> On Mon, Apr 02, 2012 at 10:07:00AM +0200, Jan Zeleny wrote:
> > > > #0011
> > > > New ID-related config options for subdomains, these have to be
> > > > present because IPA provider doesn't provide these values and
> > > > defaults need to be implemented. Having defaults on the responder
> > > >
On Wed, Apr 04, 2012 at 09:08:11AM +0200, Jan Zelený wrote:
> > On Mon, Apr 02, 2012 at 10:07:00AM +0200, Jan Zeleny wrote:
> > > > > #0011
> > > > > New ID-related config options for subdomains, these have to be
> > > > > present because IPA provider doesn't provide these values and
> > > > > defa
There were many places where we were printing (null) to the logs
because a NULL keytab name tells libkrb5 to use its configured
default instead of a particular path. This patch should clean up
all uses of this to print "default" in the logs.
Fixes https://fedorahosted.org/sssd/ticket/1288
From 614
> On Wed, Apr 04, 2012 at 09:08:11AM +0200, Jan Zelený wrote:
> > > On Mon, Apr 02, 2012 at 10:07:00AM +0200, Jan Zeleny wrote:
> > > > > > #0011
> > > > > > New ID-related config options for subdomains, these have to be
> > > > > > present because IPA provider doesn't provide these values and
> >
On Wed, Apr 04, 2012 at 06:39:11AM -0700, Stephen Gallagher wrote:
> There were many places where we were printing (null) to the logs
> because a NULL keytab name tells libkrb5 to use its configured
> default instead of a particular path. This patch should clean up
> all uses of this to print "defa
First of all I have never thought of the in-memory cache as a
performance issue (we are only sorting them), but as a nice way to
handle rules expiration.
I will try to explain why the sysdb is not enough in this case.
Because it is a security issue, when user runs SUDO, we want to always
go to a
This is related to #1288. One of the "(null)"s actually revealed a real
bug that I will send a patch for separately.
From 7405777384ecf070fac7a8480fde4257ff9c7fdb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Tue, 3 Apr 2012 18:42:43 -0400
Subject: [PATCH] Prevent printing NULL from DEBUG mess
We were calling sdap_auth_send unconditionally even if no bind DN was
specified.
From 40a78d76f6b90abaf58ccae9f10e6512b7bddd59 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Wed, 4 Apr 2012 22:08:31 +0200
Subject: [PATCH] Do not call sdap_auth if not needed
---
src/providers/ldap/sdap_async_c
On Wed, 2012-04-04 at 19:52 +0200, Pavel Březina wrote:
> First of all I have never thought of the in-memory cache as a
> performance issue (we are only sorting them), but as a nice way to
> handle rules expiration.
>
> I will try to explain why the sysdb is not enough in this case.
>
> Because i
On Wed, 2012-04-04 at 17:15 -0400, Jakub Hrozek wrote:
> +if (!state->do_auth ||
> +(sasl_mech == NULL && user_dn == NULL)) {
> +DEBUG(SSSDBG_TRACE_LIBS,
> + ("No authentication requested or GSSAPI auth forced off
> \n"));
change GSSAPI -> SASL
Simo.
--
Simo So
10 matches
Mail list logo