When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close the pipe from its end.
https://fedorahosted.org/sssd/ticket/1569
From 98c8a6b92db2872083473b4ce0761bffc919e847 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Thu, 4 Oct 2012
On 10/10/2012 11:29 PM, Jakub Hrozek wrote:
On Tue, Oct 09, 2012 at 03:32:48PM +0200, Pavel Březina wrote:
On 10/09/2012 02:58 PM, Stephen Gallagher wrote:
On 10/09/2012 07:43 AM, Jakub Hrozek wrote:
On Tue, Oct 02, 2012 at 03:39:19PM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1551
This is only cure for the symptom. I created a ticket to track finding
the actual cause of it:
https://fedorahosted.org/sssd/ticket/1576
From de7a51bb66659e0ae69a01890fe36f918068387c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?=
The IPA has a defined directory tree structure that allows us to guess
the username from a DN without having to look up the DN in LDAP.
https://fedorahosted.org/sssd/ticket/1319
From f49283e5fa9af5b49f29f714ee96907af430d89f Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Thu,
On 10/09/2012 09:46 PM, Jakub Hrozek wrote:
Patch 3441d0c2d11aea0c39b009751a1898333c009674 that unified krb5 and ipa
configuration fixed the ticket https://fedorahosted.org/sssd/ticket/1526
pretty much by accident. The attached patch fixes that bug by only
adding the krb5 renewal initialization
On Thu, Oct 11, 2012 at 12:41:47AM +0200, Thorsten Scherf wrote:
From 79e768d2033cf1aba70dd5065fd49146158628f0 Mon Sep 17 00:00:00 2001
From: Thorsten Scherf tsch...@redhat.com
Date: Thu, 11 Oct 2012 00:35:54 +0200
Subject: [PATCH] Fixed: translation bug
---
po/de.po |2 +-
1 files
On Thu, Oct 11, 2012 at 11:56:28AM +0200, Sumit Bose wrote:
On Thu, Oct 11, 2012 at 12:41:47AM +0200, Thorsten Scherf wrote:
From 79e768d2033cf1aba70dd5065fd49146158628f0 Mon Sep 17 00:00:00 2001
From: Thorsten Scherf tsch...@redhat.com
Date: Thu, 11 Oct 2012 00:35:54 +0200
Subject:
On Thu, Oct 11, 2012 at 11:06:21AM +0200, Ondrej Kos wrote:
On 10/09/2012 09:46 PM, Jakub Hrozek wrote:
Patch 3441d0c2d11aea0c39b009751a1898333c009674 that unified krb5 and ipa
configuration fixed the ticket https://fedorahosted.org/sssd/ticket/1526
pretty much by accident. The attached patch
On Thu, Oct 11, 2012 at 07:38:36AM +0200, Ondrej Kos wrote:
On 10/10/2012 11:16 PM, Jakub Hrozek wrote:
I asked Deon to proof-read the krb5.conf manpage for us after the recent
changes and she just went ahead, fixed all the issues she found and even
provided a patch.
I just reformatted the
On Thu, Oct 11, 2012 at 10:29:43AM +0200, Pavel Březina wrote:
On 10/10/2012 11:29 PM, Jakub Hrozek wrote:
On Tue, Oct 09, 2012 at 03:32:48PM +0200, Pavel Březina wrote:
On 10/09/2012 02:58 PM, Stephen Gallagher wrote:
On 10/09/2012 07:43 AM, Jakub Hrozek wrote:
On Tue, Oct 02, 2012 at
On Thu, Oct 11, 2012 at 12:24:37PM +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 10:29:43AM +0200, Pavel Březina wrote:
On 10/10/2012 11:29 PM, Jakub Hrozek wrote:
On Tue, Oct 09, 2012 at 03:32:48PM +0200, Pavel Březina wrote:
On 10/09/2012 02:58 PM, Stephen Gallagher wrote:
On
On Thu, Oct 11, 2012 at 10:40:34AM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1551
This is only cure for the symptom. I created a ticket to track
finding the actual cause of it:
https://fedorahosted.org/sssd/ticket/1576
This is good enough given our current time
On Thu, Oct 11, 2012 at 12:31:10PM +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 10:40:34AM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1551
This is only cure for the symptom. I created a ticket to track
finding the actual cause of it:
Hi,
the attached patch splits the previously monolithic sssd package into
sssd-common that contains the deamon and the responders and per-provider
packages such as sssd-ldap or sssd-ipa.
This split would benefit two parties:
1) security auditors who are often trying to find the smallest
On Thu, Oct 11, 2012 at 10:00:15AM +0200, Jakub Hrozek wrote:
When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close the pipe from its end.
https://fedorahosted.org/sssd/ticket/1569
Patch looks good, I just wonder if pam_set_data() better should
On Wed, Oct 10, 2012 at 10:14:22PM +0200, Jakub Hrozek wrote:
The attached patch fixes the user-after-free crash I was seeing
occasionally.
https://fedorahosted.org/sssd/ticket/1571
The patch changes the subdomains discovery to use the tevent_req
style. Previously, the code violated
On Thu, Oct 11, 2012 at 01:28:03PM +0200, Sumit Bose wrote:
On Thu, Oct 11, 2012 at 10:00:15AM +0200, Jakub Hrozek wrote:
When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close the pipe from its end.
https://fedorahosted.org/sssd/ticket/1569
On Thu, Oct 11, 2012 at 01:35:49PM +0200, Sumit Bose wrote:
On Wed, Oct 10, 2012 at 10:14:22PM +0200, Jakub Hrozek wrote:
The attached patch fixes the user-after-free crash I was seeing
occasionally.
https://fedorahosted.org/sssd/ticket/1571
The patch changes the subdomains
https://fedorahosted.org/sssd/ticket/1359
This patch mostly silences some alignment related warnings reported by
clang, but also fixes some real alignment issues.
But not all warnings are suppressed in this patch. These cases still
generate warnings:
On Thu, Oct 11, 2012 at 01:37:49PM +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 01:28:03PM +0200, Sumit Bose wrote:
On Thu, Oct 11, 2012 at 10:00:15AM +0200, Jakub Hrozek wrote:
When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close the
On 10/09/2012 08:24 PM, Jakub Hrozek wrote:
Hi,
I noticed during the work on provider packaging that we still ship the
libsss_sudo.pc file and that we only ship the libsss_sudo.so library in
the -devel package. I think that's wrong. We might also want to move
libsss_sudo out of LDPATH in the
On 10/09/2012 07:15 PM, Jakub Hrozek wrote:
On Tue, Oct 02, 2012 at 10:53:54AM -0400, Stephen Gallagher wrote:
On 10/02/2012 09:32 AM, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1539
If the SSSD domain is running with SSSDBG_TRACE_ALL, then we also set
Kerberos tracing with
On Thu, 2012-10-11 at 10:00 +0200, Jakub Hrozek wrote:
From 98c8a6b92db2872083473b4ce0761bffc919e847 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Thu, 4 Oct 2012 19:08:08 +0200
Subject: [PATCH] PAM: close socket fd with pam_set_data
On Thu, 2012-10-11 at 13:14 +0200, Jakub Hrozek wrote:
Hi,
the attached patch splits the previously monolithic sssd package into
sssd-common that contains the deamon and the responders and
per-provider
packages such as sssd-ldap or sssd-ipa.
This split would benefit two parties:
On Thu, 2012-10-11 at 10:52 +0200, Jakub Hrozek wrote:
The IPA has a defined directory tree structure that allows us to guess
the username from a DN without having to look up the DN in LDAP.
Jakub,
it looks like you always take the shortcut in this case.
I am not comfortable with that, I'd
On Thu, 2012-10-11 at 13:40 +0200, Michal Židek wrote:
https://fedorahosted.org/sssd/ticket/1359
This patch mostly silences some alignment related warnings reported by
clang, but also fixes some real alignment issues.
But not all warnings are suppressed in this patch. These cases still
Hi,
those two patch fixes https://fedorahosted.org/sssd/ticket/1561 from the
sssd side. While testing I found that there is also a server side issue
which is tracked by https://fedorahosted.org/freeipa/ticket/3166 . As
long as the issue on the server is not solved this patch can be checked
by
On 10/11/2012 04:16 PM, Sumit Bose wrote:
Hi,
those two patch fixes https://fedorahosted.org/sssd/ticket/1561 from the
sssd side. While testing I found that there is also a server side issue
which is tracked by https://fedorahosted.org/freeipa/ticket/3166 . As
long as the issue on the server is
On Thu, Oct 11, 2012 at 09:44:46AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:52 +0200, Jakub Hrozek wrote:
The IPA has a defined directory tree structure that allows us to guess
the username from a DN without having to look up the DN in LDAP.
Jakub,
it looks like you always take
On Thu, 2012-10-11 at 19:47 +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 09:44:46AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:52 +0200, Jakub Hrozek wrote:
The IPA has a defined directory tree structure that allows us to guess
the username from a DN without having to look up
On Thu, Oct 11, 2012 at 09:30:29AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:00 +0200, Jakub Hrozek wrote:
From 98c8a6b92db2872083473b4ce0761bffc919e847 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Thu, 4 Oct 2012 19:08:08 +0200
Subject: [PATCH] PAM: close
On Thu, Oct 11, 2012 at 02:06:22PM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 19:47 +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 09:44:46AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:52 +0200, Jakub Hrozek wrote:
The IPA has a defined directory tree structure that allows
On 10/11/2012 03:53 PM, Simo Sorce wrote:
On Thu, 2012-10-11 at 13:40 +0200, Michal Židek wrote:
https://fedorahosted.org/sssd/ticket/1359
This patch mostly silences some alignment related warnings reported by
clang, but also fixes some real alignment issues.
But not all warnings are
On Thu, 2012-10-11 at 20:23 +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 09:30:29AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:00 +0200, Jakub Hrozek wrote:
From 98c8a6b92db2872083473b4ce0761bffc919e847 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date:
On Thu, 2012-10-11 at 20:25 +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 02:06:22PM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 19:47 +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 09:44:46AM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 10:52 +0200, Jakub Hrozek wrote:
On Thu, 2012-10-11 at 20:44 +0200, Michal Židek wrote:
Sorry Michael,
haven't really checked as carefully as I want but I think with this
patch you are changing the client protocol by changing one
alignemnt.
You can't do that, changes to the client protocol are not allowed.
Can you
On Thu, Oct 11, 2012 at 03:34:03PM -0400, Simo Sorce wrote:
On Thu, 2012-10-11 at 20:44 +0200, Michal Židek wrote:
Sorry Michael,
haven't really checked as carefully as I want but I think with this
patch you are changing the client protocol by changing one
alignemnt.
You can't do
37 matches
Mail list logo
