[SSSD] Re: [PATCH SET} A new Secrets service

2016-04-20 Thread Jakub Hrozek
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote: > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote: > > Thanks, IIRC the int-instead of enum use is intentional, I will look > > at the others. > > The last coverity/clang thing is a false positive, but I initialized > reply to NULL an

[SSSD] Re: [DESIGN] sss_confcheck tool

2016-04-20 Thread Jakub Hrozek
On Wed, Apr 20, 2016 at 12:04:23PM +0200, Michal Židek wrote: > Hi, > > I just updated the design for the planned sss_confcheck tool. > It can be found here: > https://fedorahosted.org/sssd/wiki/DesignDocs/ConfigCheckTool > > For convenience I paste it here as well: > > > sss_confcheck tool >

[SSSD] [PATCH] Do not crash if GetUserAttrs cannot be parsed

2016-04-20 Thread Jakub Hrozek
de2 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 20 Apr 2016 11:54:31 +0200 Subject: [PATCH] IFP: Do not crash on invalid arguments to GetUserAttr --- src/responder/ifp/ifpsrv_cmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/responder/ifp/ifpsrv_cmd.c b/

[SSSD] Re: [PATCH SET} A new Secrets service

2016-04-20 Thread Jakub Hrozek
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote: > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote: > > Thanks, IIRC the int-instead of enum use is intentional, I will look > > at the others. > > The last coverity/clang thing is a false positive, but I initialized > reply to NULL an

[SSSD] Re: [PATCH SET} A new Secrets service

2016-04-20 Thread Jakub Hrozek
On Wed, Apr 20, 2016 at 10:32:59AM +0200, Jakub Hrozek wrote: > > > From 0dff46755af6063ed4b0339020ae5bb686692de1 Mon Sep 17 00:00:00 2001 > > > From: Simo Sorce > > > Date: Tue, 12 Jan 2016 20:13:28 -0500 > > > Subject: [PATCH 02/15] Server: Enable Watch

[SSSD] Re: [PATCH SET} A new Secrets service

2016-04-20 Thread Jakub Hrozek
On Wed, Apr 20, 2016 at 09:59:57AM +0200, Jakub Hrozek wrote: > On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote: > > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote: > > > Thanks, IIRC the int-instead of enum use is intentional, I will look > > > at th

[SSSD] Re: [PATCH SET} A new Secrets service

2016-04-20 Thread Jakub Hrozek
On Tue, Apr 05, 2016 at 02:54:10PM -0400, Simo Sorce wrote: > On Tue, 2016-04-05 at 12:57 -0400, Simo Sorce wrote: > > Thanks, IIRC the int-instead of enum use is intentional, I will look > > at the others. > > The last coverity/clang thing is a false positive, but I initialized > reply to NULL an

[SSSD] Design discussion: Performance enhancements for the 1.14 release

2016-04-19 Thread Jakub Hrozek
entries on the server did not change (except timestamps), then actions like user and group lookups and logins should be considerably faster. The SSSD should also correctly detect when the entries in fact did change on the server. In this case, a full cache write will be performed. === Autho

[SSSD] Re: [PATCH] SPEC: Run extra unit tests with epel

2016-04-19 Thread Jakub Hrozek
On Tue, Apr 19, 2016 at 12:45:33PM +0200, Lukas Slebodnik wrote: > >One solution can be to send SIGKILL to child process as part of cleanup > >in test_run_as_root_daemon. But that's not related to this patch :-) > > > Jakub, > > do we want to fix the confusing failure? Sure, if you know how to fi

[SSSD] Re: [PATCH] sudo: use cache_req interface

2016-04-19 Thread Jakub Hrozek
On Tue, Apr 19, 2016 at 10:59:20AM +0200, Pavel Březina wrote: > On 04/19/2016 09:59 AM, Lukas Slebodnik wrote: > > On (01/03/16 13:53), Pavel Březina wrote: > > > On 02/25/2016 02:08 PM, Jakub Hrozek wrote: > > > > On Tue, Feb 09, 2016 at 02:07:21PM +0100, Pavel Bře

[SSSD] Re: Design document - sssctl

2016-04-18 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 10:52:24AM +0200, Jakub Hrozek wrote: > On Tue, Mar 22, 2016 at 04:23:26PM -0400, Justin Stephenson wrote: > > This is great and will make our lives much easier in support! Currently we > > have autokeyed commands like 'service sssd stop; r

[SSSD] Announcing SSSD 1.13.4

2016-04-14 Thread Jakub Hrozek
lt at 0 ip 7ff889ff61bb sp 7ffc7d66a3b0 error 4 in libsss_ipa.so[7ff889fcf000+5d000] == Detailed Changelog == Dan Lavu (1): * PAM: Fix man for pam_account_{expired,locked}_message David Disseldorp (1): * build: detect endianness at configure time Jakub Hrozek (17): * Upgrad

[SSSD] Re: [PATCHES] PAC: only save PAC blob into the cache

2016-04-13 Thread Jakub Hrozek
On Tue, Apr 12, 2016 at 12:59:09PM +0200, Pavel Březina wrote: > On 04/01/2016 01:12 PM, Pavel Březina wrote: > >On 03/18/2016 05:09 PM, Sumit Bose wrote: > >>On Tue, Mar 15, 2016 at 04:50:48PM +0100, Lukas Slebodnik wrote: > >>>On (15/03/16 10:04), Pavel Březina wrote: > On 03/14/2016 12:12 PM

[SSSD] Re: [PATCH] sudo: use cache_req interface

2016-04-12 Thread Jakub Hrozek
On Fri, Apr 08, 2016 at 01:05:54PM +0200, Jakub Hrozek wrote: > On Fri, Apr 08, 2016 at 12:15:25PM +0200, Pavel Březina wrote: > > On 03/01/2016 01:53 PM, Pavel Březina wrote: > > >On 02/25/2016 02:08 PM, Jakub Hrozek wrote: > > >>On Tue, Feb 09, 2016 at 02:07:2

[SSSD] Re: Config file merging in SSSD

2016-04-12 Thread Jakub Hrozek
On Tue, Mar 22, 2016 at 04:19:48PM +0100, Michal Židek wrote: > On 03/22/2016 03:29 PM, Sumit Bose wrote: > >On Tue, Mar 22, 2016 at 12:29:39PM +0100, Michal Židek wrote: > >>Hi, > >> > >>I would like to write a patch that will > >>allow SSSD to use the config file merging > >>feature from libini.

[SSSD] Re: [PATCH] memberof: Fix a memory leak when removing ghost users

2016-04-12 Thread Jakub Hrozek
On Fri, Apr 08, 2016 at 11:52:18AM +0200, Jakub Hrozek wrote: > From c69aff1284c72d1e5bcb633c2499e9fb74f16335 Mon Sep 17 00:00:00 2001 > From: Jakub Hrozek > Date: Wed, 6 Apr 2016 18:35:39 +0200 > Subject: [PATCH 1/3] memberof: Fix a memory leak when removing ghost u

[SSSD] Re: [PATCH] GPO: Process GPOS in offline mode if ldap search failed

2016-04-12 Thread Jakub Hrozek
On Tue, Apr 12, 2016 at 02:10:55PM +0200, Jakub Hrozek wrote: > On Mon, Apr 11, 2016 at 12:49:35PM +0200, Lukas Slebodnik wrote: > > ehlo, > > > > attached patch should fix #2964. > > BTW it worked previously because there was a bug in marking > > domain as

[SSSD] Re: [PATCH] GPO: Process GPOS in offline mode if ldap search failed

2016-04-12 Thread Jakub Hrozek
On Mon, Apr 11, 2016 at 12:49:35PM +0200, Lukas Slebodnik wrote: > ehlo, > > attached patch should fix #2964. > BTW it worked previously because there was a bug in marking > domain as offline. > > So this bug was revealed with fix of another bug :-) > 0561d532cf76b035b73cfed929a6896071dac407 > >

[SSSD] Re: Design document - sssctl

2016-04-12 Thread Jakub Hrozek
On Tue, Apr 12, 2016 at 01:01:03PM +0200, Pavel Březina wrote: > On 04/12/2016 12:52 PM, Jakub Hrozek wrote: > >On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote: > >>Hello, > >> > >>Pavel Březina and I have prepared the 1st draft of design document.

[SSSD] Re: Design document - sssctl

2016-04-12 Thread Jakub Hrozek
On Tue, Apr 12, 2016 at 01:02:30PM +0200, Pavel Březina wrote: > On 04/06/2016 10:54 AM, Jakub Hrozek wrote: > >On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote: > >>Hello, > >> > >>Pavel Březina and I have prepared the 1st draft of design document.

[SSSD] Re: Design document - sssctl

2016-04-12 Thread Jakub Hrozek
On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote: > Hello, > > Pavel Březina and I have prepared the 1st draft of design document. We mostly > focused on summing up its future functionality and its interface. > > Please comment if you miss some essential functionality or if you would

[SSSD] Re: [PATCH] LDAP: Print port in sdap_print_server

2016-04-11 Thread Jakub Hrozek
On Mon, Apr 11, 2016 at 02:58:06PM +0200, Lukas Slebodnik wrote: > On (11/04/16 13:39), Jakub Hrozek wrote: > >On Mon, Apr 11, 2016 at 01:12:51PM +0200, Lukas Slebodnik wrote: > >> ehlo, > >> > >> following patch help me to find out issues with GPO. > >

[SSSD] Re: [PATCH] LDAP: Print port in sdap_print_server

2016-04-11 Thread Jakub Hrozek
On Mon, Apr 11, 2016 at 01:12:51PM +0200, Lukas Slebodnik wrote: > ehlo, > > following patch help me to find out issues with GPO. > I think it might be useful also in other cases. > > But ideal would be if fail-over code would print port as well. > ATM "0" is logged as a port with AD. That's bec

[SSSD] Re: [PATCH] PAM: Export original user shell to tlog-rec

2016-04-11 Thread Jakub Hrozek
On Fri, Apr 08, 2016 at 07:31:59PM +0300, Nikolai Kondrashov wrote: > On 04/06/2016 02:06 PM, Sumit Bose wrote: > >On Wed, Apr 06, 2016 at 12:59:32PM +0300, Nikolai Kondrashov wrote: > >>On 03/18/2016 07:56 PM, Nikolai Kondrashov wrote: > >>>The attached patch adds exporting of the original (non-ov

[SSSD] Re: [PATCH] sudo: use cache_req interface

2016-04-08 Thread Jakub Hrozek
On Fri, Apr 08, 2016 at 12:15:25PM +0200, Pavel Březina wrote: > On 03/01/2016 01:53 PM, Pavel Březina wrote: > >On 02/25/2016 02:08 PM, Jakub Hrozek wrote: > >>On Tue, Feb 09, 2016 at 02:07:21PM +0100, Pavel Březina wrote: > >>>First of the responders is converted -

[SSSD] Re: [PATCH] memberof: Fix a memory leak when removing ghost users

2016-04-08 Thread Jakub Hrozek
On Thu, Apr 07, 2016 at 01:01:52PM +0200, Pavel Březina wrote: > On 04/07/2016 11:51 AM, Jakub Hrozek wrote: > >On Thu, Apr 07, 2016 at 09:16:21AM +0200, Lukas Slebodnik wrote: > >>On (06/04/16 18:38), Jakub Hrozek wrote: > >>>Hi, > >>> > >>

[SSSD] Re: [PATCH] AD: Recognize Windows Server 2016

2016-04-07 Thread Jakub Hrozek
On Thu, Apr 07, 2016 at 09:12:17AM +0200, Lukas Slebodnik wrote: > On (06/04/16 15:30), Jakub Hrozek wrote: > >Hi, > > > >I was doing a smoke-test with Windows Server 2016 after receiving > >several requests from users (mainly about IDMU deprecation) and find out >

[SSSD] Re: [PATCH] memberof: Fix a memory leak when removing ghost users

2016-04-07 Thread Jakub Hrozek
On Thu, Apr 07, 2016 at 09:16:21AM +0200, Lukas Slebodnik wrote: > On (06/04/16 18:38), Jakub Hrozek wrote: > >Hi, > > > >I'm sorry I didn't catch this when I developed the original patch, but > >today I was trying to write the leak patches as Lukas suggested

[SSSD] Re: [PATCH] test_ipa_subdom_server: Workaround for slow krb5 + SELinux

2016-04-06 Thread Jakub Hrozek
On Tue, Mar 15, 2016 at 04:47:50PM +0100, Lukas Slebodnik wrote: > ehlo, > > There were failures[1] on rhel6 machine with latest packages. > it took me a while to find out which package cuaed it. > Therefore I downgraded rhel machine to vanilla rhel6.7 > and I was troubleshooting it on different m

[SSSD] [PATCH] memberof: Fix a memory leak when removing ghost users

2016-04-06 Thread Jakub Hrozek
2cae Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 6 Apr 2016 18:35:39 +0200 Subject: [PATCH] memberof: Fix a memory leak when removing ghost users --- src/ldb_modules/memberof.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ldb_modules/memberof.c b/src/ldb_

[SSSD] Re: [PATCH] SPEC: Run extra unit tests with epel

2016-04-06 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 05:10:02PM +0200, Jakub Hrozek wrote: > On Fri, Apr 01, 2016 at 03:17:00PM +0200, Lukas Slebodnik wrote: > > On (31/03/16 09:46), Lukas Slebodnik wrote: > > >On (18/03/16 17:53), Lukas Slebodnik wrote: > > >>On (17/03/16 23:17), Jakub Hroze

[SSSD] Re: Design Document: Data Provider Refactoring

2016-04-06 Thread Jakub Hrozek
On Fri, Apr 01, 2016 at 12:07:04PM +0200, Pavel Březina wrote: > https://fedorahosted.org/sssd/wiki/DesignDocs/DataProvider > > For your convenience, the text is copied below: > > = Data Provider Refactoring = > > Related ticket(s): > * https://fedorahosted.org/sssd/ticket/385 I think you can

[SSSD] Re: [PATCH] SPEC: Run extra unit tests with epel

2016-04-06 Thread Jakub Hrozek
On Fri, Apr 01, 2016 at 03:17:00PM +0200, Lukas Slebodnik wrote: > On (31/03/16 09:46), Lukas Slebodnik wrote: > >On (18/03/16 17:53), Lukas Slebodnik wrote: > >>On (17/03/16 23:17), Jakub Hrozek wrote: > >>>On Mon, Mar 07, 2016 at 04:12:00PM +0100, Luka

[SSSD] Re: [PATCH] GPO_CHILD: Create directories in gpo_cache with right permissions

2016-04-06 Thread Jakub Hrozek
On Fri, Apr 01, 2016 at 03:18:25PM +0200, Lukas Slebodnik wrote: > On (03/03/16 13:50), Lukas Slebodnik wrote: > >ehlo, > > > >review is appreciated. > Bump > > LS I'm sorry for the late review. The patches seem to work fine, without them, I was seeing: (Wed Apr 6 14:11:20 2016) [[sssd[gpo_child

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 03:16:20PM +0200, Jakub Hrozek wrote: > On Wed, Apr 06, 2016 at 08:39:39AM -0400, Stephen Gallagher wrote: > > > > > > > On Apr 6, 2016, at 8:37 AM, Jakub Hrozek wrote: > > > > > >> On Tue, Apr 05, 2016 at 02:34:33PM -0400,

[SSSD] [PATCH] AD: Recognize Windows Server 2016

2016-04-06 Thread Jakub Hrozek
x27;t been amended yet at: https://msdn.microsoft.com/en-us/library/cc223272.aspx I think we could merge this patch without breaking anything. >From 6af263f425c4c54fc01aeeb3bbc47366b2b6a82b Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 6 Apr 2016 15:26:15 +0200 Subject: [PATCH] AD: R

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 08:39:39AM -0400, Stephen Gallagher wrote: > > > > On Apr 6, 2016, at 8:37 AM, Jakub Hrozek wrote: > > > >> On Tue, Apr 05, 2016 at 02:34:33PM -0400, Stephen Gallagher wrote: > >> We only need to go online if we receive a netlink sign

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek
On Tue, Apr 05, 2016 at 02:34:33PM -0400, Stephen Gallagher wrote: > We only need to go online if we receive a netlink signal that might > indicate that the external connection might have become available. This > will never be true for link-local addresses. > The indentation of DEBUG messages is

[SSSD] Re: [PATCH] MAN: Remove duplicate description of the pam_account_locked_message option

2016-04-06 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 01:07:09PM +0200, Pavel Reichl wrote: > > > On 04/06/2016 10:39 AM, Pavel Reichl wrote: > > > > > >On 04/06/2016 10:17 AM, Jakub Hrozek wrote: > >>Hi, > >> > >>I found this minor man page bug when I was prepairing

[SSSD] Re: Design document - sssctl

2016-04-06 Thread Jakub Hrozek
On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote: > Hello, > > Pavel Březina and I have prepared the 1st draft of design document. We mostly > focused on summing up its future functionality and its interface. > > Please comment if you miss some essential functionality or if you would

[SSSD] Re: Design document - sssctl

2016-04-06 Thread Jakub Hrozek
On Tue, Mar 22, 2016 at 04:23:26PM -0400, Justin Stephenson wrote: > This is great and will make our lives much easier in support! Currently we > have autokeyed commands like 'service sssd stop; rm -f /var/lib/sss/db/*; > service sssd stop' Yes in fact, most users expect this to be done by the sss

[SSSD] RFC: release notes for 1.13.4

2016-04-06 Thread Jakub Hrozek
Hi, I would like to release 1.13.4 today. I drafted the release notes on the wiki: https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.4 Feel free to comment or edit them.. About the tickets in the 1.13.4 milestone: https://fedorahosted.org/sssd/ticket/2886 - sssd-nss segfault on rest

[SSSD] [PATCH] MAN: Remove duplicate description of the pam_account_locked_message option

2016-04-06 Thread Jakub Hrozek
Hi, I found this minor man page bug when I was prepairing the 1.13.4 release notes. >From 7863d86d3377380e2ce73ea47bc78c787cffbda3 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 6 Apr 2016 10:09:23 +0200 Subject: [PATCH] MAN: Remove duplicate description of

[SSSD] Re: Design discussion: Use fully-qualified names for users and groups in sysdb

2016-04-05 Thread Jakub Hrozek
On Fri, Apr 01, 2016 at 12:28:40PM +0200, Pavel Březina wrote: > On 03/31/2016 02:18 PM, Jakub Hrozek wrote: > >Hi, > > > >I prepared a design page for https://fedorahosted.org/sssd/ticket/2011 > >at: > > https://fedorahosted.org/sssd/wiki/DesignDocs/SysdbFu

[SSSD] Re: is this a GPO bug?

2016-04-04 Thread Jakub Hrozek
On Mon, Apr 04, 2016 at 02:30:16PM +0200, Lukas Slebodnik wrote: > On (04/04/16 13:57), Jakub Hrozek wrote: > >Hi, > > > >I'm looking at a logfile from one sssd installation and I'm wondering if > >it's a GPO bug. The relevant part of the logs is: > &

[SSSD] is this a GPO bug?

2016-04-04 Thread Jakub Hrozek
Hi, I'm looking at a logfile from one sssd installation and I'm wondering if it's a GPO bug. The relevant part of the logs is: [sssd[be[example.com]]] [sdap_parse_entry] (0x1000): OriginalDN: [cn={BCB10A5A-630C-477E-8E2D-996F06E36DBD},cn=policies,cn=system,DC=example,DC=com]. [sssd[be[example.co

[SSSD] Design discussion: Use fully-qualified names for users and groups in sysdb

2016-03-31 Thread Jakub Hrozek
only. === How To Test === All available tests should still pass. The tests should also pass if the format of the database was changed. === Authors === * Jakub Hrozek * Michal Židek ___ sssd-devel mailing list sssd-devel@lists.fedorah

[SSSD] Re: Multiple PID file macros ?

2016-03-28 Thread Jakub Hrozek
> On 28 Mar 2016, at 21:02, Simo Sorce wrote: > > While looking at the monitor code I realize we define SSSD_PIDFILE_PATH > in monitor.c in a different way than we define SSSD_PIDFILE in > tools_util.h > > Although the definitions differ, they end up being effectively the same > string for now

[SSSD] Re: Config file merging in SSSD

2016-03-23 Thread Jakub Hrozek
> On 22 Mar 2016, at 16:19, Michal Židek wrote: > > On 03/22/2016 03:29 PM, Sumit Bose wrote: >> On Tue, Mar 22, 2016 at 12:29:39PM +0100, Michal Židek wrote: >>> Hi, >>> >>> I would like to write a patch that will >>> allow SSSD to use the config file merging >>> feature from libini. But first

[SSSD] Re: Config file merging in SSSD

2016-03-23 Thread Jakub Hrozek
> On 23 Mar 2016, at 11:11, Michal Židek wrote: > > On 03/23/2016 11:02 AM, Lukas Slebodnik wrote: >> On (23/03/16 10:53), Michal Židek wrote: >>> On 03/22/2016 09:10 PM, Jakub Hrozek wrote: >>>> >>>>> On 22 Mar 2016, at 12:29, Michal Židek w

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek
> On 22 Mar 2016, at 14:46, Lukas Slebodnik wrote: >>> >>> SSSD would automatically pick up files ending >>> in .conf from that direcory and use them. In >>> order to disable the config file, the admin will >>> have to rename the file ending (for example >>> .conf.disabled). This way, we do not

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek
> On 22 Mar 2016, at 20:43, Simo Sorce wrote: > > On Tue, 2016-03-22 at 15:15 +0100, Michal Židek wrote: >> On 03/22/2016 02:46 PM, Lukas Slebodnik wrote: >>> On (22/03/16 14:30), Michal Židek wrote: On 03/22/2016 12:29 PM, Michal Židek wrote: > Hi, > > I would like to write a

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek
> On 22 Mar 2016, at 12:29, Michal Židek wrote: > > Hi, > > I would like to write a patch that will > allow SSSD to use the config file merging > feature from libini. But first I would like > to ask developers for their opinions on how > this should be implemented. > > My idea was that it cou

[SSSD] Re: NSS responder should negatively cache local users for a longer time

2016-03-22 Thread Jakub Hrozek
> On 22 Mar 2016, at 20:35, Simo Sorce wrote: > > On Sun, 2016-03-20 at 21:28 +0100, Jakub Hrozek wrote: >>> On 16 Mar 2016, at 13:45, Petr Cech wrote: >>> >>> Hi, >>> >>> I will work on $subject [1] and I have discussed this topic with

[SSSD] Re: NSS responder should negatively cache local users for a longer time

2016-03-20 Thread Jakub Hrozek
> On 16 Mar 2016, at 13:45, Petr Cech wrote: > > Hi, > > I will work on $subject [1] and I have discussed this topic with Jakub a week > ago. There are some open questions, so I will be glad if you say your opinion. > > There could be heavy traffic between SSSD client and server coused by loc

[SSSD] Re: [PATCH] SUDO: be able to parse modifyTimestamp correctly

2016-03-19 Thread Jakub Hrozek
On Mon, Mar 07, 2016 at 12:02:32PM +0100, Pavel Březina wrote: > One way to fix this would be to revert: > f58ffb26aeaae0642a149643672fa59ec01a3a36 > 1476d5348fcf387e7481d833becbd993d91f8019 > > These patches simplified the entryUSN fitler from (&(entryUSN >= > $last)(entryUSN != $last)) to (entry

[SSSD] Re: [PATCH] Fix responders socket cleanup code

2016-03-19 Thread Jakub Hrozek
On Tue, Mar 15, 2016 at 11:22:42AM +0100, Pavel Březina wrote: > On 03/15/2016 10:36 AM, Pavel Březina wrote: > >On 03/11/2016 05:04 AM, Simo Sorce wrote: > >>On Thu, 2016-03-10 at 21:04 -0500, Simo Sorce wrote: > >>>The attached patch fixes #2973, > >>>it's pretty straightforward. > >> > >>Same pa

[SSSD] Re: [PATCH] SPEC: Run extra unit tests with epel

2016-03-19 Thread Jakub Hrozek
On Mon, Mar 07, 2016 at 04:12:00PM +0100, Lukas Slebodnik wrote: > ehlo, > > simple patch is attached. > > LS Garbage-collecting easy patches untouched for a week or more.. The patch looks good and according to: http://sssd-ci.duckdns.org/logs/job/39/61/rhel6/ci-build-debug/ci-make-check-v

[SSSD] Re: [PATCH] Fix responders socket cleanup code

2016-03-19 Thread Jakub Hrozek
On Thu, Mar 17, 2016 at 09:49:20AM +0100, Lukas Slebodnik wrote: > On (17/03/16 09:23), Jakub Hrozek wrote: > >On Tue, Mar 15, 2016 at 11:22:42AM +0100, Pavel Březina wrote: > >> On 03/15/2016 10:36 AM, Pavel Březina wrote: > >> >On 03/11/2016 05:04 AM, Simo Sorce wr

[SSSD] Re: [PATCH] SUDO: be able to parse modifyTimestamp correctly

2016-03-19 Thread Jakub Hrozek
On Thu, Mar 17, 2016 at 12:29:32PM +0100, Jakub Hrozek wrote: > On Mon, Mar 07, 2016 at 12:02:32PM +0100, Pavel Březina wrote: > > One way to fix this would be to revert: > > f58ffb26aeaae0642a149643672fa59ec01a3a36 > > 1476d5348fcf387e7481d833becbd993d91f8019 > > >

[SSSD] [PATCH] MAN: Drop the reference to IPAv2 in the man page

2016-03-19 Thread Jakub Hrozek
a man page one liner :) No need to explicitly mention IPAv2, I hope there are no deployments of IPAv1 left anymore :) This change was suggested by Rob in https://fedorahosted.org/sssd/ticket/1907#comment:2 >From a571f05f492090e95ec25ba1e10b7f843f4688b7 Mon Sep 17 00:00:00 2001 From: Jakub Hro

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-14 Thread Jakub Hrozek
On Sun, Mar 13, 2016 at 09:07:28PM +0100, Jakub Hrozek wrote: > On Fri, Mar 11, 2016 at 12:21:49PM +0100, Pavel Březina wrote: > > Should have read the logs to the end, sorry about that. See the new patches. > > > > Thank you, these patches work for me with the latest CentOS

[SSSD] Re: [PATCH] cache_req improvements

2016-03-14 Thread Jakub Hrozek
On Mon, Mar 14, 2016 at 05:33:10PM +0100, Jakub Hrozek wrote: > On Thu, Mar 10, 2016 at 11:42:53AM +0100, Pavel Březina wrote: > > On 03/09/2016 02:31 PM, Sumit Bose wrote: > > >On Tue, Mar 01, 2016 at 01:05:48PM +0100, Pavel Březina wrote: > > >>On 02/26/201

[SSSD] Re: [PATCH] cache_req improvements

2016-03-14 Thread Jakub Hrozek
On Thu, Mar 10, 2016 at 11:42:53AM +0100, Pavel Březina wrote: > On 03/09/2016 02:31 PM, Sumit Bose wrote: > >On Tue, Mar 01, 2016 at 01:05:48PM +0100, Pavel Březina wrote: > >>On 02/26/2016 01:47 PM, Jakub Hrozek wrote: > >>>On Wed, Feb 24, 2016 at 12:41:2

[SSSD] Re: [PATCH] pam_sss: reorder pam_message array

2016-03-14 Thread Jakub Hrozek
On Mon, Mar 14, 2016 at 10:34:14AM +0100, Pavel Březina wrote: > Ack. > > http://sssd-ci.duckdns.org/logs/job/39/26/summary.html master: 957e0a8675359d90fa50067b704578d01f565bba sssd-1-13: 4a01e6a6fd66e622b80739472a0aa06d1c79a6a9 ___ sssd-devel mailing

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek
On Mon, Mar 14, 2016 at 10:32:32AM +0100, Lukas Slebodnik wrote: > On (14/03/16 10:18), Jakub Hrozek wrote: > >On Mon, Mar 14, 2016 at 10:13:56AM +0100, Lukas Slebodnik wrote: > >> On (14/03/16 10:02), Jakub Hrozek wrote: > >> >On Mon, Mar 14, 2016 at 09:22:15A

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek
On Mon, Mar 14, 2016 at 10:13:56AM +0100, Lukas Slebodnik wrote: > On (14/03/16 10:02), Jakub Hrozek wrote: > >On Mon, Mar 14, 2016 at 09:22:15AM +0100, Lukas Slebodnik wrote: > >> ehlo, > >> > >> attached patch fix coverit

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek
On Mon, Mar 14, 2016 at 09:22:15AM +0100, Lukas Slebodnik wrote: > ehlo, > > attached patch fix coverity error. > > LS > From 26fc8459b84d90fa3f1ac35eb018257285f6a1d7 Mon Sep 17 00:00:00 2001 > From: Lukas Slebodnik > Date: Mon, 14 Mar 2016 09:15:06 +0100 > Subject: [PATCH] UTIL: Do not call st

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-13 Thread Jakub Hrozek
On Fri, Mar 11, 2016 at 12:21:49PM +0100, Pavel Březina wrote: > Should have read the logs to the end, sorry about that. See the new patches. > Thank you, these patches work for me with the latest CentOS-6 IPA packages and the latest F-23 FreeIPA packages. I tested both commands and commandgroups

[SSSD] Re: [PATCH] CLIENT: Retry request after EPIPE

2016-03-11 Thread Jakub Hrozek
On Fri, Feb 26, 2016 at 09:01:33PM +0100, Lukas Slebodnik wrote: > On (26/02/16 16:22), Lukas Slebodnik wrote: > >On (23/02/16 14:28), Lukas Slebodnik wrote: > >>On (23/02/16 13:37), Jakub Hrozek wrote: > >>>On Thu, Feb 18, 2016 at 02:04:54PM +0100, Luka

[SSSD] Re: Tlog integration and packages

2016-03-11 Thread Jakub Hrozek
On Thu, Mar 10, 2016 at 09:10:30PM +0200, Nikolai Kondrashov wrote: > On 03/04/2016 12:54 PM, Jakub Hrozek wrote: > >I was playing with tlog yesterday and for the 'local configuration' I > >suggest we start small and avoid adding too many options, because we'd >

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-11 Thread Jakub Hrozek
On Thu, Mar 10, 2016 at 08:37:23PM +0100, Lukas Slebodnik wrote: > On (10/03/16 20:02), Jakub Hrozek wrote: > >On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > >> diff --git a/Makefile.am b/Makefile.am > >> index d6eb0fc..f8111d0 100644 > &

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-11 Thread Jakub Hrozek
On Fri, Mar 04, 2016 at 02:00:57PM +0100, Pavel Březina wrote: > https://fedorahosted.org/sssd/ticket/2969 I'm sorry, but I still can't use sudo with IPA 3.x server: (Fri Mar 11 10:01:02 2016) [sssd[be[obsolete.test]]] [ipa_sudo_fetch_cmds] (0x0400): About to fetch sudo commands (Fri Mar 11 10:01

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-11 Thread Jakub Hrozek
On Fri, Mar 11, 2016 at 10:07:16AM +0100, Lukas Slebodnik wrote: > On (10/03/16 20:37), Lukas Slebodnik wrote: > >On (10/03/16 20:02), Jakub Hrozek wrote: > >>On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > >>> diff --git a/Makefile.am b/Makefile.a

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-10 Thread Jakub Hrozek
On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > diff --git a/Makefile.am b/Makefile.am > index d6eb0fc..f8111d0 100644 > --- a/Makefile.am > +++ b/Makefile.am > @@ -946,6 +946,10 @@ libipa_hbac_la_DEPENDENCIES = > src/providers/ipa/ipa_hbac.exports > libipa_hbac_la_SOURCES = \

[SSSD] Re: [PATCH] UTIL: Allow to append new line in sss_vdebug_fn

2016-03-10 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 05:39:51PM +0100, Lukas Slebodnik wrote: > ehlo, > > I read log files from latest 1.13 today and it was a small challenge > due to missing line feed after some ldb messages. > > LS > From c9f7e99fb933706663948efc659937299ec54077 Mon Sep 17 00:00:00 2001 > From: Lukas Sleb

[SSSD] [PATCH] libipa_hbac cleanup patches

2016-03-10 Thread Jakub Hrozek
e locations..) >From 3ae3c1fba3e14d3299b121c03c166489fba55741 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 22 Feb 2016 09:44:19 +0100 Subject: [PATCH 1/4] libipa_hbac: Do not use C99 libipa_hbac can be used by external consumers like pam_hbac who run on old platforms that do not support C99. Refrain from using C99 fe

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-10 Thread Jakub Hrozek
On Thu, Mar 10, 2016 at 10:15:01AM +0100, Lukas Slebodnik wrote: > On (09/03/16 18:47), Jakub Hrozek wrote: > >On Wed, Mar 09, 2016 at 10:06:38AM +0100, Pavel Březina wrote: > >> I'm fine either way. > > > >OK, see the attached patch. > > >From ea49df6

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 10:06:38AM +0100, Pavel Březina wrote: > I'm fine either way. OK, see the attached patch. >From ea49df6b0816845ec667392a170f4176e759731f Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 9 Mar 2016 18:44:43 +0100 Subject: [PATCH] LDAP: Remove misleading de

[SSSD] Re: [PATCH] make async connect generic

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 06:28:50PM +0100, Jakub Hrozek wrote: > On Tue, Mar 08, 2016 at 12:28:55PM -0500, Simo Sorce wrote: > > On Tue, 2016-03-08 at 12:11 -0500, Simo Sorce wrote: > > > On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > > > > On Tue, Mar 08,

[SSSD] Re: [PATCH] memberof: Don't allocate on a NULL context

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 05:37:12PM +0100, Lukas Slebodnik wrote: > On (09/03/16 15:21), Jakub Hrozek wrote: > >On Wed, Mar 09, 2016 at 11:32:39AM +0100, Pavel Březina wrote: > >> On 02/26/2016 02:03 PM, Jakub Hrozek wrote: > >> >On Fri, Feb 26, 2016 at 11:08:4

[SSSD] Re: [PATCH] make async connect generic

2016-03-09 Thread Jakub Hrozek
On Tue, Mar 08, 2016 at 12:28:55PM -0500, Simo Sorce wrote: > On Tue, 2016-03-08 at 12:11 -0500, Simo Sorce wrote: > > On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > > > On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > > > > Fixing ev

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 01:28:49PM +0100, Lukas Slebodnik wrote: > On (09/03/16 10:23), Jakub Hrozek wrote: > >On Tue, Mar 08, 2016 at 11:03:40PM +0100, Lukas Slebodnik wrote: > >> On (08/03/16 18:21), Jakub Hrozek wrote: > >> >On Fri, Mar 04, 2016 at 02:01:5

[SSSD] Re: [PATCH] memberof: Don't allocate on a NULL context

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 11:32:39AM +0100, Pavel Březina wrote: > On 02/26/2016 02:03 PM, Jakub Hrozek wrote: > >On Fri, Feb 26, 2016 at 11:08:45AM +0100, Pavel Březina wrote: > >>On 02/24/2016 03:19 PM, Jakub Hrozek wrote: > >>>Hi, > >>> >

[SSSD] Re: [PATCH] Move two options in sssd.conf to the correct section

2016-03-09 Thread Jakub Hrozek
On Wed, Mar 09, 2016 at 11:35:53AM +0100, Pavel Březina wrote: > On 02/23/2016 09:14 PM, Jakub Hrozek wrote: > >On Tue, Feb 23, 2016 at 03:00:56PM +0100, Jakub Hrozek wrote: > >>On Tue, Feb 23, 2016 at 01:29:42PM +0100, Pavel Březina wrote: > >>>On 02/23/201

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-09 Thread Jakub Hrozek
On Tue, Mar 08, 2016 at 11:03:40PM +0100, Lukas Slebodnik wrote: > On (08/03/16 18:21), Jakub Hrozek wrote: > >On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: > >> This allows configuration with id_provider = proxy > >> and sudo_provider = ipa when someon

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-08 Thread Jakub Hrozek
On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: > This allows configuration with id_provider = proxy > and sudo_provider = ipa when someone needs to fetch > rules for local users. > From a6f23fd5ab16d7903b8388d90eb3bb995c4426d0 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Pavel=20B=C5

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-08 Thread Jakub Hrozek
On Tue, Mar 08, 2016 at 09:34:29AM +0100, Lukas Slebodnik wrote: > On (25/02/16 11:06), Jakub Hrozek wrote: > >On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: > >> On (24/02/16 16:43), Jakub Hrozek wrote: > >> >We don't know the group name at

[SSSD] Re: [PATCH] make async connect generic

2016-03-08 Thread Jakub Hrozek
On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > Fixing everything else commented before. > > On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > > And this is the question. The new code doesn't restore the flags, is > > this an intentional change? D

[SSSD] Re: Design stub: performance enhancements for 1.14

2016-03-07 Thread Jakub Hrozek
On Sat, Mar 05, 2016 at 05:09:00PM +0100, Sumit Bose wrote: > On Wed, Mar 02, 2016 at 05:13:40PM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 12:03:32PM +0100, Sumit Bose wrote: > > > On Mon, Feb 22, 2016 at 11:45:21AM +0100, Jakub Hrozek wrote: > > > > On M

[SSSD] Re: [PATCH] make async connect generic

2016-03-05 Thread Jakub Hrozek
On Wed, Mar 02, 2016 at 05:51:47PM -0500, Simo Sorce wrote: > See ticket #2968. > > Simo. > > -- > Simo Sorce * Red Hat, Inc * New York > From dcaae5431617312b69d175274c8b29c430ec6b04 Mon Sep 17 00:00:00 2001 > From: Simo Sorce > Date: Wed, 2 Mar 2016 14:33:38 -0500 > Subject: [PATCH 1/3] Util

[SSSD] [PATCH] Add a test for external group members resolution

2016-03-05 Thread Jakub Hrozek
Hi, I was in a hurry when I submitted the patch for external group members, so I didn't add a test. Bad developer, no cookie. The attached patch adds a test for that code. >From c8ea0bb8763a2991d6d6c6c6fbfeb8c051e30d62 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 4 Mar 2016

[SSSD] Re: [PATCH] NSS: Move a DEBUG message so that it's less confusing

2016-03-04 Thread Jakub Hrozek
On Fri, Mar 04, 2016 at 11:56:03AM +0100, Pavel Reichl wrote: > > > On 03/04/2016 11:46 AM, Jakub Hrozek wrote: > >Hi, > > > >the attached patch would hopefully make analyzing of NSS logs files in a > >multi-domain scenario (typically a trust setup) less confusi

[SSSD] Re: Tlog integration and packages

2016-03-04 Thread Jakub Hrozek
On Mon, Feb 29, 2016 at 07:36:51PM +0200, Nikolai Kondrashov wrote: > On 02/26/2016 12:37 PM, Jakub Hrozek wrote: > >On Thu, Feb 25, 2016 at 03:09:25PM +0200, Nikolai Kondrashov wrote: > >>I'd like to continue the discussion of tlog integration, and also present > >

[SSSD] [PATCH] NSS: Move a DEBUG message so that it's less confusing

2016-03-04 Thread Jakub Hrozek
00:00:00 2001 From: Jakub Hrozek Date: Fri, 4 Mar 2016 11:21:55 +0100 Subject: [PATCH] NSS: Move a DEBUG message so that it's less confusing --- po/ca.po | 690 + src/responder/nss/nsssrv_cmd.c | 6 +- 2 files changed, 360

[SSSD] Re: [PATCH] Use refcount to keep track of server structures returned from failover

2016-03-03 Thread Jakub Hrozek
On Thu, Mar 03, 2016 at 04:50:33PM +0100, Lukas Slebodnik wrote: > On (23/10/15 10:22), Jakub Hrozek wrote: > >On Wed, Oct 21, 2015 at 11:50:07AM +0200, Pavel Březina wrote: > >> On 10/11/2015 10:00 PM, Jakub Hrozek wrote: > >> >Hi, > >> > > &g

[SSSD] Re: [PATCH] cache_req improvements

2016-03-02 Thread Jakub Hrozek
On Tue, Mar 01, 2016 at 01:05:48PM +0100, Pavel Březina wrote: > On 02/26/2016 01:47 PM, Jakub Hrozek wrote: > >On Wed, Feb 24, 2016 at 12:41:24PM +0100, Pavel Březina wrote: > >>>> From f61d0192b8254247802167ea385b52f65d4e175d Mon Sep 17 00:00:00 2001 > >>>&

[SSSD] Re: Design stub: performance enhancements for 1.14

2016-03-02 Thread Jakub Hrozek
On Mon, Feb 22, 2016 at 12:03:32PM +0100, Sumit Bose wrote: > On Mon, Feb 22, 2016 at 11:45:21AM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 11:26:34AM +0100, Sumit Bose wrote: > > > On Wed, Feb 17, 2016 at 11:45:36AM +0100, Jakub Hrozek wrote: > > > > Hi,

[SSSD] Re: [PATCH] sdap: improve filtering of multiple results in GC lookups

2016-03-01 Thread Jakub Hrozek
On Mon, Feb 29, 2016 at 11:17:14AM +0100, Jakub Hrozek wrote: > ACK. > > There were some downstream tests failing, but the same tests kept > failing even with a vanilla RHEL-7.2 package, so I think it's a fluke in > the test and not a r

[SSSD] Re: [PATCH] remove user certificate if not found on the server

2016-03-01 Thread Jakub Hrozek
On Mon, Feb 29, 2016 at 02:05:37PM +0100, Sumit Bose wrote: > On Thu, Feb 25, 2016 at 11:36:43AM +0100, Pavel Březina wrote: > > On 02/25/2016 11:07 AM, Sumit Bose wrote: > > >On Thu, Feb 25, 2016 at 10:53:03AM +0100, Pavel Březina wrote: > > >>On 02/24/2016 02:34 PM, Sumit Bose wrote: > > >>>On We

<    3   4   5   6   7   8   9   10   11   12   >