Re: [SSSD] [PATCH] MAN: Update case_sensitive=Preserving in man pages.

On 11/13/2014 08:34 PM, Michal Židek wrote: On 11/13/2014 07:43 PM, Jakub Hrozek wrote: On Wed, Nov 12, 2014 at 04:14:21PM +0100, Michal Židek wrote: Hello, some man page fixes. https://fedorahosted.org/sssd/ticket/2462 Michal From 77a40c49602cab00d3179bf266a01eddaf1f60de Mon Sep 17 00:0

Re: [SSSD] [PATCH] MAN: Update case_sensitive=Preserving in man pages.

On 11/13/2014 07:43 PM, Jakub Hrozek wrote: On Wed, Nov 12, 2014 at 04:14:21PM +0100, Michal Židek wrote: Hello, some man page fixes. https://fedorahosted.org/sssd/ticket/2462 Michal From 77a40c49602cab00d3179bf266a01eddaf1f60de Mon Sep 17 00:00:00 2001 From: Michal Zidek Date: Wed, 12 N

Re: [SSSD] [PATCH] MAN: Update case_sensitive=Preserving in man pages.

On Wed, Nov 12, 2014 at 04:14:21PM +0100, Michal Židek wrote: > Hello, > > some man page fixes. > > https://fedorahosted.org/sssd/ticket/2462 > > Michal > From 77a40c49602cab00d3179bf266a01eddaf1f60de Mon Sep 17 00:00:00 2001 > From: Michal Zidek > Date: Wed, 12 Nov 2014 15:47:11 +0100 > Subje

Re: [SSSD] [PATCH] MAN: Clarify usage of groups search base with tokengroups

On Wed, Nov 12, 2014 at 03:35:43PM +0100, Lukas Slebodnik wrote: > On (11/11/14 16:05), Dan Lavu wrote: > >I think this explains the feature better. > > > >From 0504e88c570f1f5a3957008041940c2be43a Mon Sep 17 00:00:00 2001 > >From: Dan Lavu > >Date: Tue, 11 Nov 2014 15:46:51 -0500 > >Subject:

Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

On Thu, Nov 13, 2014 at 07:27:04PM +0100, Jakub Hrozek wrote: > > New version is attached. I only changed that one line. > > > > Michal > > ACK * master: 22e074249928605a1d5b926274ae2efb1596bc73 38429c99bf5af14c2d6bae6ddcf70974fdd103cc ___ sssd

Re: [SSSD] [PATCH] Move ccache operations to krb5_child, allow the krb5_auth code to run unprivileged

On Wed, Nov 12, 2014 at 05:08:09PM +0100, Lukas Slebodnik wrote: > On (12/11/14 15:44), Jakub Hrozek wrote: > >On Wed, Nov 12, 2014 at 01:45:26PM +0100, Lukas Slebodnik wrote: > >> On (11/11/14 22:37), Jakub Hrozek wrote: > >> >On Tue, Nov 11, 2014 at 09:11:45PM +0100, Jakub Hrozek wrote: > >> >> O

Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

On Thu, Nov 13, 2014 at 07:00:02PM +0100, Michal Židek wrote: > On 11/13/2014 06:45 PM, Jakub Hrozek wrote: > >On Wed, Nov 12, 2014 at 02:53:00PM +0100, Michal Židek wrote: > >>On 11/11/2014 01:37 PM, Jakub Hrozek wrote: > >>>On Thu, Nov 06, 2014 at 07:48:20PM +0100, Michal Židek wrote: > On 11

Re: [SSSD] [PATCH] sysdb: add sysdb_search_object_by_uuid()

On (13/11/14 19:06), Pavel Reichl wrote: > >On 11/13/2014 06:57 PM, Jakub Hrozek wrote: >>On Thu, Nov 06, 2014 at 12:26:41PM +0100, Sumit Bose wrote: >>>Hi, >>> >>>this patch adds a new sysdb call which is needed to support overrides >>>for IPA users and groups. >>ACK except for some weird indentat

Re: [SSSD] [PATCH] sysdb: add sysdb_search_object_by_uuid()

On 11/13/2014 06:57 PM, Jakub Hrozek wrote: On Thu, Nov 06, 2014 at 12:26:41PM +0100, Sumit Bose wrote: Hi, this patch adds a new sysdb call which is needed to support overrides for IPA users and groups. ACK except for some weird indentation at the end of the unit test. I can fix that before

Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

On 11/13/2014 06:45 PM, Jakub Hrozek wrote: On Wed, Nov 12, 2014 at 02:53:00PM +0100, Michal Židek wrote: On 11/11/2014 01:37 PM, Jakub Hrozek wrote: On Thu, Nov 06, 2014 at 07:48:20PM +0100, Michal Židek wrote: On 11/06/2014 07:43 PM, Michal Židek wrote: On 11/05/2014 04:53 PM, Michal Židek

Re: [SSSD] [PATCH] sysdb: add sysdb_search_object_by_uuid()

On Thu, Nov 06, 2014 at 12:26:41PM +0100, Sumit Bose wrote: > Hi, > > this patch adds a new sysdb call which is needed to support overrides > for IPA users and groups. ACK except for some weird indentation at the end of the unit test. I can fix that before pushing. > > Pavel, I tried to make th

Re: [SSSD] [PATCH] proxy: Do not try to store same alias twice

On Wed, Nov 12, 2014 at 02:53:00PM +0100, Michal Židek wrote: > On 11/11/2014 01:37 PM, Jakub Hrozek wrote: > >On Thu, Nov 06, 2014 at 07:48:20PM +0100, Michal Židek wrote: > >>On 11/06/2014 07:43 PM, Michal Židek wrote: > >>>On 11/05/2014 04:53 PM, Michal Židek wrote: > I found this bug while

[SSSD] [PATCH] Man: debug_timestamps and debug_microseconds

Hi, man page update. Michal >From c798f096f4dc2439ff3876a39607bf8fae873a84 Mon Sep 17 00:00:00 2001 From: Michal Zidek Date: Thu, 13 Nov 2014 17:41:56 +0100 Subject: [PATCH] Man: debug_timestamps and debug_microseconds Add note that these two options are ignored if journald is used. --- src/m

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

I am on sssd 1.11.6 I seem to have gotten it to partially work at least for login. I mapped the gid attribute to something else and it worked for ssh login. It seems if I set the uid and gid to the same attribute it fails with : (Thu Nov 13 10:12:10 2014) [sssd[be[LDAP]]] [sdap_save_user] (0x

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

On Thu, Nov 13, 2014 at 03:29:32PM +, Nathan Robbins wrote: > sssd.conf: > > [domain/LDAP] > enumerate = False > cache_credentials = False > id_provider = ldap > auth_provider = ldap > ldap_uri = ldap://server:port > ldap_id_use_start_tls = True > ldap_tls_reqcert = allow > ldap_tls_cacertdir

Re: [SSSD] Design Discussion: Support for multiple D-Bus interfaces on single object path

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My opinion: I would suggest not exposing this concept/code struct outside of src/sbus/ Callers should just sbus_conn_add_interface(). If two interfaces have the same object path, it just works ... Internally when dispatching calls, the interface+path

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

sssd.conf: [domain/LDAP] enumerate = False cache_credentials = False id_provider = ldap auth_provider = ldap ldap_uri = ldap://server:port ldap_id_use_start_tls = True ldap_tls_reqcert = allow ldap_tls_cacertdir = /etc/openldap/cacerts ldap_search_base = ou=People,dc=,dc=,c=us ldap_default

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

I have enumerate = False I will post sssd.conf shortly when I return to the office shortly. - Reply message - From: "Jakub Hrozek" To: "sssd-devel@lists.fedorahosted.org" Subject: [SSSD] Removing uidNumberfrom SSSD Search Filter Date: Thu, Nov 13, 2014 9:15 AM On Thu, Nov 13, 2014 at 0

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

On Thu, Nov 13, 2014 at 03:04:44PM +, Nathan Robbins wrote: > Cool. I found that in the docs : ldap_user_uid_number and ldap_user_gid_number > > I set those to an attribute in my LDAP that has a numerical value, however, > still in the query sent to my ldap server, it has > (&(uidNumber=*)(!

Re: [SSSD] [PATCH] sss_client: Return a different error when sssd is not running

On Thu, 13 Nov 2014 10:44:45 +0100 Jakub Hrozek wrote: > On Wed, Nov 12, 2014 at 08:04:46PM -0500, Simo Sorce wrote: > > On Wed, 12 Nov 2014 16:36:00 +0100 > > Lukas Slebodnik wrote: > > > > > On (12/11/14 10:00), Simo Sorce wrote: > > > >I would create a helper function to be called on return

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

Cool. I found that in the docs : ldap_user_uid_number and ldap_user_gid_number I set those to an attribute in my LDAP that has a numerical value, however, still in the query sent to my ldap server, it has (&(uidNumber=*)(!(uidNumber=0)) in the query. Even if I set min_id = 0 This causes my LDA

Re: [SSSD] [PATCH] sss_client: Return a different error when sssd is not running

On (13/11/14 12:22), Jakub Hrozek wrote: >On Thu, Nov 13, 2014 at 11:17:15AM +0100, Lukas Slebodnik wrote: >> On (13/11/14 10:44), Jakub Hrozek wrote: >> >On Wed, Nov 12, 2014 at 08:04:46PM -0500, Simo Sorce wrote: >> >> On Wed, 12 Nov 2014 16:36:00 +0100 >> >> Lukas Slebodnik wrote: >> >> >> >>

Re: [SSSD] Design Discussion: Support for multiple D-Bus interfaces on single object path

CC-ing Stef On 11/11/2014 09:42 PM, Pavel Brezina wrote: - Original Message - From: "Jakub Hrozek" To: sssd-devel@lists.fedorahosted.org Sent: Tuesday, November 11, 2014 9:04:23 PM Subject: Re: [SSSD] Design Discussion: Support for multiple D-Bus interfaces on single object path On

Re: [SSSD] [PATCH] simple access provider - don't fail on non-existing objects

On 06/16/2014 05:38 PM, Pavel Reichl wrote: On Wed, 2014-06-04 at 19:49 +0200, Pavel Reichl wrote: On Wed, 2014-06-04 at 16:11 +0200, Jakub Hrozek wrote: On Wed, Jun 04, 2014 at 09:58:20AM +0200, Sumit Bose wrote: On Wed, Jun 04, 2014 at 08:42:21AM +0200, Jakub Hrozek wrote: On Tue, Jun 03,

Re: [SSSD] [PATCH] simple access provider - don't fail on non-existing objects

On 06/04/2014 07:49 PM, Pavel Reichl wrote: On Wed, 2014-06-04 at 16:11 +0200, Jakub Hrozek wrote: On Wed, Jun 04, 2014 at 09:58:20AM +0200, Sumit Bose wrote: On Wed, Jun 04, 2014 at 08:42:21AM +0200, Jakub Hrozek wrote: On Tue, Jun 03, 2014 at 04:22:51PM -0400, Simo Sorce wrote: On Tue, 201

Re: [SSSD] [PATCH] sss_client: Return a different error when sssd is not running

On Thu, Nov 13, 2014 at 11:17:15AM +0100, Lukas Slebodnik wrote: > On (13/11/14 10:44), Jakub Hrozek wrote: > >On Wed, Nov 12, 2014 at 08:04:46PM -0500, Simo Sorce wrote: > >> On Wed, 12 Nov 2014 16:36:00 +0100 > >> Lukas Slebodnik wrote: > >> > >> > On (12/11/14 10:00), Simo Sorce wrote: > >> >

Re: [SSSD] [PATCHES] IPA: check overrrides for IPA users as well

On Thu, Nov 13, 2014 at 11:46:43AM +0100, Lukas Slebodnik wrote: > On (12/11/14 21:39), Sumit Bose wrote: > >On Mon, Nov 10, 2014 at 03:17:04PM +0100, Sumit Bose wrote: > >> Hi, > >> > >> this patch-set should solve https://fedorahosted.org/sssd/ticket/2481 > >> "ID Views implementation does not s

Re: [SSSD] [PATCHES] IPA: check overrrides for IPA users as well

On (12/11/14 21:39), Sumit Bose wrote: >On Mon, Nov 10, 2014 at 03:17:04PM +0100, Sumit Bose wrote: >> Hi, >> >> this patch-set should solve https://fedorahosted.org/sssd/ticket/2481 >> "ID Views implementation does not support IPA user&group overrides". It >> depends on the already commit patches

Re: [SSSD] [PATCH] sss_client: Return a different error when sssd is not running

On (13/11/14 10:44), Jakub Hrozek wrote: >On Wed, Nov 12, 2014 at 08:04:46PM -0500, Simo Sorce wrote: >> On Wed, 12 Nov 2014 16:36:00 +0100 >> Lukas Slebodnik wrote: >> >> > On (12/11/14 10:00), Simo Sorce wrote: >> > >I would create a helper function to be called on return that >> > >transforms

Re: [SSSD] [PATCH] sss_client: Return a different error when sssd is not running

On Wed, Nov 12, 2014 at 08:04:46PM -0500, Simo Sorce wrote: > On Wed, 12 Nov 2014 16:36:00 +0100 > Lukas Slebodnik wrote: > > > On (12/11/14 10:00), Simo Sorce wrote: > > >I would create a helper function to be called on return that > > >transforms the error accordingly. This will allow to write

Re: [SSSD] Removing uidNumberfrom SSSD Search Filter

On Wed, Nov 12, 2014 at 08:15:49PM +, Nathan Robbins wrote: > I would like to try and accomplish a similar result with sssd, mainly in > order to get it functioning with samba. Is is possible for me to set it up > such that i build the local user account just like above, and then use sssd >