[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-29 Thread pbrezina 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

pbrezina commented:
"""
Pushed PR: https://github.com/SSSD/sssd/pull/5283

* `master`
* 0b069085cc6cb472b6c8841a26107ee1d48222ee - Add dyndns_auth_ptr support

"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-700667271
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-29 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
> Do I understand it correctly that this patch fixes #5274? If yes, can you 
> please add:
> 
> ```
> Resolves: https://github.com/SSSD/sssd/issues/5274
> ```
> 
> to the commit message?

Done
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-70062
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-29 Thread pbrezina 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

pbrezina commented:
"""
Do I understand it correctly that this patch fixes 
https://github.com/SSSD/sssd/issues/5274? If yes, can you please add:

```
Resolves: https://github.com/SSSD/sssd/issues/5274?
```

to the commit message?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-700613044

___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-28 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

sumit-bose commented:
"""
Hi,

after some reading I tested this patch with the bind update policy `grant * 
tcp-self * PTR;` for the reverse zone. This allows a client with a matching IP 
address to update its own record without any special TSIG key. But so far I was 
not able to reject all other types of updates so in my test environment 
gss-tsig for the reverse zone worked as well, but by checking the logs on the 
client and server side I could see that gss-tsig was only used to update the 
entry for the forward zone while no keys where used to update the reverse zone.

Al least in my test setup I had to add

dyndns_force_tcp = True
dyndns_server = ipaserver75.rhel75.devel

besides `dyndns_auth_ptr = none` because the version of `nsupdate` I used was 
not able to automatically switch to TCP (required by bind to allow the update) 
and also didn't pick the right DNS server for the update of the reverse zone.

Nevertheless, all tests were working as expected, so ACK.

Thanks for your patience.

bye,
Sumit
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-699824497
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-15 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
> Hi,
> 
> I'm fine with the patch but I still would like to understand how to test this 
> behavior. Which settings do you need for your environment
> 
> ```
> dyndns_auth = none
> dyndns_auth_ptr = GSS-TSIG
> ```

Yes, that way. Still too much legacy EQ not speaking GSS-TSIG so only GSS-TSIG 
on RDNS
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-693211402
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-15 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

sumit-bose commented:
"""
Hi,

I'm fine with the patch but I still would like to understand how to test this 
behavior. Which settings do you need for your environment

dyndns_auth = none
dyndns_auth_ptr = GSS-TSIG

or the other way round?

bye,
Sumit
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-693202438
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-15 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
@sumit-bose , mind setting this PR in Reviewed status?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-692733807
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-07 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
I would really appreciate if this could be merged to master, then I can install 
sssd on a few more computers that uses master
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-688194108
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-01 Thread alexey-tikhonov 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

alexey-tikhonov commented:
"""
> > Is there any reason to have two patches instead squashing into single?
> 
> Just wanted to show what I changed, I can squash into one commit, NP

Thank you.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-685366334
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-01 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
> Hi,
> 
> thank you for the patch. Except a minor issue I'm fine with the patch.

Thanks
> 
> I wonder if you can give an example configuration how to configure a DNS 
> server for asymmetrical authentication so that the patch can be tested 
> properly.

I cannot, don't have access to these servers. Sorry

"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-685071593
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-01 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
> Is there any reason to have two patches instead squashing into single?

Just wanted to show what I changed, I can squash into one commit, NP
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-685070637
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-01 Thread alexey-tikhonov 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

alexey-tikhonov commented:
"""
Is there any reason to have two patches instead squashing into single?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-685037385
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-09-01 Thread sumit-bose 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

sumit-bose commented:
"""
Hi,

thank you for the patch. Except a minor issue I'm fine with the patch.

I wonder if you can give an example configuration how to configure a DNS server 
for asymmetrical authentication so that the patch can be tested properly.

bye,
Sumit
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-684703946
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-08-27 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
@sumit-bose , could you have a look at this PR?
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-681910420
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#5283][comment] Add dyndns_auth_ptr support

2020-08-19 Thread joakim-tjernlund 
  URL: https://github.com/SSSD/sssd/pull/5283
Title: #5283: Add dyndns_auth_ptr support

joakim-tjernlund commented:
"""
See issue https://github.com/SSSD/sssd/issues/5274
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/5283#issuecomment-675923680
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org