[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

On (08/03/16 18:21), Jakub Hrozek wrote: >On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: >> This allows configuration with id_provider = proxy >> and sudo_provider = ipa when someone needs to fetch >> rules for local users. > >> From a6f23fd5ab16d7903b8388d90eb3bb995c4426d0 Mon Sep

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

On (08/03/16 18:14), Jakub Hrozek wrote: >On Tue, Mar 08, 2016 at 09:34:29AM +0100, Lukas Slebodnik wrote: >> On (25/02/16 11:06), Jakub Hrozek wrote: >> >On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: >> >> On (24/02/16 16:43), Jakub Hrozek wrote: >> >> >We don't know the group n

[SSSD] Re: [PATCH] make async connect generic

On Tue, 2016-03-08 at 12:11 -0500, Simo Sorce wrote: > On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > > On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > > > Fixing everything else commented before. > > > > > > On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > > > > An

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: > This allows configuration with id_provider = proxy > and sudo_provider = ipa when someone needs to fetch > rules for local users. > From a6f23fd5ab16d7903b8388d90eb3bb995c4426d0 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Pavel=20B=C5

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

On Tue, Mar 08, 2016 at 09:34:29AM +0100, Lukas Slebodnik wrote: > On (25/02/16 11:06), Jakub Hrozek wrote: > >On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: > >> On (24/02/16 16:43), Jakub Hrozek wrote: > >> >We don't know the group name at that point yet, so better not print > >

[SSSD] Re: [PATCH] make async connect generic

On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > > Fixing everything else commented before. > > > > On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > > > And this is the question. The new code doesn't restore the flags, i

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

On 03/08/2016 05:09 PM, Pavel Reichl wrote: Hello Petr, I just run through the code and I have some code style suggestions, feel free to disagree :-). I will address some suggestions tomorrow. I am doing tests for sysdb_sudo_rules now. Thanks for comments. Petr On 03/08/2016 01:11 PM, Pe

[SSSD] [PATCH] pam_sss: reorder pam_message array

Hi, This patch fixes a 2FA issues observed with sudo. See commit message for details. bye, Sumit From 2c38adad7b527aceb4f9cb41c7d7b4c66d4580c9 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Mon, 7 Mar 2016 17:07:16 +0100 Subject: [PATCH] pam_sss: reorder pam_message array There are different e

[SSSD] Re: [PATCH] make async connect generic

On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > Fixing everything else commented before. > > On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > > And this is the question. The new code doesn't restore the flags, is > > this an intentional change? Do you know why we restored the

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

Hello Petr, I just run through the code and I have some code style suggestions, feel free to disagree :-). On 03/08/2016 01:11 PM, Petr Cech wrote: 0001-SYSDB-Add-new-funtions-into-sysdb_sudo.patch ... + +errno_t sysdb_search_sudo_rules(TALLOC_CTX *mem_ctx, +s

[SSSD] Re: [PATCH] make async connect generic

Fixing everything else commented before. On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > And this is the question. The new code doesn't restore the flags, is > this an intentional change? Do you know why we restored the flags > previously? Yes, it is an intentional change as restoring th

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

On 03/07/2016 01:53 PM, Pavel Březina wrote: On 03/07/2016 01:11 PM, Pavel Březina wrote: On 03/02/2016 05:04 PM, Petr Cech wrote: Hi all, attached two patches resolve [1]. This ticket has design page [2]. In my opinion it could be fine to have tests on sysdb_sudo. I have started write some,

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

On 03/07/2016 03:26 PM, Petr Cech wrote: On 03/07/2016 01:11 PM, Pavel Březina wrote: Hi, see comments inline. errno_t sysdb_search_sudo_rules(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sub_filter,

[SSSD] Re: [PATCH] NSS: Move a DEBUG message so that it's less confusing

On (04/03/16 12:14), Pavel Březina wrote: >On 03/04/2016 12:08 PM, Jakub Hrozek wrote: >>On Fri, Mar 04, 2016 at 11:56:03AM +0100, Pavel Reichl wrote: >>> >>> >>>On 03/04/2016 11:46 AM, Jakub Hrozek wrote: Hi, the attached patch would hopefully make analyzing of NSS logs files in a >>>

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

On 03/07/2016 03:57 PM, Petr Cech wrote: On 03/07/2016 01:53 PM, Pavel Březina wrote: On 03/07/2016 01:11 PM, Pavel Březina wrote: On 03/02/2016 05:04 PM, Petr Cech wrote: ret = sysdb_search_entry(mem_ctx, domain->sysdb, dn, LDB_SCOPE_SUBTREE, filter, attrs,

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

On (25/02/16 11:06), Jakub Hrozek wrote: >On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: >> On (24/02/16 16:43), Jakub Hrozek wrote: >> >We don't know the group name at that point yet, so better not print >> >"null" in the debug message.. >> >> >From ffdc00755a9fbaeb54f781956a002