PATCH 3/7] SECRETS: Use different option names from secrets and KCM
for quota options
Related:
https://pagure.io/SSSD/sssd/issue/3386
With the separate secrets responder, the quotas for the /secrets and
/kcm hives were configurable in a sub-section of the [secrets] sssd.conf
section using the same option -- the /secrets vs. /kcm distinction was
made using the subsection name.
With the standalone KCM responder writing directly to the database, it
makes sense to have options with more descriptive names better suitable
for the KCM usage. For that we need the options for secrets quotas and
kcm quotas to be named differently.
For now, the patch only passes the option name to sss_sec_get_quota()
and sss_sec_get_hive_config() together with the default value in an
instance of a new structure sss_sec_quota_opt. The secrets responder
still uses the same option names for backwards compatibility.
---
src/responder/secrets/secsrv.c | 70 ++
src/util/secrets/config.c | 40 +--
src/util/secrets/secrets.h | 21 ++
3 files changed, 88 insertions(+), 43 deletions(-)
diff --git a/src/responder/secrets/secsrv.c b/src/responder/secrets/secsrv.c
index 2de93dedc5..e783e231d3 100644
--- a/src/responder/secrets/secsrv.c
+++ b/src/responder/secrets/secsrv.c
@@ -47,6 +47,39 @@ static void adjust_global_quota(struct sec_ctx *sctx,
static int sec_get_config(struct sec_ctx *sctx)
{
int ret;
+struct sss_sec_quota_opt dfl_sec_nest_level = {
+.opt_name = CONFDB_SEC_CONTAINERS_NEST_LEVEL,
+.default_value = DEFAULT_SEC_CONTAINERS_NEST_LEVEL,
+};
+
[SSSD] [sssd PR#831][comment] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Title: #831: MAN: ldap_user_home_directory default missing mzidek-rh commented: """ Thanks. Ack. """ See the full comment at https://github.com/SSSD/sssd/pull/831#issuecomment-503467689 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#831][+Accepted] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Title: #831: MAN: ldap_user_home_directory default missing Label: +Accepted ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#831][comment] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Title: #831: MAN: ldap_user_home_directory default missing thalman commented: """ > Just a nitpick. Please also indicate that the homeDirectory is default for > IPA too, so that readers will not get confused done """ See the full comment at https://github.com/SSSD/sssd/pull/831#issuecomment-503467152 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#831][synchronized] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Author: thalman Title: #831: MAN: ldap_user_home_directory default missing Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/831/head:pr831 git checkout pr831 From 233be2f11d520a5f9c23212936ca0b0f360c7ccd Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Wed, 19 Jun 2019 10:15:30 +0200 Subject: [PATCH] MAN: ldap_user_home_directory default missing The default value of "ldap_user_home_directory" is "homeDirectory" but for AD provider it is "unixHomeDirectory" Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1673443 --- src/man/sssd-ldap.5.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index b6496b50f3..f0bc82db5f 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -373,7 +373,7 @@ home directory. -Default: homeDirectory +Default: homeDirectory (LDAP and IPA), unixHomeDirectory (AD) ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#831][comment] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Title: #831: MAN: ldap_user_home_directory default missing mzidek-rh commented: """ Just a nitpick. Please also indicate that the homeDirectory is default for IPA too, so that readers will not get confused. For example like this: ``` Default: homeDirectory (LDAP and IPA), unixHomeDirectory (AD) ``` """ See the full comment at https://github.com/SSSD/sssd/pull/831#issuecomment-503465322 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#831][opened] MAN: ldap_user_home_directory default missing
URL: https://github.com/SSSD/sssd/pull/831 Author: thalman Title: #831: MAN: ldap_user_home_directory default missing Action: opened PR body: """ The default value of "ldap_user_home_directory" is "homeDirectory" but for AD provider it is "unixHomeDirectory" Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1673443 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/831/head:pr831 git checkout pr831 From 44c1c34ba6d9680d79cd8f4117364c8a09bdcc82 Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Wed, 19 Jun 2019 10:15:30 +0200 Subject: [PATCH] MAN: ldap_user_home_directory default missing The default value of "ldap_user_home_directory" is "homeDirectory" but for AD provider it is "unixHomeDirectory" Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1673443 --- src/man/sssd-ldap.5.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index b6496b50f3..ed5232ae37 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -373,7 +373,7 @@ home directory. -Default: homeDirectory +Default: homeDirectory (LDAP), unixHomeDirectory (AD) ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
