On Tue, 2009-11-17 at 09:02 -0500, Simo Sorce wrote:
We don't support shadow maps so we never return shadow information
currently.
So you should _never_ return an x in the passwd map either then. It
doesn't even need a distro/site/admin configuration option. Simply
change the x that is
On Wed, 2009-11-18 at 11:15 -0500, Simo Sorce wrote:
It doesn't hurt to.
Agreed. Additional configurability is great, as long as reasonable
defaults are in place.
We may decide to make * the default though.
Seems this has been decided already, which is of course, excellent!
Cheers,
b.
On Mon, 2009-11-16 at 14:06 +0100, Sumit Bose wrote:
Hi,
this patch should fix #279 by ignoring the shadow attributes by
default.
Does this patch do anything about not returning x in the password
field of the passwd map if the shadow object class is not present in the
user's LDAP entry? Or
On Tue, 2009-11-17 at 01:01 +0100, Jakub Hrozek wrote:
Per the discussion on sssd-devel list, nss_sss should not return a
hardcoded value but this should rather be configurable to allow whatever
the OS or distribution thinks is the best for the particular case.
I disagree with the nature of
On Mon, 2009-11-16 at 18:38 -0500, Brian J. Murrell wrote:
Does this patch do anything about not returning x in the password
field of the passwd map
NM. I just saw the patch for #266. And commented on it.
b.
signature.asc
Description: This is a digitally signed message part
On Wed, 2009-11-11 at 19:03 -0500, Simo Sorce wrote:
I have tested this yesterday (with git master), if you set FILE:%
d/krb5cc_%U sssd will happily refresh the crdentials at screen unlock.
Ahhh. ~light bulb goes on~ I am finally coming around to what you are
saying. Wow. It's even more
On Wed, 2009-11-11 at 09:35 +0100, Sumit Bose wrote:
ah, sorry, I misinterpreted your original post. I thought a ccache file
wasn't created at all when using gnome-screensaver.
No, you didn't mis-interpret I don't think. Here's what happened:
1. Logged into gnome, got a ccache file
On Thu, 2009-11-05 at 16:27 -0500, Brian J. Murrell wrote:
I didn't see any response to the following. As far as I can see and
have explained this is still a problem. If you disagree, please present
your argument so that I can take it back to the pam_unix folks for their
consideration
On Mon, 2009-11-09 at 08:05 -0500, Stephen Gallagher wrote:
Sorry Brian, we discussed this off-list in #freeipa the other day.
Transcript included here for posterity.
OK...
==
07:51:45 AM) sgallagh: sbose: Unrelated: Do
On Mon, 2009-11-09 at 07:58 -0500, Stephen Gallagher wrote:
If you create an account at https://admin.fedoraproject.org/accounts you
will not be required to validate the captcha.
That's what site (including the https) I am at. Anyway, I seem to have
found one I could actually read.
Brian,
On Mon, 2009-11-09 at 15:13 +0100, Sumit Bose wrote:
This error indicates a short write.
Ahhh. Now that is meaningful to me. :-)
Can you check if a ccache file is
create at all and if yes check the content with klist?
I didn't realize it was the ccache it was complaining about and I
On Mon, 2009-11-09 at 08:59 -0500, Simo Sorce wrote:
If someone opens a bug for that, yes :-)
Done. https://fedorahosted.org/sssd/ticket/266
However keep in mind that I don't care much for what pam_unix does in
any pam target,
That's fair enough, but you have to respect what other pam
On Mon, 2009-11-09 at 15:47 +0100, Sumit Bose wrote:
yes, can you send the log files for the gnome-screensaver case ?
Sure. Nothing new in the krb5_child.log, however, sssd_pam.log:
(1257778320) [sssd[pam]] [accept_fd_handler] (4): Client connected!
(1257778320) [sssd[pam]]
On Mon, 2009-11-09 at 10:06 -0500, Stephen Gallagher wrote:
Please also attach sssd_KRB5.log. That is more likely to have the
relevant information.
Not at all I'm afraid.
The last timestamp I have in that file is 1257770543 and the last
timestamp of the gnome-screensaver use that I sent
On Sat, 2009-11-07 at 20:02 -0500, Simo Sorce wrote:
It should work, any chance you can check if this fails to work with
master as well ?
Master fails in a completely different way:
Nov 8 18:19:41 laptop login[17852]: pam_sss(login:auth): user info:
[Credentials cache I/O operation failed
[ Apologies if this winds up being a duplicate. I have tried to post
this a few times and not seen it distributed despite waiting
days. Probably getting lost somewhere. No worries. ]
On Tue, 2009-11-03 at 07:14 -0500, Stephen Gallagher wrote:
- From passwd(5):
If the encrypted password
I found I needed the following patch to build on Ubuntu Karmic:
+--- sssd-0.7.1.orig/server/Makefile.am
sssd-0.7.1/server/Makefile.am
+@@ -233,13 +233,13 @@
+ $(NSS_LIBS) \
+ libsss_crypt.la
+
+-TOOLS_LIBS = \
+-$(SSSD_LIBS)
+-
+ if BUILD_SELINUX
+-TOOLS_LIBS +=
On Tue, 2009-11-03 at 14:30 -0500, Stephen Gallagher wrote:
This is not a known issue. There should be no places in the SSSD where
we require the SELinux libraries except in the tools. Could you please
attach the build failures you see when building without the patch below?
Sure:
/bin/bash
On Tue, 2009-11-03 at 14:30 -0500, Stephen Gallagher wrote:
This is not a known issue. There should be no places in the SSSD where
we require the SELinux libraries except in the tools. Could you please
attach the build failures you see when building without the patch below?
Sure:
/bin/bash
19 matches
Mail list logo
