Hi,
On 2014-04-10 17:20, Jakub Hrozek wrote:
>
> our current HOWTO[1] on connecting SSSD to an AD DC is outdated,
> mostly because the page still only introduces the LDAP provider. Recently, me,
> Sumit and Jeremy Agee wrote a new page that specifically advises to use
> the AD provider and also u
Hi,
On 2014-04-17 13:18, Jakub Hrozek wrote:
> On Thu, Apr 17, 2014 at 09:05:42AM +0300, Marko Myllynen wrote:
>
>> - for completeness sake I'd add dns_lookup_kdc = true and master_kdc =
>> server.ad.example.com to the krb5.conf example
>
> I've added dns_lookup_kdc, but I'm not sure about maste
On Thu, Apr 17, 2014 at 03:38:33PM -0400, Simo Sorce wrote:
> On Thu, 2014-04-17 at 21:17 +0200, Jakub Hrozek wrote:
> > On Thu, Apr 17, 2014 at 01:39:23PM +0200, Pavel Reichl wrote:
> > > Hello,
> > >
> > > please see attached patch.
> > >
> > > Thanks.
> > >
> > > Pavel Reichl
> >
> > > From
On Thu, 2014-04-17 at 21:17 +0200, Jakub Hrozek wrote:
> On Thu, Apr 17, 2014 at 01:39:23PM +0200, Pavel Reichl wrote:
> > Hello,
> >
> > please see attached patch.
> >
> > Thanks.
> >
> > Pavel Reichl
>
> > From 92ba71350e7013c67718d4987da5afd4492615e7 Mon Sep 17 00:00:00 2001
> > From: Pavel
On Thu, Apr 17, 2014 at 01:39:23PM +0200, Pavel Reichl wrote:
> Hello,
>
> please see attached patch.
>
> Thanks.
>
> Pavel Reichl
> From 92ba71350e7013c67718d4987da5afd4492615e7 Mon Sep 17 00:00:00 2001
> From: Pavel Reichl
> Date: Thu, 17 Apr 2014 12:31:17 +
> Subject: [PATCH] KRB5: Go o
On Thu, Apr 17, 2014 at 07:25:09PM +0200, Lukas Slebodnik wrote:
> On (17/04/14 18:44), Pavel Reichl wrote:
> >Hello,
> >
> >attached patch is the first of many to solve
> >https://fedorahosted.org/sssd/ticket/1991
Thanks for doing this work, there's been many bugs over the years as a
result of i
yes, they are
- Original Message -
From: "Lukas Slebodnik"
To: "Development of the System Security Services Daemon"
Sent: Thursday, April 17, 2014 7:43:00 PM
Subject: Re: [SSSD] NSS: disable midpoint refresh for netgroups if ptask
refresh is enabled
On (26/02/14 18:35), Pavel Reichl w
On (17/04/14 10:21), Lukas Slebodnik wrote:
>ehlo,
>
>The attached patch fixes my use case. (sssd in container without tty)
>I am not sure whether other processes use stdin, therefore I disable monitorin
>of stdin only in main process.
>
>LS
Problem can be reproduced with changing service file
--
On (26/02/14 18:35), Pavel Reichl wrote:
>Hello,
>
>please see attached patches.
>
>patch #1 - disable midpoint refresh for netgroups if ptask refresh is
>enabled
>
>The rest of patches solves some minor problems that occurred while I
>was working on 1st patch:
>
>patch #2 - fixes sysdb_getnetgr t
On (17/04/14 18:44), Pavel Reichl wrote:
>Hello,
>
>attached patch is the first of many to solve
>https://fedorahosted.org/sssd/ticket/1991
>
>"The return codes of various sysdb operations differ. Some search
>operations would return ENOENT if they don't find a matching object some
>would return E
Hello,
while working on https://fedorahosted.org/sssd/ticket/2102 I noticed a
few minor problems regarding netgroups.
1st patch:
First check returned value then it is safe to access results.
2nd patch:
It is my opinion that function lookup_netgr_step is too long and can be
safely (with minimum
Hello,
attached patch is the first of many to solve
https://fedorahosted.org/sssd/ticket/1991
"The return codes of various sysdb operations differ. Some search
operations would return ENOENT if they don't find a matching object some
would return EOK but an empty result list."
I think it would b
On Tue, Apr 15, 2014 at 04:25:50PM +0200, Pavel Reichl wrote:
> Hello,
>
> some more generally useful logging messages are needed for that
> bugzilla.
>
> Patches for both master and 1.11 are attached.
>
> Thanks for review!
It would be nice to explain in the commit message why you used TRACE_L
On Wed, Apr 16, 2014 at 02:51:36PM +0200, Lukas Slebodnik wrote:
> >+if (handler_fn) {
> >+dbus_req = sbus_new_request(intf_p->conn, intf_p->intf, message);
> >+if (!dbus_req) {
> >+ret = ENOMEM;
> >+} else {
> >+dbus_req->method = method;
> //I c
On 03/20/2014 08:11 AM, Stef Walter wrote:
On 14.03.2014 23:00, Stef Walter wrote:
Here's the next set of DBus patches. This implements automatic packing
and unpacking of arguments for method handlers.
Rebased on master. Also the last patches had incorrectly generated files
due to a rebase.
S
On Thu, Apr 17, 2014 at 01:09:40PM +0200, Sumit Bose wrote:
> On Mon, Mar 10, 2014 at 12:43:59PM +0100, Lukas Slebodnik wrote:
> > On (10/03/14 12:31), Jakub Hrozek wrote:
> > >On Mon, Mar 10, 2014 at 07:30:40AM +0100, Lukas Slebodnik wrote:
> > >> Patch is attached.
> > >
> > >It is not :-)
> >
>
On Thu, Apr 17, 2014 at 01:53:03PM +0200, Pavel Březina wrote:
> On 04/16/2014 04:29 PM, Jakub Hrozek wrote:
> >Hi,
> >
> >I was working on a reusable request to split a raw name into
> >(name,domain) component instead of copying sss_parse_name_for_domains
> >along with subdomain refresh all around
On Thu, Apr 17, 2014 at 01:21:00PM +0200, Lukas Slebodnik wrote:
> On (17/04/14 05:08), Yassir Elley wrote:
> >In the sssd-ad man page, I noticed that the "ad_access_filter" config option
> >is labelled as "(boolean)", whereas it should be "(string)".
> >The attached patch fixes the issue.
> >
> >R
On Thu, Apr 17, 2014 at 01:38:27PM +0200, Lukas Slebodnik wrote:
> On (16/04/14 18:26), Nikolai Kondrashov wrote:
> >On 04/16/2014 02:24 PM, Nikolai Kondrashov wrote:
> >>>your patch reminds me another issue in Makefile.am
> >>>
> >>>Use the same ifdef around:
> >>> systemdconf_DATA += \
> >>>
On 04/16/2014 04:29 PM, Jakub Hrozek wrote:
Hi,
I was working on a reusable request to split a raw name into
(name,domain) component instead of copying sss_parse_name_for_domains
along with subdomain refresh all around the responder code and noticed
that the sss_parse_name_for_domains() code is
Hello,
please see attached patch.
Thanks.
Pavel Reichl
>From 92ba71350e7013c67718d4987da5afd4492615e7 Mon Sep 17 00:00:00 2001
From: Pavel Reichl
Date: Thu, 17 Apr 2014 12:31:17 +
Subject: [PATCH] KRB5: Go offline in case of generic error
Resolves:
https://fedorahosted.org/sssd/ticket/2313
On (16/04/14 18:26), Nikolai Kondrashov wrote:
>On 04/16/2014 02:24 PM, Nikolai Kondrashov wrote:
>>>your patch reminds me another issue in Makefile.am
>>>
>>>Use the same ifdef around:
>>> systemdconf_DATA += \
>>> src/sysv/systemd/journal.conf
>>>
>>>Because it does not make sense to
On (17/04/14 05:08), Yassir Elley wrote:
>In the sssd-ad man page, I noticed that the "ad_access_filter" config option
>is labelled as "(boolean)", whereas it should be "(string)".
>The attached patch fixes the issue.
>
>Regards,
>Yassir.
>From c0822ed6002f3bee3aa05ea28eef332a042ff24b Mon Sep 17 0
On Mon, Mar 10, 2014 at 12:43:59PM +0100, Lukas Slebodnik wrote:
> On (10/03/14 12:31), Jakub Hrozek wrote:
> >On Mon, Mar 10, 2014 at 07:30:40AM +0100, Lukas Slebodnik wrote:
> >> Patch is attached.
> >
> >It is not :-)
>
> I would bet I attached patch.
>
> LS
>
ACK
with this patch EXTRA_*_DE
On Thu, Apr 17, 2014 at 09:05:42AM +0300, Marko Myllynen wrote:
> Hi,
>
> On 2014-04-10 17:20, Jakub Hrozek wrote:
> >
> > our current HOWTO[1] on connecting SSSD to an AD DC is outdated,
> > mostly because the page still only introduces the LDAP provider. Recently,
> > me,
> > Sumit and Jeremy
On (17/04/14 10:44), Jakub Hrozek wrote:
>On Thu, Apr 17, 2014 at 11:06:16AM +0300, Nikolai Kondrashov wrote:
>> On 04/17/2014 02:29 AM, Lukas Slebodnik wrote:
>> >It does not make sense to argue.
>> >
>> >test-io was not ideal unit test and adding another workaroud(fix/hack) is
>> >not
>> >good.
Hi,
the attached patch adds checks that should "fix"
https://fedorahosted.org/sssd/ticket/2305 so that SSSD errors out
instead of crashing.
It's basically copy-and-paste of 5fe6ca5e339fd345119752e996c14edf8db57660
just in another code area. Because we were never able to reproduce the
crash and ne
In the sssd-ad man page, I noticed that the "ad_access_filter" config option is
labelled as "(boolean)", whereas it should be "(string)". The attached patch
fixes the issue.
Regards,
Yassir.From c0822ed6002f3bee3aa05ea28eef332a042ff24b Mon Sep 17 00:00:00 2001
From: Yassir Elley
Date: Thu, 17 A
On Thu, Apr 17, 2014 at 10:33:03AM +0200, Jakub Hrozek wrote:
> On Wed, Apr 16, 2014 at 03:43:53PM -0400, Simo Sorce wrote:
> > > Hello,
> > >
> > > patch addressing Simo's comments is attached.
> > >
> > > Thanks for review.
> >
> > LGTM
> >
> > Simo.
>
> Looks good to me, too, unit tests and
On Thu, Apr 17, 2014 at 11:06:16AM +0300, Nikolai Kondrashov wrote:
> On 04/17/2014 02:29 AM, Lukas Slebodnik wrote:
> >It does not make sense to argue.
> >
> >test-io was not ideal unit test and adding another workaroud(fix/hack) is not
> >good. I could sleep, but ...
> >
> >Patch is attached.
>
On Wed, Apr 16, 2014 at 03:43:53PM -0400, Simo Sorce wrote:
> > Hello,
> >
> > patch addressing Simo's comments is attached.
> >
> > Thanks for review.
>
> LGTM
>
> Simo.
Looks good to me, too, unit tests and basic manual smoke test passes.
___
sssd-
On Wed, Apr 16, 2014 at 03:20:41PM +0200, Pavel Reichl wrote:
> On Mon, 2014-04-14 at 16:32 +0200, Jakub Hrozek wrote:
> > On Wed, Apr 09, 2014 at 08:07:25PM +0200, Pavel Reichl wrote:
> > > On Mon, 2014-04-07 at 19:07 +0200, Jakub Hrozek wrote:
> > > > On Thu, Feb 27, 2014 at 05:15:00PM +0100, Pav
ehlo,
The attached patch fixes my use case. (sssd in container without tty)
I am not sure whether other processes use stdin, therefore I disable monitorin
of stdin only in main process.
LS
>From 47f1a4009e869e844f0edf1fb0fe749463e8d7cc Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik
Date: Thu, 17
On Wed, Apr 16, 2014 at 03:04:16PM +0200, Pavel Reichl wrote:
> On Mon, 2014-04-07 at 19:07 +0200, Jakub Hrozek wrote:
> [snip]
> > btw can we get into this situation where the refresh is on but a netgroup
> > is expired even without misconfiguration? For instance if a netgroup was
> > saved to the
On 04/17/2014 02:29 AM, Lukas Slebodnik wrote:
It does not make sense to argue.
test-io was not ideal unit test and adding another workaroud(fix/hack) is not
good. I could sleep, but ...
Patch is attached.
Thanks, Lukas. This fixes my problem.
Sincerely,
Nick
35 matches
Mail list logo
