On Mon, Jun 06, 2016 at 06:24:53PM +0300, Nikolai Kondrashov wrote:
> On 06/06/2016 06:20 PM, Sumit Bose wrote:
> > On Mon, Jun 06, 2016 at 04:24:35PM +0300, Nikolai Kondrashov wrote:
> > > Hi everyone,
> > >
> > > After a little discussion with Dmitri and Sumit we decided that we'll need
> > >
On Fri, Jun 03, 2016 at 05:55:24PM +0200, Lukas Slebodnik wrote:
> On (03/06/16 09:07), Stephen Gallagher wrote:
> >On 05/13/2016 10:29 AM, Lukas Slebodnik wrote:
> >> On (11/05/16 17:35), Lukas Slebodnik wrote:
> >>> On (10/05/16 17:06), Jakub Hrozek wrote:
> &
On Wed, Jun 01, 2016 at 06:31:29PM +0200, Sumit Bose wrote:
> Hi,
>
> that attached two patches would allow to use the Smartcard support in
> gdm with SSSD. To use it you should replace pam_pkcs11 in
> /etc/pam.d/smartcard-auth in the auth section by
>
> authsufficient
On Wed, Jun 01, 2016 at 11:58:45AM +0200, Pavel Březina wrote:
> SSIA
> From 2101e03fa59fec3f834b48256a287f456662d7c2 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Pavel=20B=C5=99ezina?=
> Date: Wed, 1 Jun 2016 11:57:53 +0200
> Subject: [PATCH] sudo man page: say that we
On Fri, Jun 03, 2016 at 02:56:08PM +0200, Jakub Hrozek wrote:
> On Fri, May 20, 2016 at 09:13:29PM +0200, Sumit Bose wrote:
> > Hi,
> >
> > this set of patches should resolve
> > https://fedorahosted.org/sssd/ticket/2897 "Smart Cards: Certificate in
> > the
On Fri, Jun 03, 2016 at 09:07:57AM -0400, Stephen Gallagher wrote:
> On 05/13/2016 09:07 AM, Stephen Gallagher wrote:
> > Polkit is an authorization mechanism of its own (similar to sudo). SSSD
> > doesn't
> > need to apply additional authorization decisions atop it, so we'll just
> > accept
> >
On Fri, Jun 03, 2016 at 02:38:01PM +0200, Fabiano Fidêncio wrote:
> On Fri, Jun 3, 2016 at 2:32 PM, Lukas Slebodnik wrote:
> > On (03/06/16 09:38), Sumit Bose wrote:
> >>On Fri, Jun 03, 2016 at 08:22:10AM +0200, Petr Cech wrote:
> >>> bump
> >>
> >>obvious ACK, just waiting
On Fri, May 20, 2016 at 09:13:29PM +0200, Sumit Bose wrote:
> Hi,
>
> this set of patches should resolve
> https://fedorahosted.org/sssd/ticket/2897 "Smart Cards: Certificate in
> the ID View" and cover all other use cases from
>
On Mon, May 09, 2016 at 10:04:37AM +0200, Jakub Hrozek wrote:
> Hi,
>
> the attached patches are the first self-contained part of my performance
> work. Using them, I analyzed the performance of 'id' as the worst-case,
> then realized most of the issues are around processing an
On Wed, May 18, 2016 at 10:29:37AM +0200, Pavel Březina wrote:
> On 05/17/2016 03:11 PM, Jakub Hrozek wrote:
> > On Wed, May 11, 2016 at 11:58:11AM +0200, Jakub Hrozek wrote:
> > > Hi,
> > >
> > > the attached patch implements Sumit's idea to solve
> > &
On Fri, May 27, 2016 at 11:54:20AM +0200, Pavel Březina wrote:
> See commit message for details.
>
> Two configurations needs to be tested -- a domain with
> use_fully_qualified_name = true and configuration with IPA-AD trusts where
> default_domain_suffix is set to AD domain.
> From
On Fri, May 27, 2016 at 10:58:23AM +0200, Petr Cech wrote:
> On 05/19/2016 10:17 PM, Jakub Hrozek wrote:
> > Hi,
> >
> > the attached two patches fix issues with handling of pipes towards our
> > child processes. The first patch is more important as the leak occurs
&
On Fri, May 27, 2016 at 07:41:51AM +0200, Petr Cech wrote:
> On 05/27/2016 07:19 AM, Petr Cech wrote:
> > Hi Fabiano,
> >
> > thanks for patch set.
> >
> > The first version passed CI tests. The second version looks good to me,
> > I will finally ack your patch set after second run of CI tests.
On Mon, May 30, 2016 at 03:49:43PM +0200, Sumit Bose wrote:
> Hi,
>
> please find the SSSD design page for the Authentication Indicator
> (http://www.freeipa.org/page/V4/Authentication_Indicators) related changes on
> the SSSD side tracked by https://fedorahosted.org/sssd/ticket/2988 at
>
Sure, file an upstream ticket or a downstream bug. But I don't think this is in
scope of the next release.
> On 30 May 2016, at 18:06, Arpit Tolani wrote:
>
> Hello
>
> Some of my customers are asking if we have a command line option to dump
> information of all SSSD
On Mon, May 30, 2016 at 10:42:13AM +0200, Pavel Březina wrote:
> On 05/27/2016 04:32 PM, Petr Cech wrote:
> > Hi,
> >
> > I have new version of this patch set.
> > I fixed CI tests on debian [1]. My thanks belongs to Lukas and Nikolai.
> >
> >
> > [1]
On Thu, May 26, 2016 at 04:18:32PM +0200, Fabiano Fidêncio wrote:
> Please, see the attached patches.
Hey Fabiano,
Thank you for the patches!
I admit I haven't tested the patches yet, just scrolled through the
diffs. See some comments inline. But I would also like someone else to
chime in
On Thu, May 26, 2016 at 11:31:07AM +0200, Lukas Slebodnik wrote:
> On (16/05/16 14:00), Pavel Březina wrote:
> >Hi,
> >the patches are finally ready to be tested and reviewed. It is too huge to be
> >sent to the list so please checkout my fedorapeople or github repo:
> >
>
On Tue, May 17, 2016 at 12:33:00PM +0200, Sumit Bose wrote:
> Hi,
>
> this patch fixes a typo in the IPA AD related code, to look up the
> Global Catalog via DNS the forest name should be used and not the name
> of the currently domain.
>
> bye,
> Sumit
* master:
On Tue, May 17, 2016 at 12:33:00PM +0200, Sumit Bose wrote:
> Hi,
>
> this patch fixes a typo in the IPA AD related code, to look up the
> Global Catalog via DNS the forest name should be used and not the name
> of the currently domain.
>
> bye,
> Sumit
ACK
CI is down, but this is a one-liner
.
The second patch is more about defensive programming and fixes #3006.
>From 2f88d95d8c72f1333ce1fc12a1ba18249447c11e Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 19 May 2016 17:24:51 +0200
Subject: [PATCH 1/2] AD: Do not leak file descriptors during machine
On Thu, May 19, 2016 at 08:16:36AM +0200, Lukas Slebodnik wrote:
> Could we use EXIT_FAILURE?
>
> Otherwise nice work.
Sure, new patches are attached.
>From 6941f025e6a93c3f4bc13ee5fa24f4724ab3039f Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 17
On Wed, May 11, 2016 at 11:58:11AM +0200, Jakub Hrozek wrote:
> Hi,
>
> the attached patch implements Sumit's idea to solve
> https://fedorahosted.org/sssd/ticket/2927
>
> The user who reported the bug confirmed that the patch works. As an
> additional improv
to STDOUT_FILENO and extra_argv is always NULL.
*/
-errno_t exec_child(TALLOC_CTX *mem_ctx,
- int *pipefd_to_child, int *pipefd_from_child,
- const char *binary, int debug_fd);
+void exec_child(TALLOC_CTX *mem_ctx,
+int *pipefd_to_child, int *pipef
On Wed, May 11, 2016 at 01:57:53PM +0200, Pavel Březina wrote:
> On 05/06/2016 03:04 PM, Jakub Hrozek wrote:
> > To reproduce, just run:
> > getent netgroup some_name@trusted.domain
> >
> > Please see the commit message for explanation. The other solution would
On Wed, May 11, 2016 at 10:34:47AM +0200, Pavel Březina wrote:
> On 05/10/2016 01:31 PM, Pavel Březina wrote:
> > On 05/02/2016 03:02 PM, Petr Cech wrote:
> > > On 04/28/2016 01:39 PM, Pavel Březina wrote:
> > > > Hi, just few nitpicks:
> > > >
> > > > Patch 1 NEGCACHE: Adding timeout to struct
On Wed, May 11, 2016 at 11:42:40AM +0200, Jakub Hrozek wrote:
> On Wed, May 11, 2016 at 10:24:10AM +0200, Pavel Březina wrote:
> > On 05/10/2016 04:00 PM, Jakub Hrozek wrote:
> > > On Thu, Apr 21, 2016 at 02:54:21PM +0200, Pavel Březina wrote:
> > > >
On Tue, May 10, 2016 at 05:06:41PM +0200, Jakub Hrozek wrote:
> OK, for posterity, attached are the patches (RB: me) that I would like
> to commit.
>
> CI passed as well:
> http://sssd-ci.duckdns.org/logs/job/43/08/summary.html
> (The failure on debian is in dyndns-tests,
On Fri, May 06, 2016 at 03:04:42PM +0200, Jakub Hrozek wrote:
> To reproduce, just run:
> getent netgroup some_name@trusted.domain
>
> Please see the commit message for explanation. The other solution would
> be the other way around, ie always go to the code that handles lookup
. But honestly I
don't know if and how this could be solved (we would need to fetch this
attribute always on initgroups on both client and server..) so I would
prefer additional ticket and merge this patch first.
>From 01598f563378f8cf85e7a7fb0c29e7bf32518c3f Mon Sep 17 00:00:00 2001
From: Jakub Hro
On Wed, May 11, 2016 at 10:24:10AM +0200, Pavel Březina wrote:
> On 05/10/2016 04:00 PM, Jakub Hrozek wrote:
> > On Thu, Apr 21, 2016 at 02:54:21PM +0200, Pavel Březina wrote:
> > > We can fail in sasl_bind_send() with ERR_AUTH_FAILED for basically
> > > unspecified re
On Tue, May 10, 2016 at 09:51:18AM -0400, Stephen Gallagher wrote:
> On 05/10/2016 09:45 AM, Jakub Hrozek wrote:
> > On Tue, Apr 19, 2016 at 02:09:14PM -0400, Stephen Gallagher wrote:
> >> These patches provide support for shipping a default configuration file
> >
On Thu, Apr 14, 2016 at 01:48:50PM +0200, Sumit Bose wrote:
> Hi,
>
> the following 3 patches are related to the Smartcard authentication
> feature but imo can be tested even without having one.
>
> The first patch just adds some missing pieces. The second adds a new
> 'no_verification' switch
_server() set the
port status to NEUTRAL. That caused the connection code to run again,
hit the same timeout issue and then cycle again and again..
Can anyone parse from the code why do we set the port to neutral instead
of not_working in be_fo_try_next_server() ?
>From 37806e08b5bc7a97246
On Thu, Apr 21, 2016 at 02:54:21PM +0200, Pavel Březina wrote:
> We can fail in sasl_bind_send() with ERR_AUTH_FAILED for basically
> unspecified reason but we do not failover to next server. This patch should
> fix it.
>
> As said on the meeting, I didn't reproduce it and I'm not sure if it will
On Tue, Apr 19, 2016 at 02:09:14PM -0400, Stephen Gallagher wrote:
> These patches provide support for shipping a default configuration file that
> the
> monitor will automatically copy to /etc/sssd/sssd.conf if none already exists.
> The idea is for distributions to be able to provide a default
On Tue, May 10, 2016 at 01:24:51PM +0200, Lukas Slebodnik wrote:
> On (10/05/16 06:40), Stephen Gallagher wrote:
> >I was thinking this morning again about how we could deal with the 32-bit on
> >64-bit problem. On Fedora 24 and newer, we have the ability to use rich RPM
> >dependencies
On Tue, May 10, 2016 at 12:06:39PM +0200, Pavel Březina wrote:
> On 05/05/2016 11:38 AM, Jakub Hrozek wrote:
> > On Wed, Apr 27, 2016 at 11:47:50AM +0200, Pavel Březina wrote:
> > > >Can you also extend sbus_request_invoke_or_finish() to treat
> > > >ERR_SBUS_RE
On Mon, May 09, 2016 at 11:04:59PM -0500, Malahal Naineni wrote:
> Hi All,
>
> We have ganesha NFS server that calls innetgr() call to validate
> client request. Noticing that all ganesha threads were making innetgr()
> calls and spending a lot of time there, I wrote a small script that
On Wed, May 04, 2016 at 11:36:57PM +0200, Lukas Slebodnik wrote:
> On (27/04/16 10:51), Jakub Hrozek wrote:
> >Hi,
> >
> >the attached patches implement unit tests for the pam_sss module using
> >pam_wrapper and libpamtest. In my testing, the coverage is around 7
for helping me a lot with the build failures on
#sssd last week)
>From 60d21413ee5b72ed3d732f7a2fbf72a8061040fd Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 1 Dec 2015 23:23:33 +0100
Subject: [PATCH 01/10] UTIL: Add a PROBE macro into probes.h
The macros are
Hi,
a trivial code-hygiene patch is attached.
>From ac33446aaa78b65c6891f486e9ad462101f88a79 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 8 Dec 2015 21:10:27 +0100
Subject: [PATCH] Make sdap_process_group_send() static
---
src/providers/ldap/sdap_async
On Mon, May 09, 2016 at 09:21:53AM +0200, Stanislav Laznicka wrote:
> From what I've gathered, you would also like to have
> it ported to FreeBSD and Solaris (correct me if I'm wrong). I already did
> some research on how to get the Olson name there but it all seems a bit
> messy so if you know of
On Fri, Apr 29, 2016 at 03:38:46PM +0200, Sumit Bose wrote:
> Hi,
>
> please find a new design document at
> https://fedorahosted.org/sssd/wiki/DesignDocs/LookupUsersByCertificatePart2.
> It describes the extended support for user lookup by certificates namely
> for certificates stored in AD and
or a group.
>From 18cbf559addfeb77ad83b81e23431295a3e5c6ae Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Fri, 6 May 2016 15:02:19 +0200
Subject: [PATCH] IPA: Handle requests for netgroups from trusted domains
gracefully
In ipa_account_info_handler we first check if th
translate the new error code back to EOK.
Sorry, I totally forgot about these patches.
Here you go..
>From d3b578dd84acd327f0f623ddb835cd031480bb0a Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Wed, 27 Apr 2016 11:11:31 +0200
Subject: [PATCH 1/2] UTIL: Add ERR_SB
On Mon, May 02, 2016 at 10:47:50AM +0200, Pavel Březina wrote:
> On 05/02/2016 08:53 AM, Petr Cech wrote:
> > On 04/28/2016 01:41 PM, Pavel Březina wrote:
> > > On 04/26/2016 09:38 AM, Petr Cech wrote:
> > > > Hi list,
> > > >
> > > > this simple patch fixes talloc hierarchy in initializing
On Fri, Apr 29, 2016 at 06:21:44AM +0530, Arpit Tolani wrote:
> Hello
Hi Arpit, thank you very much for checking the design document.
>
> Currently we mostly run
>
> # service sssd stop ; rm -rf /var/lib/sss/db/* /var/log/sssd/* ; service sssd
> start
Yes, we plan on implememting this. But a
the AuthorizedKeysCommand.
>From 2a1eae3d00a85adaf66f2660489d0cbc028f4c9b Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 28 Apr 2016 10:31:45 +0200
Subject: [PATCH] SSH: Do not print an error message if sss_ssh_authorizedkeys
is asked for a local user
If an IPA client use
Hi,
please see the attached trivial patch. The issue was reported by adelton
on IRC.
>From 979353eb20849f036522ce4f5edf28f5a989f886 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Wed, 27 Apr 2016 12:18:15 +0200
Subject: [PATCH] MAN: Remove references to the
On Wed, Apr 20, 2016 at 01:20:14PM +0200, Pavel Březina wrote:
> On 04/20/2016 11:56 AM, Jakub Hrozek wrote:
> > Hi Pavel,
> >
> > can you check if this is the right thing to do for methods that parse
> > arguments on their own?
> >
> > To reproduce, it was
On Mon, Mar 21, 2016 at 09:37:45AM +0100, Lukas Slebodnik wrote:
> On (17/03/16 22:59), Jakub Hrozek wrote:
> >a man page one liner :)
> >
> >No need to explicitly mention IPAv2, I hope there are no deployments of
> >IPAv1 left anymore :)
> >
> >This
On Fri, Apr 22, 2016 at 05:04:21PM +0200, Lukas Slebodnik wrote:
> On (22/04/16 15:57), Jakub Hrozek wrote:
> >On Mon, Apr 11, 2016 at 03:35:52PM +0200, Jakub Hrozek wrote:
> >> On Mon, Apr 11, 2016 at 02:58:06PM +0200, Lukas Slebodnik wrote:
> >> > On (11/04
On Thu, Jan 28, 2016 at 05:12:40PM +0100, Jakub Hrozek wrote:
> On Thu, Jan 28, 2016 at 04:19:25PM +0100, Lukas Slebodnik wrote:
> > On (27/10/15 22:35), Lukas Slebodnik wrote:
> > >On (27/10/15 17:57), Jakub Hrozek wrote:
> > >>On Tue, Oct 27, 2015 at 05:42:
On Mon, May 11, 2015 at 06:28:35PM +0200, Lukas Slebodnik wrote:
> On (11/05/15 17:36), Pavel Reichl wrote:
> >Rebased patch set is attached.
>
> Code coverage of function pam_reply was quite high
> but it covered just part which was necessary for Sumit's work.
>
> I thought you would increase
On Fri, Apr 22, 2016 at 05:04:21PM +0200, Lukas Slebodnik wrote:
> On (22/04/16 15:57), Jakub Hrozek wrote:
> >On Mon, Apr 11, 2016 at 03:35:52PM +0200, Jakub Hrozek wrote:
> >> On Mon, Apr 11, 2016 at 02:58:06PM +0200, Lukas Slebodnik wrote:
> >> > On (11/04
On Fri, Apr 22, 2016 at 05:41:31PM +0200, Jakub Hrozek wrote:
> On Fri, Apr 22, 2016 at 05:34:47PM +0200, Sumit Bose wrote:
> > On Fri, Apr 22, 2016 at 05:17:29PM +0200, Jakub Hrozek wrote:
> > > On Fri, Apr 22, 2016 at 05:03:06PM +0200, Lukas Slebodnik wrote:
> > > &
On Fri, Apr 22, 2016 at 05:34:47PM +0200, Sumit Bose wrote:
> On Fri, Apr 22, 2016 at 05:17:29PM +0200, Jakub Hrozek wrote:
> > On Fri, Apr 22, 2016 at 05:03:06PM +0200, Lukas Slebodnik wrote:
> > > On (22/04/16 15:41), Jakub Hrozek wrote:
> > > >On Tue, Apr 19, 2
On Fri, Apr 22, 2016 at 05:03:06PM +0200, Lukas Slebodnik wrote:
> On (22/04/16 15:41), Jakub Hrozek wrote:
> >On Tue, Apr 19, 2016 at 04:11:54PM +0200, Sumit Bose wrote:
> >> Hi,
> >>
> >> this is a follow-up patch to 5a5f1e1053415efaa99bb4d5bc7ce7ac0a95
On Wed, Apr 20, 2016 at 01:35:03PM +0200, Petr Cech wrote:
> On 04/20/2016 12:52 PM, Lukas Slebodnik wrote:
> > On (20/04/16 12:36), Petr Cech wrote:
> > > >On 04/18/2016 10:34 AM, Lukas Slebodnik wrote:
> > > > >>ehlo,
> > > > >>
> > > > >>I use special local user for building srpms in mock
> > >
On Tue, Apr 19, 2016 at 04:11:54PM +0200, Sumit Bose wrote:
> Hi,
>
> this is a follow-up patch to 5a5f1e1053415efaa99bb4d5bc7ce7ac0a95b757
> which removes another call to ipa_check_master() which might cause an
> infinite loop on an IPA client if the server does not support views.
>
> Please
On Wed, Apr 13, 2016 at 03:45:22PM +0200, Sumit Bose wrote:
> Hi,
>
> this is a bit of a follow-up patch to "subdomains: inherit
> ldap_krb5_keytab". It turned out that if the default keytab contains
> some completely unrelated keys the SASL initialization might e.g. pick a
> wrong realm name
On Fri, Apr 22, 2016 at 09:07:09AM +0200, Lukas Slebodnik wrote:
> On (21/04/16 18:10), Pavel Reichl wrote:
> >
> >
> >On 04/21/2016 03:24 PM, Pavel Březina wrote:
> >> Hi,
> >> the data provider code is basically ready for someone to start looking
> >> into it. I'm in the process of converting
On Wed, Apr 20, 2016 at 02:58:36PM -0400, Simo Sorce wrote:
> On Wed, 2016-04-20 at 19:58 +0200, Lukas Slebodnik wrote:
> > On (20/04/16 17:21), Jakub Hrozek wrote:
> > >On Wed, Apr 20, 2016 at 09:59:19AM -0400, Simo Sorce wrote:
> > >> On Wed, 2016-04-20 at 1
On Wed, Apr 20, 2016 at 09:59:19AM -0400, Simo Sorce wrote:
> On Wed, 2016-04-20 at 14:16 +0200, Jakub Hrozek wrote:
> > On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> > > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > > > Thanks, II
On Wed, Apr 20, 2016 at 09:57:03AM -0400, Simo Sorce wrote:
> On Wed, 2016-04-20 at 11:55 +0200, Jakub Hrozek wrote:
> > On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> > > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > > > Thanks, II
On Wed, Apr 20, 2016 at 09:43:05AM -0400, Simo Sorce wrote:
> On Wed, 2016-04-20 at 11:12 +0200, Jakub Hrozek wrote:
> > On Wed, Apr 20, 2016 at 10:32:59AM +0200, Jakub Hrozek wrote:
> > > > > From 0dff46755af6063ed4b0339020ae5bb686692de1 Mon Sep 17 00:00:00 2001
>
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > Thanks, IIRC the int-instead of enum use is intentional, I will look
> > at the others.
>
> The last coverity/clang thing is a false positive, but I initialized
> reply to NULL
On Wed, Apr 20, 2016 at 12:04:23PM +0200, Michal Židek wrote:
> Hi,
>
> I just updated the design for the planned sss_confcheck tool.
> It can be found here:
> https://fedorahosted.org/sssd/wiki/DesignDocs/ConfigCheckTool
>
> For convenience I paste it here as well:
>
>
> sss_confcheck tool
>
de2 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Wed, 20 Apr 2016 11:54:31 +0200
Subject: [PATCH] IFP: Do not crash on invalid arguments to GetUserAttr
---
src/responder/ifp/ifpsrv_cmd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/resp
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > Thanks, IIRC the int-instead of enum use is intentional, I will look
> > at the others.
>
> The last coverity/clang thing is a false positive, but I initialized
> reply to NULL
On Wed, Apr 20, 2016 at 10:32:59AM +0200, Jakub Hrozek wrote:
> > > From 0dff46755af6063ed4b0339020ae5bb686692de1 Mon Sep 17 00:00:00 2001
> > > From: Simo Sorce <s...@redhat.com>
> > > Date: Tue, 12 Jan 2016 20:13:28 -0500
> > > Subject: [PATCH 02/
On Wed, Apr 20, 2016 at 09:59:57AM +0200, Jakub Hrozek wrote:
> On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > > Thanks, IIRC the int-instead of enum use is intentional, I will look
> > > at th
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote:
> On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote:
> > Thanks, IIRC the int-instead of enum use is intentional, I will look
> > at the others.
>
> The last coverity/clang thing is a false positive, but I initialized
> reply to NULL
tamps), then actions
like user and group lookups and logins should be considerably faster.
The SSSD should also correctly detect when the entries in fact did change on
the server. In this case, a full cache write will be performed.
=== Authors ===
* Jakub Hrozek <jhro...@redhat.com> with
On Tue, Apr 19, 2016 at 12:45:33PM +0200, Lukas Slebodnik wrote:
> >One solution can be to send SIGKILL to child process as part of cleanup
> >in test_run_as_root_daemon. But that's not related to this patch :-)
> >
> Jakub,
>
> do we want to fix the confusing failure?
Sure, if you know how to
On Tue, Apr 19, 2016 at 10:59:20AM +0200, Pavel Březina wrote:
> On 04/19/2016 09:59 AM, Lukas Slebodnik wrote:
> > On (01/03/16 13:53), Pavel Březina wrote:
> > > On 02/25/2016 02:08 PM, Jakub Hrozek wrote:
> > > > On Tue, Feb 09, 2016 at 02:07:21PM +0100, Pavel
On Wed, Apr 06, 2016 at 10:52:24AM +0200, Jakub Hrozek wrote:
> On Tue, Mar 22, 2016 at 04:23:26PM -0400, Justin Stephenson wrote:
> > This is great and will make our lives much easier in support! Currently we
> > have autokeyed commands like 'service sssd stop; rm -f
7ffc7d66a3b0
error 4 in libsss_ipa.so[7ff889fcf000+5d000]
== Detailed Changelog ==
Dan Lavu (1):
* PAM: Fix man for pam_account_{expired,locked}_message
David Disseldorp (1):
* build: detect endianness at configure time
Jakub Hrozek (17):
* Upgrading the version for the 1.13.4
On Tue, Apr 12, 2016 at 12:59:09PM +0200, Pavel Březina wrote:
> On 04/01/2016 01:12 PM, Pavel Březina wrote:
> >On 03/18/2016 05:09 PM, Sumit Bose wrote:
> >>On Tue, Mar 15, 2016 at 04:50:48PM +0100, Lukas Slebodnik wrote:
> >>>On (15/03/16 10:04), Pavel Březina wrote:
> On 03/14/2016 12:12
On Fri, Apr 08, 2016 at 01:05:54PM +0200, Jakub Hrozek wrote:
> On Fri, Apr 08, 2016 at 12:15:25PM +0200, Pavel Březina wrote:
> > On 03/01/2016 01:53 PM, Pavel Březina wrote:
> > >On 02/25/2016 02:08 PM, Jakub Hrozek wrote:
> > >>On Tue, Feb 09, 2016 at 02:07:2
On Tue, Mar 22, 2016 at 04:19:48PM +0100, Michal Židek wrote:
> On 03/22/2016 03:29 PM, Sumit Bose wrote:
> >On Tue, Mar 22, 2016 at 12:29:39PM +0100, Michal Židek wrote:
> >>Hi,
> >>
> >>I would like to write a patch that will
> >>allow SSSD to use the config file merging
> >>feature from libini.
On Fri, Apr 08, 2016 at 11:52:18AM +0200, Jakub Hrozek wrote:
> From c69aff1284c72d1e5bcb633c2499e9fb74f16335 Mon Sep 17 00:00:00 2001
> From: Jakub Hrozek <jhro...@redhat.com>
> Date: Wed, 6 Apr 2016 18:35:39 +0200
> Subject: [PATCH 1/3] memberof: Fix a memory leak when re
On Tue, Apr 12, 2016 at 02:10:55PM +0200, Jakub Hrozek wrote:
> On Mon, Apr 11, 2016 at 12:49:35PM +0200, Lukas Slebodnik wrote:
> > ehlo,
> >
> > attached patch should fix #2964.
> > BTW it worked previously because there was a bug in marking
> > domain
On Mon, Apr 11, 2016 at 12:49:35PM +0200, Lukas Slebodnik wrote:
> ehlo,
>
> attached patch should fix #2964.
> BTW it worked previously because there was a bug in marking
> domain as offline.
>
> So this bug was revealed with fix of another bug :-)
> 0561d532cf76b035b73cfed929a6896071dac407
>
On Tue, Apr 12, 2016 at 01:01:03PM +0200, Pavel Březina wrote:
> On 04/12/2016 12:52 PM, Jakub Hrozek wrote:
> >On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote:
> >>Hello,
> >>
> >>Pavel Březina and I have prepared the 1st draft of design document.
On Tue, Apr 12, 2016 at 01:02:30PM +0200, Pavel Březina wrote:
> On 04/06/2016 10:54 AM, Jakub Hrozek wrote:
> >On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote:
> >>Hello,
> >>
> >>Pavel Březina and I have prepared the 1st draft of design document.
On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote:
> Hello,
>
> Pavel Březina and I have prepared the 1st draft of design document. We mostly
> focused on summing up its future functionality and its interface.
>
> Please comment if you miss some essential functionality or if you
On Mon, Apr 11, 2016 at 02:58:06PM +0200, Lukas Slebodnik wrote:
> On (11/04/16 13:39), Jakub Hrozek wrote:
> >On Mon, Apr 11, 2016 at 01:12:51PM +0200, Lukas Slebodnik wrote:
> >> ehlo,
> >>
> >> following patch help me to find out issues with GPO.
> >
On Mon, Apr 11, 2016 at 01:12:51PM +0200, Lukas Slebodnik wrote:
> ehlo,
>
> following patch help me to find out issues with GPO.
> I think it might be useful also in other cases.
>
> But ideal would be if fail-over code would print port as well.
> ATM "0" is logged as a port with AD.
That's
On Fri, Apr 08, 2016 at 07:31:59PM +0300, Nikolai Kondrashov wrote:
> On 04/06/2016 02:06 PM, Sumit Bose wrote:
> >On Wed, Apr 06, 2016 at 12:59:32PM +0300, Nikolai Kondrashov wrote:
> >>On 03/18/2016 07:56 PM, Nikolai Kondrashov wrote:
> >>>The attached patch adds exporting of the original
On Fri, Apr 08, 2016 at 12:15:25PM +0200, Pavel Březina wrote:
> On 03/01/2016 01:53 PM, Pavel Březina wrote:
> >On 02/25/2016 02:08 PM, Jakub Hrozek wrote:
> >>On Tue, Feb 09, 2016 at 02:07:21PM +0100, Pavel Březina wrote:
> >>>First of the responders is converted -
On Thu, Apr 07, 2016 at 01:01:52PM +0200, Pavel Březina wrote:
> On 04/07/2016 11:51 AM, Jakub Hrozek wrote:
> >On Thu, Apr 07, 2016 at 09:16:21AM +0200, Lukas Slebodnik wrote:
> >>On (06/04/16 18:38), Jakub Hrozek wrote:
> >>>Hi,
> >>>
> >
On Thu, Apr 07, 2016 at 09:12:17AM +0200, Lukas Slebodnik wrote:
> On (06/04/16 15:30), Jakub Hrozek wrote:
> >Hi,
> >
> >I was doing a smoke-test with Windows Server 2016 after receiving
> >several requests from users (mainly about IDMU deprecation) and find out
>
On Thu, Apr 07, 2016 at 09:16:21AM +0200, Lukas Slebodnik wrote:
> On (06/04/16 18:38), Jakub Hrozek wrote:
> >Hi,
> >
> >I'm sorry I didn't catch this when I developed the original patch, but
> >today I was trying to write the leak patches as Lukas suggested the
> &
On Tue, Mar 15, 2016 at 04:47:50PM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> There were failures[1] on rhel6 machine with latest packages.
> it took me a while to find out which package cuaed it.
> Therefore I downgraded rhel machine to vanilla rhel6.7
> and I was troubleshooting it on different
On Wed, Apr 06, 2016 at 05:10:02PM +0200, Jakub Hrozek wrote:
> On Fri, Apr 01, 2016 at 03:17:00PM +0200, Lukas Slebodnik wrote:
> > On (31/03/16 09:46), Lukas Slebodnik wrote:
> > >On (18/03/16 17:53), Lukas Slebodnik wrote:
> > >>On (17/03/16 23:17), Jakub Hroze
On Fri, Apr 01, 2016 at 12:07:04PM +0200, Pavel Březina wrote:
> https://fedorahosted.org/sssd/wiki/DesignDocs/DataProvider
>
> For your convenience, the text is copied below:
>
> = Data Provider Refactoring =
>
> Related ticket(s):
> * https://fedorahosted.org/sssd/ticket/385
I think you can
On Fri, Apr 01, 2016 at 03:17:00PM +0200, Lukas Slebodnik wrote:
> On (31/03/16 09:46), Lukas Slebodnik wrote:
> >On (18/03/16 17:53), Lukas Slebodnik wrote:
> >>On (17/03/16 23:17), Jakub Hrozek wrote:
> >>>On Mon, Mar 07, 2016 at 04:12:00PM +0100, Luka
On Fri, Apr 01, 2016 at 03:18:25PM +0200, Lukas Slebodnik wrote:
> On (03/03/16 13:50), Lukas Slebodnik wrote:
> >ehlo,
> >
> >review is appreciated.
> Bump
>
> LS
I'm sorry for the late review. The patches seem to work fine, without
them, I was seeing:
(Wed Apr 6 14:11:20 2016)
601 - 700 of 7424 matches
Mail list logo