On 12/02/2014 07:50 AM, Pavel Březina wrote:
On 11/30/2014 09:15 PM, Dmitri Pal wrote:
On 11/29/2014 08:38 PM, Dmitri Pal wrote:
Hello,
I have been working on an interface to modify configuration file (yes
alternative to augeas) as promised.
INI supports multi valued keys so the interface need
On Tue, Dec 02, 2014 at 10:45:04PM +0100, Jakub Hrozek wrote:
> > >Resolves:
> > >https://fedorahosted.org/sssd/ticket/1991
> > >---
> > ACK
> >
> > LS
>
> * master: c9eaf8c1e02c155b7ca7ffb2b1edade8a23ce1ff
btw if this is the last patch related to #1991, please close that
ticket.
Thanks!
__
On Tue, Dec 02, 2014 at 01:50:02PM +0100, Lukas Slebodnik wrote:
> On (02/12/14 13:17), Pavel Reichl wrote:
> >
> >On 12/02/2014 01:09 PM, Lukas Slebodnik wrote:
> >>On (01/12/14 13:49), Pavel Reichl wrote:
> >>>START_TEST (test_sysdb_attrs_to_list)
> >>>{
> >>> struct sysdb_attrs *attrs_list[3
On Tue, Dec 02, 2014 at 02:14:58PM +0100, Lukas Slebodnik wrote:
> http://sssd-ci.idm.lab.eng.brq.redhat.com:8080/job/ci/438/
>
> ACK
>
> LS
* master: eba68b29d934e6ba3879947ab002f1b0a2c24496
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.or
On Tue, Dec 02, 2014 at 10:35:50PM +0100, Jakub Hrozek wrote:
> On Tue, Dec 02, 2014 at 05:38:31PM +0100, Lukas Slebodnik wrote:
> > ehlo,
> >
> > simple patch is attached.
> >
> > LS
>
> ACK
* master: b6db8fe1d18bffd600899c8e02f4cea83d70e447
___
sssd
On Tue, Dec 02, 2014 at 05:38:31PM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> simple patch is attached.
>
> LS
ACK
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
On 12/02/2014 02:00 PM, Jakub Hrozek wrote:
On Tue, Dec 02, 2014 at 04:33:28PM +0100, Lukas Slebodnik wrote:
On (29/11/14 01:03), Dmitri Pal wrote:
On (19/11/14 18:02), Lukas Slebodnik wrote:
Firstly, I would like to appologize for late review.
Thanks for review!
Not a problem at all.
It is no
On Tue, Dec 02, 2014 at 09:12:25AM -0500, Nathaniel McCallum wrote:
> On Tue, 2014-12-02 at 10:22 +0100, Jakub Hrozek wrote:
> > On Mon, Dec 01, 2014 at 05:16:49PM -0500, Nathaniel McCallum wrote:
> > > On Mon, 2014-12-01 at 22:15 +0100, Jakub Hrozek wrote:
> > > > Hi,
> > > >
> > > > the attached
Found when working on unit tests for the child code. Some callers of
sss_atomic_write_s() would treat the return value as unsigned (size_t)
while the function can return -1 on error.
>From 6a9b28f4a45f0d7a9a058d664acab6c95f35c178 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Sat, 29 Nov 2014 2
Without relaxing the DEBUG message, a clean install of SSSD would print
a CRIT-level DEBUG message which is not what we want.
>From 6a93f95d6921a233f6575f8bc46af08796595df7 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Fri, 28 Nov 2014 19:56:27 +0100
Subject: [PATCH] KRB5: Relax DEBUG message
Hi,
a trivial patch, but the include made me go searching through the
ldap_child code for a place where we might use some PAM-related code :-)
>From 710b2124a7e2b8d9badde753c8f0cd5dcbb8e5ba Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Sat, 29 Nov 2014 10:10:07 +0100
Subject: [PATCH] LDAP: Re
On Tue, Dec 02, 2014 at 09:40:42PM +0100, Sumit Bose wrote:
> On Tue, Dec 02, 2014 at 02:54:42PM +0100, Jakub Hrozek wrote:
> > Hi,
> >
> > these patches depend on Sumit's "[PATCHES] ldap_child, krb5_child: copy
> > keytab and FAST ccache into memory".
> >
> > When applied, the FAST ccache is cre
Hi,
I would like to release sssd-1.9.7 by the end of this week and then
switch the LTS version to sssd-1-11 and proclaim the sssd-1-9 series
EOL.
Any objections? Any last call for the sssd-1-9 branch?
___
sssd-devel mailing list
sssd-devel@lists.fedorah
On Tue, Dec 02, 2014 at 02:54:42PM +0100, Jakub Hrozek wrote:
> Hi,
>
> these patches depend on Sumit's "[PATCHES] ldap_child, krb5_child: copy
> keytab and FAST ccache into memory".
>
> When applied, the FAST ccache is created as the SSSD so that no Kerberos
> networking code runs as the root us
On Tue, Dec 02, 2014 at 03:11:43PM +0100, Joschi Brauchle wrote:
> On 12/02/2014 12:30 PM, Pavel Reichl wrote:
> >
> >On 12/02/2014 11:42 AM, Jakub Hrozek wrote:
> >>On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
> >>>d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
> >>>d673bd397f1ed8239
On Tue, Dec 02, 2014 at 03:03:07PM +0100, Jakub Hrozek wrote:
> On Tue, Dec 02, 2014 at 01:05:03PM +0100, Sumit Bose wrote:
> > Hi,
> >
> > this is the follow-up of the POC patches I send earlier in the
> > krb5_child thread. I added unit tests and reordered the code in
> > krb5_child and ldap_chi
On Tue, Dec 02, 2014 at 04:33:28PM +0100, Lukas Slebodnik wrote:
> On (29/11/14 01:03), Dmitri Pal wrote:
> >>On (19/11/14 18:02), Lukas Slebodnik wrote:
> >>Firstly, I would like to appologize for late review.
> >
> >Thanks for review!
> >Not a problem at all.
> >It is not a high priority.
> >
> /
On (02/12/14 15:11), Joschi Brauchle wrote:
>On 12/02/2014 12:30 PM, Pavel Reichl wrote:
>>
>>On 12/02/2014 11:42 AM, Jakub Hrozek wrote:
>>>On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
d673bd397f1ed8239b36a5134bcd29914b11ae72
>>>
ehlo,
simple patch is attached.
LS
>From 68fa128137c23cfa12c0345bc608cc2058c01ca7 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik
Date: Tue, 2 Dec 2014 17:36:11 +0100
Subject: [PATCH] TOOLS: sss_debuglevel should worh with ifp responder
---
src/tools/sss_debuglevel.c | 3 ++-
1 file changed, 2
On (29/11/14 01:03), Dmitri Pal wrote:
>>On (19/11/14 18:02), Lukas Slebodnik wrote:
>>Firstly, I would like to appologize for late review.
>
>Thanks for review!
>Not a problem at all.
>It is not a high priority.
>
//snip
>
>New set is attached.
>
all issues were fixed.
There aren't any warnings
On Tue, Dec 02, 2014 at 03:11:43PM +0100, Joschi Brauchle wrote:
> On 12/02/2014 12:30 PM, Pavel Reichl wrote:
> >
> >On 12/02/2014 11:42 AM, Jakub Hrozek wrote:
> >>On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
> >>>d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
> >>>d673bd397f1ed8239
On 12/02/2014 12:30 PM, Pavel Reichl wrote:
On 12/02/2014 11:42 AM, Jakub Hrozek wrote:
On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
d673bd397f1ed8239b36a5134bcd29914b11ae72
fa3cdcff460d555f4a4905fb0a2d96be564fc599
Unfortunately the
On Tue, 2014-12-02 at 10:22 +0100, Jakub Hrozek wrote:
> On Mon, Dec 01, 2014 at 05:16:49PM -0500, Nathaniel McCallum wrote:
> > On Mon, 2014-12-01 at 22:15 +0100, Jakub Hrozek wrote:
> > > Hi,
> > >
> > > the attached patch fixes chpass for OTP users for me. I hope looking at
> > > the ipaUserAut
On Tue, Dec 02, 2014 at 01:05:03PM +0100, Sumit Bose wrote:
> Hi,
>
> this is the follow-up of the POC patches I send earlier in the
> krb5_child thread. I added unit tests and reordered the code in
> krb5_child and ldap_child a bit to make more clear until which point
> they run as root and at wh
Hi,
these patches depend on Sumit's "[PATCHES] ldap_child, krb5_child: copy
keytab and FAST ccache into memory".
When applied, the FAST ccache is created as the SSSD so that no Kerberos
networking code runs as the root user. In order to do that, the
krb5_child receives the SSSD user IDs as parame
On 12/02/2014 12:50 PM, Lukas Slebodnik wrote:
On (29/10/14 17:17), Pavel Reichl wrote:
Hello,
please see attached patch.
This patch is part of solution for
https://fedorahosted.org/sssd/ticket/1991
which aims to unify return values of sysdb calls in case no results are
found.
a) this patch
On (25/11/14 15:52), Pavel Reichl wrote:
>
>On 11/25/2014 03:48 PM, Pavel Reichl wrote:
>>
>>On 11/25/2014 03:38 PM, Lukas Slebodnik wrote:
>>>On (25/11/14 14:26), Pavel Reichl wrote:
On 11/19/2014 10:45 AM, Jakub Hrozek wrote:
Thanks.
From 649aae0d47299229f2afe51fa27e6c315d967ae1
On 11/30/2014 09:15 PM, Dmitri Pal wrote:
On 11/29/2014 08:38 PM, Dmitri Pal wrote:
Hello,
I have been working on an interface to modify configuration file (yes
alternative to augeas) as promised.
INI supports multi valued keys so the interface needs to be able to
manage duplicates.
The attach
On (02/12/14 13:17), Pavel Reichl wrote:
>
>On 12/02/2014 01:09 PM, Lukas Slebodnik wrote:
>>On (01/12/14 13:49), Pavel Reichl wrote:
>>>START_TEST (test_sysdb_attrs_to_list)
>>>{
>>> struct sysdb_attrs *attrs_list[3];
>>>@@ -4907,10 +4959,9 @@ START_TEST(test_sysdb_has_enumerated)
>>> fail
On (01/12/14 16:02), Pavel Reichl wrote:
>
>On 11/26/2014 01:36 PM, Lukas Slebodnik wrote:
>>On (25/11/14 17:31), Jakub Hrozek wrote:
>>>On Tue, Nov 25, 2014 at 04:39:02PM +0100, Lukas Slebodnik wrote:
On (25/11/14 15:52), Pavel Reichl wrote:
>On 11/25/2014 03:48 PM, Pavel Reichl wrote:
>>>
On 12/02/2014 01:09 PM, Lukas Slebodnik wrote:
On (01/12/14 13:49), Pavel Reichl wrote:
START_TEST (test_sysdb_attrs_to_list)
{
struct sysdb_attrs *attrs_list[3];
@@ -4907,10 +4959,9 @@ START_TEST(test_sysdb_has_enumerated)
fail_if(ret != EOK, "Could not set up the test");
ret =
On (01/12/14 13:49), Pavel Reichl wrote:
> START_TEST (test_sysdb_attrs_to_list)
> {
> struct sysdb_attrs *attrs_list[3];
>@@ -4907,10 +4959,9 @@ START_TEST(test_sysdb_has_enumerated)
> fail_if(ret != EOK, "Could not set up the test");
>
> ret = sysdb_has_enumerated(test_ctx->domain, &
Hi,
this is the follow-up of the POC patches I send earlier in the
krb5_child thread. I added unit tests and reordered the code in
krb5_child and ldap_child a bit to make more clear until which point
they run as root and at which point they drop privileged completely.
The first patch is unrelated
On (29/10/14 17:17), Pavel Reichl wrote:
>Hello,
>
>please see attached patch.
>
>This patch is part of solution for
>https://fedorahosted.org/sssd/ticket/1991
>which aims to unify return values of sysdb calls in case no results are
>found.
>
a) this patch cannot be applied on current master.
b) I
On 12/02/2014 11:42 AM, Jakub Hrozek wrote:
On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
d673bd397f1ed8239b36a5134bcd29914b11ae72
fa3cdcff460d555f4a4905fb0a2d96be564fc599
Unfortunately the last one does not apply successful to sssd 1
On (02/12/14 11:42), Jakub Hrozek wrote:
>On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
>> d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
>> d673bd397f1ed8239b36a5134bcd29914b11ae72
>> fa3cdcff460d555f4a4905fb0a2d96be564fc599
>>
>> Unfortunately the last one does not apply successful
ehlo,
With attached patch, selinuxusermap should apply to ipa user and ad user.
It should work with enabled and disabled use_fully_qualified_names.
I was testing with IPA in server mode.
It is good to remove sssd generated entries from "semanage login" after each
test.
LS
>From 40282cb0088625008
On Tue, Dec 02, 2014 at 11:38:30AM +0100, Jakub Hrozek wrote:
> On Thu, Nov 27, 2014 at 05:41:57PM +0100, Sumit Bose wrote:
> > Hi,
> >
> > this patchset makes the krb5 provider view-aware. All needed
> > functionality is in the 1st patch. 2nd makes sure the view data is only
> > update when there
On Wed, Oct 15, 2014 at 11:41:47PM +0200, Joschi Brauchle wrote:
> d413dd5d7d4affeae9fe4dfd2de4b2296ecaffcc
> d673bd397f1ed8239b36a5134bcd29914b11ae72
> fa3cdcff460d555f4a4905fb0a2d96be564fc599
>
> Unfortunately the last one does not apply successful to sssd 1.9.6, which is
> where my clumsy effor
On Mon, Nov 03, 2014 at 12:20:12PM +0100, Pavel Reichl wrote:
> Hello,
>
> please see attached patches.
>
> 1st patch adds unit test for sdap_nested_group_hash_group()
> 2nd patch refactors sdap_nested_group_hash_group()
>
> While working on the test I found what I think may be a bug in
> sdap_
On Thu, Nov 27, 2014 at 05:41:57PM +0100, Sumit Bose wrote:
> Hi,
>
> this patchset makes the krb5 provider view-aware. All needed
> functionality is in the 1st patch. 2nd makes sure the view data is only
> update when there is a change and the 3rd makes a check in the
> krb5_child more relaxed. T
On Tue, Dec 02, 2014 at 09:56:18AM +0100, Sumit Bose wrote:
> On Mon, Dec 01, 2014 at 10:23:01AM +0100, Lukas Slebodnik wrote:
> > ehlo,
> >
> > I found this problwm when I had problem with IPA <-> AD trust.
> >
> > Patch is attached.
> >
> > LS
>
> ACK
* master: 42bc7cb28858f8affa5bc7586f8d39
On Tue, Dec 02, 2014 at 10:22:38AM +0100, Jakub Hrozek wrote:
> I agree it would be ideal to keep around the creds for "kadmin/changepw"
> somehow to avoid calling the same code twice, but currently that's not
> possible, the krb5_child code is one-shot. In the next release, we could
> either chang
On Mon, Dec 01, 2014 at 05:16:49PM -0500, Nathaniel McCallum wrote:
> On Mon, 2014-12-01 at 22:15 +0100, Jakub Hrozek wrote:
> > Hi,
> >
> > the attached patch fixes chpass for OTP users for me. I hope looking at
> > the ipaUserAuthType attribute is acceptable.
> >
> > The attribute is undocument
On Mon, Dec 01, 2014 at 10:24:23AM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> another result of my IPA <-> AD trust issues.
>
> patch is attached.
>
> LS
> From 04f07630df690dcbddfa5e4db1cb19935cf6444e Mon Sep 17 00:00:00 2001
> From: Lukas Slebodnik
> Date: Fri, 28 Nov 2014 14:32:29 +0100
> Su
On Mon, Dec 01, 2014 at 10:23:01AM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> I found this problwm when I had problem with IPA <-> AD trust.
>
> Patch is attached.
>
> LS
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
htt
46 matches
Mail list logo
