On Mon, 2009-11-16 at 18:38 -0500, Brian J. Murrell wrote:
>
> Does this patch do anything about not returning "x" in the password
> field of the passwd map
NM. I just saw the patch for #266. And commented on it.
b.
signature.asc
Description: This is a digitally signed message part
___
On Tue, 2009-11-17 at 01:01 +0100, Jakub Hrozek wrote:
> Per the discussion on sssd-devel list, nss_sss should not return a
> hardcoded value but this should rather be configurable to allow whatever
> the OS or distribution thinks is the best for the particular case.
I disagree with the nature of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[PATCH 1/2] Add Simo's ipachangeconf
This patch adds the ipachangeconf class from FreeIPA and packages it in
makefile and with python setuptools
[PATCH 2/2] Change the upgrade script to use ipachangeconf
With this patch, the upgrade script we use for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[PATCH 1/2] Add Simo's ipachangeconf
This patch adds the ipachangeconf class from FreeIPA and packages it in
makefile and with python setuptools
[PATCH 2/2] Change the upgrade script to use ipachangeconf
With this patch, the upgrade script we use for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Per the discussion on sssd-devel list, nss_sss should not return a
hardcoded value but this should rather be configurable to allow whatever
the OS or distribution thinks is the best for the particular case.
Fixes: #266
-BEGIN PGP SIGNATURE-
Ve
On Mon, 2009-11-16 at 14:06 +0100, Sumit Bose wrote:
> Hi,
>
> this patch should fix #279 by ignoring the shadow attributes by
> default.
Does this patch do anything about not returning "x" in the password
field of the passwd map if the shadow object class is not present in the
user's LDAP entry
This patch implements the use of the fail_over code under the control of
the data provider backend code. All providers share the same failover
structure and if they use the same service name, they also share the
same servers lists.
A set of callbacks is made available so that if a new resolution i
On Mon, 2009-11-16 at 17:08 +0100, Martin Nagy wrote:
> Simo Sorce wrote:
> > On Mon, 2009-11-16 at 08:46 +0100, Martin Nagy wrote:
> > > Simo Sorce wrote:
> > > > While working on a patch to use failover in the ldap driver I found a
> > > > few bugs and a few things I felt missing.
> > > >
> > >
On Mon, 2009-11-16 at 16:01 -0500, Stephen Gallagher wrote:
>
>
> When offline, we check at regular intervals to see if the backend
> has come back online. This means that every n seconds (the online
> check interval), NSS requests may lag as we attempt to go out to
> the remote server and update
On Mon, Nov 16, 2009 at 09:23:17AM -0500, Simo Sorce wrote:
> On Mon, 2009-11-16 at 14:06 +0100, Sumit Bose wrote:
> > Hi,
> >
> > this patch should fix #279 by ignoring the shadow attributes by
> > default.
>
> I was thinking about this and I think I don't want to go down this way.
> While autom
When offline, we check at regular intervals to see if the backend
has come back online. This means that every n seconds (the online
check interval), NSS requests may lag as we attempt to go out to
the remote server and update the cache.
With this patch, we will now always return the cached data wh
On Mon, 2009-11-16 at 11:42 -0500, Stephen Gallagher wrote:
> Patch 0001: Make the sysdb user and group names case-sensitive
> POSIX requires that usernames be case-sensitive. This will make the
> sysdb and cache compliant.
Nack, I don't see code to upgrade an existing database.
> Patch 0002: Add
Patch 0001: Make the sysdb user and group names case-sensitive
POSIX requires that usernames be case-sensitive. This will make the
sysdb and cache compliant.
Patch 0002: Add force_lowercase_names option for domains
Since POSIX usernames must be case-sensitive, but remote servers do not,
it is pos
Simo Sorce wrote:
> On Mon, 2009-11-16 at 08:46 +0100, Martin Nagy wrote:
> > Simo Sorce wrote:
> > > While working on a patch to use failover in the ldap driver I found a
> > > few bugs and a few things I felt missing.
> > >
> > > Attached a patch to fix bugs and add a function to get back a serv
On Mon, 2009-11-16 at 14:06 +0100, Sumit Bose wrote:
> Hi,
>
> this patch should fix #279 by ignoring the shadow attributes by
> default.
I was thinking about this and I think I don't want to go down this way.
While automatic discovery of the expiration attributes is nice, I think
it is an issue.
Hi,
this patch should fix #279 by ignoring the shadow attributes by
default.
bye,
Sumit
>From 8bcd2646e948a1f05b279196a4e6f4350aa5d5a9 Mon Sep 17 00:00:00 2001
From: Sumit Bose
Date: Mon, 16 Nov 2009 13:56:57 +0100
Subject: [PATCH] Ignore shadow attributes
---
server/man/sssd-ldap.5.xml
On Mon, 2009-11-16 at 08:46 +0100, Martin Nagy wrote:
> Simo Sorce wrote:
> > While working on a patch to use failover in the ldap driver I found a
> > few bugs and a few things I felt missing.
> >
> > Attached a patch to fix bugs and add a function to get back a server
> > name from a fo_server s
Hi,
with this patch the ipa_access target should be functional complete (if
I haven't forgotten something). It tries to resolve to group memberships
of the remote host and checks the hbac rule against them.
bye,
Sumit
>From bc9a15f8fa3bef050e26e2a4e71105ac38f55c0f Mon Sep 17 00:00:00 2001
From: S
18 matches
Mail list logo