On Thu, Sep 21, 2017 at 01:15:00PM +0200, Lukas Slebodnik wrote:
> On (12/09/17 15:45), Lukas Slebodnik wrote:
> >ehlo,
> >
> >I realized that it might be better to discuss it here rather then in
> >pull requests because it seems to be related to two different commits.
> >
> >I will describe a
On Thu, Sep 21, 2017 at 01:04:04PM +0200, Lukas Slebodnik wrote:
> On (19/09/17 20:50), Jakub Hrozek wrote:
> >Hi,
> >
> >Timo mentioned last week on IRC that he would appreciate if we released
> >1.13.5.
> >
> >Does anyone have some patches to merge in sss
Hi,
Timo mentioned last week on IRC that he would appreciate if we released
1.13.5.
Does anyone have some patches to merge in sssd-1-13 or can we release
the tarball?
I know there are some pending PRs with backports and some patches for RHEL-6
bugs were proposed in bugzilla.redhat.com, but
On Wed, Aug 23, 2017 at 04:13:07PM +0200, Michal Židek wrote:
> On 08/23/2017 03:26 PM, Jakub Hrozek wrote:
> > On Tue, Aug 22, 2017 at 03:21:14PM +0200, Michal Židek wrote:
> > > On 08/22/2017 12:31 PM, Jakub Hrozek wrote:
> > > > On Tue, Aug 22, 2017 at 11:40:
Hi,
I'm afraid I got a little stuck looking into upstream ticket
https://pagure.io/SSSD/sssd/issue/3465
The reporter is seeing sssd memory usage increasing on RHEL-6 and
RHEL-7. There is a valgrind log from RHEL-6 attached to the ticket which
does show some leaks, the three biggest ones are:
Hi,
I've got a PR opened for some time that I would really like to merge for
the next version:
https://github.com/SSSD/sssd/pull/225 - SECRETS: Apply separate
quotas for cn=secrets and cn=kcm
It's been through several passes of a review already, so I think it
would be easy to add the
On Tue, Aug 22, 2017 at 03:21:14PM +0200, Michal Židek wrote:
> On 08/22/2017 12:31 PM, Jakub Hrozek wrote:
> > On Tue, Aug 22, 2017 at 11:40:39AM +0200, Michal Židek wrote:
> > > On 08/22/2017 11:21 AM, Michal Židek wrote:
> > > > On 08/21/2017 02:27 PM, Jakub Hro
On Tue, Aug 22, 2017 at 11:40:39AM +0200, Michal Židek wrote:
> On 08/22/2017 11:21 AM, Michal Židek wrote:
> > On 08/21/2017 02:27 PM, Jakub Hrozek wrote:
> > > Hi Michal and sssd-devel,
> > >
> > > one of the RFEs that keeps coming up for SSSD is to pro
On Tue, Aug 22, 2017 at 11:21:43AM +0200, Michal Židek wrote:
> On 08/21/2017 02:27 PM, Jakub Hrozek wrote:
> > Hi Michal and sssd-devel,
> >
> > one of the RFEs that keeps coming up for SSSD is to provide a sort of an
> > 'attestation report' for SSSD. Mostly the re
On Tue, Aug 22, 2017 at 09:19:54AM +0200, Lukas Slebodnik wrote:
> On (21/08/17 21:04), Jakub Hrozek wrote:
> >Hi,
> >
> >1.15.4 will be released by the end of this months in a time-based
> >fashion. But obviously, the milestone is too big, so we need to decide
>
Hi Michal and sssd-devel,
one of the RFEs that keeps coming up for SSSD is to provide a sort of an
'attestation report' for SSSD. Mostly the request is about printing who
can access this client machine.
I know that we fetch all the HBAC rules for a client with the IPA
provider, but Michal, you
> On 8 Aug 2017, at 16:51, Fabiano Fidêncio wrote:
>
> People,
>
> There's a test, part of our internal CI, recurrently failing in the
> past few weeks:
>
> === FAILURES
> ===
> _
On Tue, Aug 01, 2017 at 06:52:41PM -, smfre...@gmail.com wrote:
> In one of our test domains, we noticed that the short name of the domain was
> not being returned by "adcli info" (it is visible in the output of "net rpc
> info" though and it is clearly configured in Windows and can be seen
On Fri, Jul 21, 2017 at 04:39:59PM +0530, amit kumar wrote:
> Dear Devels,
>
> The requirement I understand is to move files used by both
> client(sss_client) & server to some special directory may be src/shared?
> I believe these are common files used by both server &
> client(sss_client) Hence
On Tue, Jul 25, 2017 at 12:50:20PM +0200, Lukas Slebodnik wrote:
> On (25/07/17 12:30), Jakub Hrozek wrote:
> >On Tue, Jul 25, 2017 at 12:02:06PM +0200, Lukas Slebodnik wrote:
> >> On (25/07/17 11:10), Jakub Hrozek wrote:
> >> >On Tue, Jul 25, 2017 at 08:39:59A
On Tue, Jul 25, 2017 at 12:02:06PM +0200, Lukas Slebodnik wrote:
> On (25/07/17 11:10), Jakub Hrozek wrote:
> >On Tue, Jul 25, 2017 at 08:39:59AM +0200, Lukas Slebodnik wrote:
> >> On (24/07/17 18:34), Jakub Hrozek wrote:
> >> >Hi,
> >> >
> >>
On Tue, Jul 25, 2017 at 08:39:59AM +0200, Lukas Slebodnik wrote:
> On (24/07/17 18:34), Jakub Hrozek wrote:
> >Hi,
> >
> >I would really like to release 1.15.3 soon (like, today, at worst
> >tomorrow if we can't merge PR #328 and #331 today). The release notes
> >a
Hi,
I would really like to release 1.15.3 soon (like, today, at worst
tomorrow if we can't merge PR #328 and #331 today). The release notes
are here:
https://pagure.io/fork/jhrozek/SSSD/docs
You can either clone the repo and run 'make html' or, for your
convenience, I'm pasting the
On Fri, Jul 14, 2017 at 09:05:01PM +0300, Alexander Bokovoy wrote:
> On pe, 14 heinä 2017, smfre...@gmail.com wrote:
> > Noticed sssd service won't start on one of our RHEL 7.3 systems. Only
> > obvious difference between working and failing systems (both joined
> > same way to samba domain) was
at would allow viewing of all memberOf
> attributes.
>
> > On ti, 27 kesä 2017, Jakub Hrozek wrote:
> > > There were requests to implement authentication over the D-bus
> > > interface
> > > in the past and we were quite reluctant to them, but IIRC that was
> > >
On Tue, Jun 27, 2017 at 11:40:37AM +0100, Howard Johnson wrote:
> In Ipsilon, we recently (OK, about a year ago) added an authorisation stack.
> This allows us to control, Ipsilon-side, which users are permitted to log
> into which service providers. Our authorisation plugin functions are
>
On Wed, May 31, 2017 at 02:21:42PM +0200, Lukas Slebodnik wrote:
> On (31/05/17 10:59), Jakub Hrozek wrote:
> >We could do one thing that Simo proposed some time ago which is to not
> >cache the KRB5CCNAME at all if it only contains 'predictable'
> >components.
> >
&
On Wed, May 31, 2017 at 10:31:38AM +0200, Lukas Slebodnik wrote:
> ehlo,
>
> I had a discussion with QEs and realized that sssd need to be restarted
> if default_ccache_name is changed in krb5 configuration files.
>
> The reason is that we cache the value but do not refresh it.
>
On Wed, May 10, 2017 at 04:13:28PM -0400, Justin Stephenson wrote:
> On 05/10/2017 04:12 AM, Jakub Hrozek wrote:
> > On Tue, May 09, 2017 at 09:36:45AM -0400, Justin Stephenson wrote:
> > > Hello, I wanted to check if anyone has objections or concerns with moving
> > >
On Tue, May 09, 2017 at 09:36:45AM -0400, Justin Stephenson wrote:
> Hello, I wanted to check if anyone has objections or concerns with moving
> existing code for sss_cache and sss_debuglevel into sssctl for ticket #3057
> - Merge existing command line tools into sssctl.
>
> The deprecated tools
On Tue, Apr 18, 2017 at 12:09:51PM -0400, Justin Stephenson wrote:
> Hello,
>
> I was working on a fix for BZ # 1433835(IPA clients fails to retrieve groups
> with @-sign in the group name in an IPA-AD trust setup) where the patch at
> the end of this email seems to work well parsing a
On Tue, Apr 18, 2017 at 06:35:53PM +0200, Lukas Slebodnik wrote:
> On (30/03/17 21:22), Jakub Hrozek wrote:
> >Hi,
> >
> >would anyone complain if I just push converted content from fedorahosted
> >to the docs repo w/o review as long as there are no changes OR the
>
Hi,
as we're migrating the wiki pages from the old fedorahosted wiki to
pagure, I would like to make sure two people are not working on the same
wiki page.
I'm thinking about just filing a bunch of issues over at
https://pagure.io/SSSD/docs/issues for the most important pages. Anyone
working on
On Fri, Apr 14, 2017 at 08:10:35PM -, zac...@temple.edu wrote:
> Hi list,
>
> This is more of a feature request, and I don't know if this is the right
> venue to ask. If not, kindly direct me to the proper place.
>
> The sssd configuration separates identity, authentication, and access
>
On Fri, Apr 07, 2017 at 12:56:56PM +0200, Michal Židek wrote:
> On 04/07/2017 08:51 AM, Jakub Hrozek wrote:
> > On Mon, Jan 16, 2017 at 03:35:11PM +0100, Michal Židek wrote:
> > > Hi,
> > >
> > > I started working on the design page for subdomain
> > >
On Thu, Oct 06, 2016 at 12:49:30PM +0200, Sumit Bose wrote:
> Hi,
>
> I've started to write a SSSD design page about enhancing the current
> mapping of certificates to users and how to select/match a suitable
> certificate if multiple certificates are on a Smartcard.
>
> My currently thoughts
On Mon, Jan 16, 2017 at 03:35:11PM +0100, Michal Židek wrote:
> Hi,
>
> I started working on the design page for subdomain
> configuration in server mode. It is located here:
> https://fedorahosted.org/sssd/wiki/DesignDocs/SubdomConf
>
> The implementation details and how to debug sections will
On Tue, Nov 22, 2016 at 08:51:10AM +0100, Jakub Hrozek wrote:
> Hi,
>
> I was working on a KCM server for SSSD for some time already in parallel
> with the files provider and had some discussions with Simo as well. Of
> course my intent wasn't to implement a feature secretly w
On Wed, Apr 05, 2017 at 02:19:20PM +0200, Michal Židek wrote:
> Hello!
>
> When I create a [domain/IPADOMAIN] section and then use the ipa_domain
> option to use ipadomain.test as a domain name (instead of IPADOMAIN) then
> SSSD is not able to connect to the ipadomain.test properly.
>
> I wonder
On Tue, Mar 28, 2017 at 04:18:24PM +0200, Jakub Hrozek wrote:
> On Tue, Mar 14, 2017 at 06:25:39AM -0400, Simo Sorce wrote:
> > On Mon, 2017-03-06 at 14:49 +0100, Jakub Hrozek wrote:
> > > [sssd]
> > > > domains = ap
On Fri, Mar 31, 2017 at 03:43:23PM +0200, Lukas Slebodnik wrote:
> And if somebody prepare POC with rendering htmls with PR on github
> then we can mirror repo there.
This is not a blocker to mirroring.
___
sssd-devel mailing list --
On Fri, Mar 31, 2017 at 11:50:15AM +0200, Lukas Slebodnik wrote:
> On (31/03/17 11:00), Pavel Březina wrote:
> >On 03/31/2017 10:35 AM, Lukas Slebodnik wrote:
> >> On (30/03/17 21:18), Jakub Hrozek wrote:
> >> > Hi,
> >> >
> >> > I'd
On Thu, Mar 30, 2017 at 09:18:39PM +0200, Jakub Hrozek wrote:
> Hi,
>
> I'd like to remove https://github.com/SSSD/gh-mailinglist-notifications
> -- we're not currently using it, but we're rather using Martin Basti's
> mail notifier.
Deleted
_
On Fri, Mar 31, 2017 at 10:55:29AM +0200, Sumit Bose wrote:
> On Fri, Mar 31, 2017 at 10:35:20AM +0200, Lukas Slebodnik wrote:
> > On (30/03/17 21:18), Jakub Hrozek wrote:
> > >Hi,
> > >
> > >I'd like to remove https://github.com/SSSD/gh-mailinglist-notificatio
On Fri, Mar 31, 2017 at 10:53:03AM +0200, Lukas Slebodnik wrote:
> On (30/03/17 21:22), Jakub Hrozek wrote:
> >Hi,
> >
> >would anyone complain if I just push converted content from fedorahosted
> >to the docs repo w/o review as long as there are no changes OR the
>
Hi,
would anyone complain if I just push converted content from fedorahosted
to the docs repo w/o review as long as there are no changes OR the
changes are just alingnment of 1.15 design documents with the actual
implementation?
As 1.15 is making its way to downstreams, there are people
On Wed, Mar 22, 2017 at 05:39:52PM +0100, Michaël Van de Borne wrote:
> Hi all,
>
> So I have 2 Centos7 hosts, with same sssd and nsswitch configs.
> One does find the users in IPA, and the other doesn't.
> Looks like the Data Provider is offline.
> I sent the SIGUSR2 signal to sssd which is
Hi,
I'd like to remove https://github.com/SSSD/gh-mailinglist-notifications
-- we're not currently using it, but we're rather using Martin Basti's
mail notifier.
At the same time, I'd like to add a mirror of
https://pagure.io/SSSD/docs to github in order to follow the same
process for both docs
nto a new tevent request
* CACHE_REQ: Check the caches first
* NSS: Don't set SocketUser/SocketGroup as "sssd" in sssd-nss.socket
* NSS: Ensure the NSS socket is started before any other services' sockets
* NSS: Don't call chown on NSS service's ExecStartPre
* Ig
On Wed, Mar 15, 2017 at 04:52:18PM +0100, Sumit Bose wrote:
> > * The SSSD D-Bus interface gained two new methods:
> >``FindByNameAndCertificate`` and ``ListByCertificate``. These methods
> > will
> >be used primarily by IPA to correctly match multple users who use the
>
On Wed, Mar 15, 2017 at 04:27:26PM +0100, Fabiano Fidêncio wrote:
> > * Several issues related to socket-activating the NSS service, especially
> >if SSSD was configured to use a non-privileged user were fixed. The NSS
> >service now starts as root to avoid triggering a name-service
Hi,
I prepared release notes for today's release. They are written in
anticipation that PR#186 with the subdomain config will be merged.
The RST I pushed to the sssd/docs repo is below:
SSSD 1.15.2
===
Highlights
--
* It is now possible to configure certain parameters of a
On Wed, Mar 08, 2017 at 10:45:32AM +0100, Pavel Březina wrote:
> On 03/07/2017 03:11 PM, Jakub Hrozek wrote:
> > On Tue, Mar 07, 2017 at 02:31:27PM +0100, Pavel Březina wrote:
> > > On 03/07/2017 01:33 PM, Jakub Hrozek wrote:
> > > > On Tue, Mar 07, 2017 at 01:18:3
On Tue, Mar 07, 2017 at 02:31:27PM +0100, Pavel Březina wrote:
> On 03/07/2017 01:33 PM, Jakub Hrozek wrote:
> > On Tue, Mar 07, 2017 at 01:18:36PM +0100, Pavel Březina wrote:
> > > On 03/07/2017 01:16 PM, Pavel Březina wrote:
> > > > On 03/06/2017 02:49 PM, Ja
On Tue, Mar 07, 2017 at 01:18:36PM +0100, Pavel Březina wrote:
> On 03/07/2017 01:16 PM, Pavel Březina wrote:
> > On 03/06/2017 02:49 PM, Jakub Hrozek wrote:
> > > Hi,
> > >
> > > I prepared a design page for a new feature about fetching and
> > > au
On Tue, Mar 07, 2017 at 01:16:00PM +0100, Pavel Březina wrote:
> On 03/06/2017 02:49 PM, Jakub Hrozek wrote:
> > Hi,
> >
> > I prepared a design page for a new feature about fetching and
> > authenticating non-POSIX users:
> > https://docs.
ng the domain type must be added to the ``cache_req``
code. Then, the regular method of issuing a request and watching the logs
should work. Expiring the cache and using the qualified names is recommeded.
Authors
---
* Sumit Bose
* Jakub Hrozek
* Simo Sorce
___
On Mon, Mar 06, 2017 at 10:34:45AM +0100, Pavel Březina wrote:
> On 03/04/2017 07:50 PM, Jakub Hrozek wrote:
> > SSSD 1.15.1
> > ===
> >
> > The SSSD team is proud to announce the release of version 1.15.1 of the
> > System Security Services Daemon.
&
m initgroups lookups
* TESTS: Adapt pam-srv-tests to deal with cache_req related changes
* Jakub Hrozek (42):
* Updating the version to track the 1.15.1 release
* AD: Use ad_domain to match forest root domain, not the configured domain
from sssd.conf
* SUDO: Only store lowercased
On Fri, Mar 03, 2017 at 05:33:10PM +0100, Lukas Slebodnik wrote:
> On (03/03/17 14:21), Fabiano Fidêncio wrote:
> >On Fri, Mar 3, 2017 at 1:07 PM, Jakub Hrozek <jhro...@redhat.com> wrote:
> >> Hi,
> >>
> >> I prepared the release notes for the upcom
On Fri, Mar 03, 2017 at 12:50:11PM +0100, Fabiano Fidêncio wrote:
> On Fri, Mar 3, 2017 at 9:57 AM, Jakub Hrozek <jhro...@redhat.com> wrote:
> > Hi,
> >
> > I started on migrating the wiki content from fedorahosted to pagure.
> > Because we are working hard o
Hi,
I prepared the release notes for the upcoming 1.15.1 release. You can
view them in your browser:
https://docs.pagure.org/jhrozek-doctest/users/releases/notes_1_15_1.html
Or read the inline RST text. Comments welcome!
SSSD 1.15.1
===
Highlights
--
* Several issues
On Fri, Mar 03, 2017 at 10:14:41AM +0100, Pavel Březina wrote:
> On 03/03/2017 09:57 AM, Jakub Hrozek wrote:
> > Hi,
> >
> > I started on migrating the wiki content from fedorahosted to pagure.
> > Because we are working hard on finishing the 1.15.1 and 1.15.2 releases,
Hi,
I started on migrating the wiki content from fedorahosted to pagure.
Because we are working hard on finishing the 1.15.1 and 1.15.2 releases,
I want to only migrate the content that we need right now, which is the
releases page (so that we can put the release notes somewhere) and
design pages
Hi,
because fedorahosted.org was sunset:
https://lwn.net/Articles/711887/
we have migrated the SSSD project hosting to pagure.io:
https://pagure.io/SSSD/sssd
Currently we are in a bit of a flux in the sense that the git repo has
been migrated:
https://pagure.io/SSSD/sssd.git
And the
Hi,
since fedorahosted.org is going down and we're migrating the sssd
project to pagure.io, I've removed permissions in trac from anyone who
wasn't TRAC_ADMIN previously.
Lukas will send more details about the migration soon..
___
sssd-devel mailing
Hi,
are there any SSSD users who actively use a configuration with:
id_provider=local ?
If so, what is your use-case?
We're considering deprecating and eventually removing this provider
upstream. The replacemant for id_provider=local would be id_provider=files:
On Thu, Feb 09, 2017 at 09:50:18PM +0100, Victor Tapia wrote:
> >> I've been testing a scenario with a time shift of an hour to the past,
> >> and even though the watchdog detects the shift and restarts, the
> >> scheduled events are still stuck until the time passes.
> >
> >What kind of scheduled
On Thu, Feb 09, 2017 at 05:55:57PM +0100, Victor Tapia wrote:
> Hi list,
>
> I've been testing a scenario with a time shift of an hour to the past,
> and even though the watchdog detects the shift and restarts, the
> scheduled events are still stuck until the time passes.
What kind of scheduled
On Thu, Feb 02, 2017 at 01:43:55PM +0100, Lukas Slebodnik wrote:
> On (02/02/17 11:36), Jakub Hrozek wrote:
> >On Wed, Jan 11, 2017 at 06:52:32PM +0100, Lukas Slebodnik wrote:
> >> On (11/01/17 16:31), Jakub Hrozek wrote:
> >> >* https://fedorahosted.org/sssd/tick
On Thu, Feb 02, 2017 at 12:30:16PM +0100, Michal Židek wrote:
> > > >* https://fedorahosted.org/sssd/ticket/3208 - Need detailed
> > > > information
> > > >about config-check option
> > > > - what is this ticket about? Do we need it? I suggest we just close
> > > > it
> > > >
> > >
On Thu, Jan 12, 2017 at 05:02:26PM +0100, Lukas Slebodnik wrote:
> On (12/01/17 15:29), Petr Cech wrote:
> >On 01/12/2017 02:02 PM, Pavel Březina wrote:
> >> > >
> >> > > * https://fedorahosted.org/sssd/ticket/3113 - Please move
> >> > > sudo_timed option to sssd-sudo man page
> >> > > -
On Wed, Jan 11, 2017 at 06:52:32PM +0100, Lukas Slebodnik wrote:
> On (11/01/17 16:31), Jakub Hrozek wrote:
> >Hi,
> >
> >despite new development happening in the sssd-1-15 branch (aka master),
> >there are still too many tickets in the 1.14.3 milestone. The tic
Thank you for writing up and sending the notes to the list so that
everyone can follow!
On Mon, Jan 30, 2017 at 03:31:32PM +0100, Fabiano Fidêncio wrote:
> Last Thursday we had a face to face discussion about how
> socket-activate services could refresh the confdb before starting.
I'm a bit
ward Guo (1):
* sss_client: Defer thread cancellation until completion of nss/pam
operations
Jakub Hrozek (16):
* Updating the version for the 1.14.3 development
* Updating the version to track sssd-1-15 development
* SYSDB: Split sysdb_try_to_find_expected_dn()
On Wed, Jan 25, 2017 at 10:32:46AM +0100, Pavel Březina wrote:
> On 01/24/2017 11:48 PM, Jakub Hrozek wrote:
> > Hi,
> >
> > It would be beneficial to release an upstream tarball in order to get
> > the latest upstream code to Debian testing. I wrote up the release no
Hi,
It would be beneficial to release an upstream tarball in order to get
the latest upstream code to Debian testing. I wrote up the release notes
page:
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.15.0
and unless there is no push-back, I will tag and release the tarball
tomorrow (Wed
On Mon, Jan 16, 2017 at 03:35:11PM +0100, Michal Židek wrote:
> Hi,
>
> I started working on the design page for subdomain
> configuration in server mode. It is located here:
> https://fedorahosted.org/sssd/wiki/DesignDocs/SubdomConf
>
> The implementation details and how to debug sections will
Hi,
despite new development happening in the sssd-1-15 branch (aka master),
there are still too many tickets in the 1.14.3 milestone. The tickets
should be moved out to current milestones unless someone is really
working on them.
These are:
* https://fedorahosted.org/sssd/ticket/3063 - add
Hi,
there was a customer complaining about fail over not reconnecting as
fast with sssd-1-13 as it did with sssd-1-14. The issue they were seeing
was that if sssd was offline, but the server came back up, it still took
sssd the full offline timeout cycle to attempt to reconnect, even though
we
On Tue, Jan 10, 2017 at 10:12:37PM +0100, Fabiano Fidêncio wrote:
> On Mon, Jan 9, 2017 at 11:51 AM, Jakub Hrozek <jhro...@redhat.com> wrote:
> > On Sun, Jan 08, 2017 at 09:58:22PM +0100, Fabiano Fidêncio wrote:
> >> I've been working on rhbz#1401241
> >> (https:/
On Mon, Jan 09, 2017 at 01:25:48PM +0100, Pavel Březina wrote:
> On 01/08/2017 09:44 PM, Fabiano Fidêncio wrote:
> > People,
> >
> > Recently I've faced some issues when testing the socket-activation
> > working running as sssd-user, which will force me to take a different
> > path for a few
On Sun, Jan 08, 2017 at 09:58:22PM +0100, Fabiano Fidêncio wrote:
> I've been working on rhbz#1401241
> (https://bugzilla.redhat.com/show_bug.cgi?id=1401241) and I'd like to
> clarify some doubts that showed up.
>
> So, let's consider that there's a group called "foo" and user "user"
> is part of
This patch is OK, but only for sssd-1-14. In master, we already fall back to
parsing the name string as short name if parsing the qualified name fails. I’m
not thrilled about that, because it can conceal legitimate errors, but it’s
needed atm to use cache_req everywhere.
So yeah, ack to this
On Tue, Jan 03, 2017 at 04:46:25PM +0100, Michal Židek wrote:
> Hi,
>
> for IPA provider, we plan to add the ability to configure
> trusted domains (currently AD domains) in a similar way the
> main domain is configured in sssd.conf.
>
> If ipadomain.test is the main IPA domain and addomain.test
Hi,
the NSS responder refactoring was merged, the socket activation patches
are going to be merged soon, so here's a question:
- is it OK to release a tarball when the socket activation patches
are merged? Or do we want to merge something else?
- should we call the release 1.15
On Tue, Dec 06, 2016 at 12:19:00PM +0100, Michal Židek wrote:
> On 12/06/2016 11:56 AM, Jakub Hrozek wrote:
> > Hi,
> >
> > I checked the 1.14 backlog milestone. I think most of the tickets can be
> > just moved to "Future releases" except for a couple where
On Thu, Dec 15, 2016 at 09:56:33AM +0100, Jakub Hrozek wrote:
> On Wed, Dec 14, 2016 at 03:20:16PM -0800, David Michael wrote:
> > ---
> >
> > Hi,
> >
> > I've encountered build failures when compiling with a different --host
> > triplet. The krb5-config
On Wed, Dec 14, 2016 at 03:20:16PM -0800, David Michael wrote:
> ---
>
> Hi,
>
> I've encountered build failures when compiling with a different --host
> triplet. The krb5-config command would use /usr/bin/krb5-config instead
> of the host-prefixed version for that target. Using AC_PATH_TOOL
Hi,
I checked the 1.14 backlog milestone. I think most of the tickets can be
just moved to "Future releases" except for a couple where I was quite
confident the ticket can be just closed (and I just closed them), except
for these:
https://fedorahosted.org/sssd/ticket/1400 - [RFE] In memory
On Thu, Dec 01, 2016 at 03:59:37PM +0100, Fabiano Fidêncio wrote:
> On Thu, Dec 1, 2016 at 3:46 PM, Simo Sorce wrote:
> > On Thu, 2016-12-01 at 15:22 +0100, Pavel Březina wrote:
> >> On 12/01/2016 02:56 PM, Simo Sorce wrote:
> >> > On Thu, 2016-12-01 at 14:44 +0100, Pavel Březina
On Tue, Nov 22, 2016 at 09:49:52AM -0500, Stephen Gallagher wrote:
> On 11/22/2016 09:38 AM, Simo Sorce wrote:
> > On Tue, 2016-11-22 at 09:23 -0500, Stephen Gallagher wrote:
>
> >> OK, so the service is only semi-socket-activated? If we're keeping tevent
> >> timers
> >> around for renewals and
;lsleb...@redhat.com>
> >> wrote:
> >>> On (28/11/16 11:27), Jakub Hrozek wrote:
> >>>>On Mon, Nov 28, 2016 at 10:57:44AM +0100, Pavel Březina wrote:
> >>>>> On 11/28/2016 10:47 AM, Jakub Hrozek wrote:
> >>>>> > On Thu, N
On Tue, Nov 29, 2016 at 11:48:31AM +0100, Lukas Slebodnik wrote:
> On (29/11/16 11:03), Jakub Hrozek wrote:
> >On Tue, Nov 29, 2016 at 10:50:31AM +0100, Lukas Slebodnik wrote:
> >> On (29/11/16 10:27), Jakub Hrozek wrote:
> >> >On Tue, Nov 29, 2016 at 10:01:58A
On Tue, Nov 29, 2016 at 10:50:31AM +0100, Lukas Slebodnik wrote:
> On (29/11/16 10:27), Jakub Hrozek wrote:
> >On Tue, Nov 29, 2016 at 10:01:58AM +0100, Lukas Slebodnik wrote:
> >> On (28/11/16 11:27), Jakub Hrozek wrote:
> >> >On Mon, Nov 28, 2016 at 10:57:4
On Tue, Nov 29, 2016 at 10:24:03AM +0100, Fabiano Fidêncio wrote:
> On Tue, Nov 29, 2016 at 10:01 AM, Lukas Slebodnik <lsleb...@redhat.com> wrote:
> > On (28/11/16 11:27), Jakub Hrozek wrote:
> >>On Mon, Nov 28, 2016 at 10:57:44AM +0100, Pavel Březina wrote:
> >&g
On Tue, Nov 29, 2016 at 10:01:58AM +0100, Lukas Slebodnik wrote:
> On (28/11/16 11:27), Jakub Hrozek wrote:
> >On Mon, Nov 28, 2016 at 10:57:44AM +0100, Pavel Březina wrote:
> >> On 11/28/2016 10:47 AM, Jakub Hrozek wrote:
> >> > On Thu, Nov 24, 2016 at 02:33:04PM
On Mon, Nov 28, 2016 at 10:57:44AM +0100, Pavel Březina wrote:
> On 11/28/2016 10:47 AM, Jakub Hrozek wrote:
> > On Thu, Nov 24, 2016 at 02:33:04PM +0100, Fabiano Fidêncio wrote:
> > > The design page is done [0] and it's based on this discussion [1] we
> > > had on
On Thu, Nov 24, 2016 at 02:33:04PM +0100, Fabiano Fidêncio wrote:
> The design page is done [0] and it's based on this discussion [1] we
> had on this very same mailing list. A pull-request with the
> implementation is already opened [2].
>
> [0]:
Hi,
I closed quite a few invalid tickets in the patches welcome milestone
today. I also walked through the 'future releases' milestone and created
two new reports, one for tickets I would like to move to 'patches
welcome':
https://fedorahosted.org/sssd/report/36
and one for tickets which I
On Thu, Nov 17, 2016 at 12:23:24PM +0100, Jakub Hrozek wrote:
> Hi,
>
> as we're planning what exactly are we going to work on in the next release
> and also preparing to move away from fedorahosted, I think it makes sense
> to clean up our Trac. The intent is to make our trac be
On Tue, Nov 22, 2016 at 09:23:22AM -0500, Stephen Gallagher wrote:
> Some thoughts inline:
>
> On 11/22/2016 02:51 AM, Jakub Hrozek wrote:
>
> ...
>
> > === Implementation details ===
> > A new SSSD responder will be added. Since accessing the Kerberos credenti
debugging the setup, the admin might also inspect the SSSD secrets
database (if permissable by SELinux policy) to see what credential caches
have been stored by the SSSD.
=== Authors ===
* Jakub Hrozek <jhro...@redhat.com>
* Simo Sorce <s...@redhat.com>
_
er of NSS modules back to read `files sss`.
=== Authors ===
* Stephen Gallagher <sgall...@redhat.com>
* Jakub Hrozek <jhro...@redhat.com>
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
On Mon, Nov 21, 2016 at 03:34:49PM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> FYI: There are failing integration tests on rawhide
>
> test_secrets.py::test_containers FAILED
> >
>
101 - 200 of 7424 matches
Mail list logo