from:"Jakub Hrozek"

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek

On Wed, Apr 06, 2016 at 03:16:20PM +0200, Jakub Hrozek wrote: > On Wed, Apr 06, 2016 at 08:39:39AM -0400, Stephen Gallagher wrote: > > > > > > > On Apr 6, 2016, at 8:37 AM, Jakub Hrozek <jhro...@redhat.com> wrote: > > > > > >> On Tue, Apr 05

[SSSD] [PATCH] AD: Recognize Windows Server 2016

2016-04-06 Thread Jakub Hrozek

been amended yet at: https://msdn.microsoft.com/en-us/library/cc223272.aspx I think we could merge this patch without breaking anything. >From 6af263f425c4c54fc01aeeb3bbc47366b2b6a82b Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Wed, 6 Apr 2016 15:26:15 +020

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek

On Wed, Apr 06, 2016 at 08:39:39AM -0400, Stephen Gallagher wrote: > > > > On Apr 6, 2016, at 8:37 AM, Jakub Hrozek <jhro...@redhat.com> wrote: > > > >> On Tue, Apr 05, 2016 at 02:34:33PM -0400, Stephen Gallagher wrote: > >> We only need to go online

[SSSD] Re: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local

2016-04-06 Thread Jakub Hrozek

On Tue, Apr 05, 2016 at 02:34:33PM -0400, Stephen Gallagher wrote: > We only need to go online if we receive a netlink signal that might > indicate that the external connection might have become available. This > will never be true for link-local addresses. > The indentation of DEBUG messages is

[SSSD] Re: [PATCH] MAN: Remove duplicate description of the pam_account_locked_message option

2016-04-06 Thread Jakub Hrozek

On Wed, Apr 06, 2016 at 01:07:09PM +0200, Pavel Reichl wrote: > > > On 04/06/2016 10:39 AM, Pavel Reichl wrote: > > > > > >On 04/06/2016 10:17 AM, Jakub Hrozek wrote: > >>Hi, > >> > >>I found this minor man page bug when I was prepairing

[SSSD] Re: Design document - sssctl

2016-04-06 Thread Jakub Hrozek

On Tue, Mar 22, 2016 at 12:42:28PM +0100, Pavel Reichl wrote: > Hello, > > Pavel Březina and I have prepared the 1st draft of design document. We mostly > focused on summing up its future functionality and its interface. > > Please comment if you miss some essential functionality or if you

[SSSD] Re: Design document - sssctl

2016-04-06 Thread Jakub Hrozek

On Tue, Mar 22, 2016 at 04:23:26PM -0400, Justin Stephenson wrote: > This is great and will make our lives much easier in support! Currently we > have autokeyed commands like 'service sssd stop; rm -f /var/lib/sss/db/*; > service sssd stop' Yes in fact, most users expect this to be done by the

[SSSD] RFC: release notes for 1.13.4

2016-04-06 Thread Jakub Hrozek

Hi, I would like to release 1.13.4 today. I drafted the release notes on the wiki: https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.4 Feel free to comment or edit them.. About the tickets in the 1.13.4 milestone: https://fedorahosted.org/sssd/ticket/2886 - sssd-nss segfault on

[SSSD] [PATCH] MAN: Remove duplicate description of the pam_account_locked_message option

2016-04-06 Thread Jakub Hrozek

Hi, I found this minor man page bug when I was prepairing the 1.13.4 release notes. >From 7863d86d3377380e2ce73ea47bc78c787cffbda3 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Wed, 6 Apr 2016 10:09:23 +0200 Subject: [PATCH] MAN: Remove duplicate de

[SSSD] Re: Design discussion: Use fully-qualified names for users and groups in sysdb

2016-04-05 Thread Jakub Hrozek

On Fri, Apr 01, 2016 at 12:28:40PM +0200, Pavel Březina wrote: > On 03/31/2016 02:18 PM, Jakub Hrozek wrote: > >Hi, > > > >I prepared a design page for https://fedorahosted.org/sssd/ticket/2011 > >at: > > https://fedorahosted.org/sssd/wiki/DesignDocs/SysdbFu

[SSSD] Re: is this a GPO bug?

2016-04-04 Thread Jakub Hrozek

On Mon, Apr 04, 2016 at 02:30:16PM +0200, Lukas Slebodnik wrote: > On (04/04/16 13:57), Jakub Hrozek wrote: > >Hi, > > > >I'm looking at a logfile from one sssd installation and I'm wondering if > >it's a GPO bug. The relevant part of the logs is: > > > >[s

[SSSD] is this a GPO bug?

2016-04-04 Thread Jakub Hrozek

Hi, I'm looking at a logfile from one sssd installation and I'm wondering if it's a GPO bug. The relevant part of the logs is: [sssd[be[example.com]]] [sdap_parse_entry] (0x1000): OriginalDN: [cn={BCB10A5A-630C-477E-8E2D-996F06E36DBD},cn=policies,cn=system,DC=example,DC=com].

[SSSD] Design discussion: Use fully-qualified names for users and groups in sysdb

2016-03-31 Thread Jakub Hrozek

. === How To Test === All available tests should still pass. The tests should also pass if the format of the database was changed. === Authors === * Jakub Hrozek <jhro...@redhat.com> * Michal Židek <mzi...@redhat.com> ___ sssd-devel m

[SSSD] Re: Multiple PID file macros ?

2016-03-28 Thread Jakub Hrozek

> On 28 Mar 2016, at 21:02, Simo Sorce wrote: > > While looking at the monitor code I realize we define SSSD_PIDFILE_PATH > in monitor.c in a different way than we define SSSD_PIDFILE in > tools_util.h > > Although the definitions differ, they end up being effectively the

[SSSD] Re: Config file merging in SSSD

2016-03-23 Thread Jakub Hrozek

> On 22 Mar 2016, at 16:19, Michal Židek wrote: > > On 03/22/2016 03:29 PM, Sumit Bose wrote: >> On Tue, Mar 22, 2016 at 12:29:39PM +0100, Michal Židek wrote: >>> Hi, >>> >>> I would like to write a patch that will >>> allow SSSD to use the config file merging >>> feature

[SSSD] Re: Config file merging in SSSD

2016-03-23 Thread Jakub Hrozek

> On 23 Mar 2016, at 11:11, Michal Židek <mzi...@redhat.com> wrote: > > On 03/23/2016 11:02 AM, Lukas Slebodnik wrote: >> On (23/03/16 10:53), Michal Židek wrote: >>> On 03/22/2016 09:10 PM, Jakub Hrozek wrote: >>>> >>>>> On 22 M

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek

> On 22 Mar 2016, at 14:46, Lukas Slebodnik wrote: >>> >>> SSSD would automatically pick up files ending >>> in .conf from that direcory and use them. In >>> order to disable the config file, the admin will >>> have to rename the file ending (for example >>>

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek

> On 22 Mar 2016, at 20:43, Simo Sorce wrote: > > On Tue, 2016-03-22 at 15:15 +0100, Michal Židek wrote: >> On 03/22/2016 02:46 PM, Lukas Slebodnik wrote: >>> On (22/03/16 14:30), Michal Židek wrote: On 03/22/2016 12:29 PM, Michal Židek wrote: > Hi, > > I

[SSSD] Re: Config file merging in SSSD

2016-03-22 Thread Jakub Hrozek

> On 22 Mar 2016, at 12:29, Michal Židek wrote: > > Hi, > > I would like to write a patch that will > allow SSSD to use the config file merging > feature from libini. But first I would like > to ask developers for their opinions on how > this should be implemented. > > My

[SSSD] Re: NSS responder should negatively cache local users for a longer time

2016-03-22 Thread Jakub Hrozek

> On 22 Mar 2016, at 20:35, Simo Sorce <s...@redhat.com> wrote: > > On Sun, 2016-03-20 at 21:28 +0100, Jakub Hrozek wrote: >>> On 16 Mar 2016, at 13:45, Petr Cech <pc...@redhat.com> wrote: >>> >>> Hi, >>> >>> I will work on $su

[SSSD] Re: NSS responder should negatively cache local users for a longer time

2016-03-20 Thread Jakub Hrozek

> On 16 Mar 2016, at 13:45, Petr Cech wrote: > > Hi, > > I will work on $subject [1] and I have discussed this topic with Jakub a week > ago. There are some open questions, so I will be glad if you say your opinion. > > There could be heavy traffic between SSSD client and

[SSSD] Re: [PATCH] SUDO: be able to parse modifyTimestamp correctly

2016-03-19 Thread Jakub Hrozek

On Mon, Mar 07, 2016 at 12:02:32PM +0100, Pavel Březina wrote: > One way to fix this would be to revert: > f58ffb26aeaae0642a149643672fa59ec01a3a36 > 1476d5348fcf387e7481d833becbd993d91f8019 > > These patches simplified the entryUSN fitler from (&(entryUSN >= > $last)(entryUSN != $last)) to

[SSSD] Re: [PATCH] Fix responders socket cleanup code

2016-03-19 Thread Jakub Hrozek

On Tue, Mar 15, 2016 at 11:22:42AM +0100, Pavel Březina wrote: > On 03/15/2016 10:36 AM, Pavel Březina wrote: > >On 03/11/2016 05:04 AM, Simo Sorce wrote: > >>On Thu, 2016-03-10 at 21:04 -0500, Simo Sorce wrote: > >>>The attached patch fixes #2973, > >>>it's pretty straightforward. > >> > >>Same

[SSSD] Re: [PATCH] SPEC: Run extra unit tests with epel

2016-03-19 Thread Jakub Hrozek

On Mon, Mar 07, 2016 at 04:12:00PM +0100, Lukas Slebodnik wrote: > ehlo, > > simple patch is attached. > > LS Garbage-collecting easy patches untouched for a week or more.. The patch looks good and according to:

[SSSD] Re: [PATCH] Fix responders socket cleanup code

2016-03-19 Thread Jakub Hrozek

On Thu, Mar 17, 2016 at 09:49:20AM +0100, Lukas Slebodnik wrote: > On (17/03/16 09:23), Jakub Hrozek wrote: > >On Tue, Mar 15, 2016 at 11:22:42AM +0100, Pavel Březina wrote: > >> On 03/15/2016 10:36 AM, Pavel Březina wrote: > >> >On 03/11/2016 05:04 AM, Simo Sorce wr

[SSSD] Re: [PATCH] SUDO: be able to parse modifyTimestamp correctly

2016-03-19 Thread Jakub Hrozek

On Thu, Mar 17, 2016 at 12:29:32PM +0100, Jakub Hrozek wrote: > On Mon, Mar 07, 2016 at 12:02:32PM +0100, Pavel Březina wrote: > > One way to fix this would be to revert: > > f58ffb26aeaae0642a149643672fa59ec01a3a36 > > 1476d5348fcf387e7481d833becbd993d91f8019 > > &

[SSSD] [PATCH] MAN: Drop the reference to IPAv2 in the man page

2016-03-19 Thread Jakub Hrozek

a man page one liner :) No need to explicitly mention IPAv2, I hope there are no deployments of IPAv1 left anymore :) This change was suggested by Rob in https://fedorahosted.org/sssd/ticket/1907#comment:2 >From a571f05f492090e95ec25ba1e10b7f843f4688b7 Mon Sep 17 00:00:00 2001 From: Jakub Hro

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-14 Thread Jakub Hrozek

On Sun, Mar 13, 2016 at 09:07:28PM +0100, Jakub Hrozek wrote: > On Fri, Mar 11, 2016 at 12:21:49PM +0100, Pavel Březina wrote: > > Should have read the logs to the end, sorry about that. See the new patches. > > > > Thank you, these patches work for me with the latest

[SSSD] Re: [PATCH] cache_req improvements

2016-03-14 Thread Jakub Hrozek

On Mon, Mar 14, 2016 at 05:33:10PM +0100, Jakub Hrozek wrote: > On Thu, Mar 10, 2016 at 11:42:53AM +0100, Pavel Březina wrote: > > On 03/09/2016 02:31 PM, Sumit Bose wrote: > > >On Tue, Mar 01, 2016 at 01:05:48PM +0100, Pavel Březina wrote: > > >>On 02/26/201

[SSSD] Re: [PATCH] cache_req improvements

2016-03-14 Thread Jakub Hrozek

On Thu, Mar 10, 2016 at 11:42:53AM +0100, Pavel Březina wrote: > On 03/09/2016 02:31 PM, Sumit Bose wrote: > >On Tue, Mar 01, 2016 at 01:05:48PM +0100, Pavel Březina wrote: > >>On 02/26/2016 01:47 PM, Jakub Hrozek wrote: > >>>On Wed, Feb 24, 2016 at 12:41:2

[SSSD] Re: [PATCH] pam_sss: reorder pam_message array

2016-03-14 Thread Jakub Hrozek

On Mon, Mar 14, 2016 at 10:34:14AM +0100, Pavel Březina wrote: > Ack. > > http://sssd-ci.duckdns.org/logs/job/39/26/summary.html master: 957e0a8675359d90fa50067b704578d01f565bba sssd-1-13: 4a01e6a6fd66e622b80739472a0aa06d1c79a6a9 ___ sssd-devel

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek

On Mon, Mar 14, 2016 at 10:32:32AM +0100, Lukas Slebodnik wrote: > On (14/03/16 10:18), Jakub Hrozek wrote: > >On Mon, Mar 14, 2016 at 10:13:56AM +0100, Lukas Slebodnik wrote: > >> On (14/03/16 10:02), Jakub Hrozek wrote: > >> >On Mon, Mar 14, 2016 at 09:22:15A

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek

On Mon, Mar 14, 2016 at 10:13:56AM +0100, Lukas Slebodnik wrote: > On (14/03/16 10:02), Jakub Hrozek wrote: > >On Mon, Mar 14, 2016 at 09:22:15AM +0100, Lukas Slebodnik wrote: > >> ehlo, > >> > >> attached patch fix coverit

[SSSD] Re: [PATCH] UTIL: Do not call stderr with negative number

2016-03-14 Thread Jakub Hrozek

On Mon, Mar 14, 2016 at 09:22:15AM +0100, Lukas Slebodnik wrote: > ehlo, > > attached patch fix coverity error. > > LS > From 26fc8459b84d90fa3f1ac35eb018257285f6a1d7 Mon Sep 17 00:00:00 2001 > From: Lukas Slebodnik > Date: Mon, 14 Mar 2016 09:15:06 +0100 > Subject:

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-13 Thread Jakub Hrozek

On Fri, Mar 11, 2016 at 12:21:49PM +0100, Pavel Březina wrote: > Should have read the logs to the end, sorry about that. See the new patches. > Thank you, these patches work for me with the latest CentOS-6 IPA packages and the latest F-23 FreeIPA packages. I tested both commands and

[SSSD] Re: [PATCH] CLIENT: Retry request after EPIPE

2016-03-11 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 09:01:33PM +0100, Lukas Slebodnik wrote: > On (26/02/16 16:22), Lukas Slebodnik wrote: > >On (23/02/16 14:28), Lukas Slebodnik wrote: > >>On (23/02/16 13:37), Jakub Hrozek wrote: > >>>On Thu, Feb 18, 2016 at 02:04:54PM +0100, Luka

[SSSD] Re: Tlog integration and packages

2016-03-11 Thread Jakub Hrozek

On Thu, Mar 10, 2016 at 09:10:30PM +0200, Nikolai Kondrashov wrote: > On 03/04/2016 12:54 PM, Jakub Hrozek wrote: > >I was playing with tlog yesterday and for the 'local configuration' I > >suggest we start small and avoid adding too many options, because we'd > >have to su

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-11 Thread Jakub Hrozek

On Thu, Mar 10, 2016 at 08:37:23PM +0100, Lukas Slebodnik wrote: > On (10/03/16 20:02), Jakub Hrozek wrote: > >On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > >> diff --git a/Makefile.am b/Makefile.am > >> index d6eb0fc..f8111d0 100644 > &

[SSSD] Re: [PATCH] IPA SUDO: support old ipasudocmd rdn

2016-03-11 Thread Jakub Hrozek

On Fri, Mar 04, 2016 at 02:00:57PM +0100, Pavel Březina wrote: > https://fedorahosted.org/sssd/ticket/2969 I'm sorry, but I still can't use sudo with IPA 3.x server: (Fri Mar 11 10:01:02 2016) [sssd[be[obsolete.test]]] [ipa_sudo_fetch_cmds] (0x0400): About to fetch sudo commands (Fri Mar 11

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-11 Thread Jakub Hrozek

On Fri, Mar 11, 2016 at 10:07:16AM +0100, Lukas Slebodnik wrote: > On (10/03/16 20:37), Lukas Slebodnik wrote: > >On (10/03/16 20:02), Jakub Hrozek wrote: > >>On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > >>> diff --git a/Makefile.am b/Makefile.a

[SSSD] Re: [PATCH] libipa_hbac cleanup patches

2016-03-10 Thread Jakub Hrozek

On Thu, Mar 10, 2016 at 12:53:44PM +0100, Lukas Slebodnik wrote: > diff --git a/Makefile.am b/Makefile.am > index d6eb0fc..f8111d0 100644 > --- a/Makefile.am > +++ b/Makefile.am > @@ -946,6 +946,10 @@ libipa_hbac_la_DEPENDENCIES = > src/providers/ipa/ipa_hbac.exports > libipa_hbac_la_SOURCES = \

[SSSD] Re: [PATCH] UTIL: Allow to append new line in sss_vdebug_fn

2016-03-10 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 05:39:51PM +0100, Lukas Slebodnik wrote: > ehlo, > > I read log files from latest 1.13 today and it was a small challenge > due to missing line feed after some ldb messages. > > LS > From c9f7e99fb933706663948efc659937299ec54077 Mon Sep 17 00:00:00 2001 > From: Lukas

[SSSD] [PATCH] libipa_hbac cleanup patches

2016-03-10 Thread Jakub Hrozek

s..) >From 3ae3c1fba3e14d3299b121c03c166489fba55741 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Mon, 22 Feb 2016 09:44:19 +0100 Subject: [PATCH 1/4] libipa_hbac: Do not use C99 libipa_hbac can be used by external consumers like pam_hbac who run on old platforms that do not support C99. Refrain from

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-10 Thread Jakub Hrozek

On Thu, Mar 10, 2016 at 10:15:01AM +0100, Lukas Slebodnik wrote: > On (09/03/16 18:47), Jakub Hrozek wrote: > >On Wed, Mar 09, 2016 at 10:06:38AM +0100, Pavel Březina wrote: > >> I'm fine either way. > > > >OK, see the attached patch. > > >From ea49df6b0816

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 10:06:38AM +0100, Pavel Březina wrote: > I'm fine either way. OK, see the attached patch. >From ea49df6b0816845ec667392a170f4176e759731f Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Wed, 9 Mar 2016 18:44:43 +0100 Subject: [PATCH]

[SSSD] Re: [PATCH] make async connect generic

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 06:28:50PM +0100, Jakub Hrozek wrote: > On Tue, Mar 08, 2016 at 12:28:55PM -0500, Simo Sorce wrote: > > On Tue, 2016-03-08 at 12:11 -0500, Simo Sorce wrote: > > > On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > > > > On Tue, Mar 08,

[SSSD] Re: [PATCH] memberof: Don't allocate on a NULL context

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 05:37:12PM +0100, Lukas Slebodnik wrote: > On (09/03/16 15:21), Jakub Hrozek wrote: > >On Wed, Mar 09, 2016 at 11:32:39AM +0100, Pavel Březina wrote: > >> On 02/26/2016 02:03 PM, Jakub Hrozek wrote: > >> >On Fri, Feb 26, 2016 at 11:08:4

[SSSD] Re: [PATCH] make async connect generic

2016-03-09 Thread Jakub Hrozek

On Tue, Mar 08, 2016 at 12:28:55PM -0500, Simo Sorce wrote: > On Tue, 2016-03-08 at 12:11 -0500, Simo Sorce wrote: > > On Tue, 2016-03-08 at 17:48 +0100, Jakub Hrozek wrote: > > > On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > > > > Fixing ev

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 01:28:49PM +0100, Lukas Slebodnik wrote: > On (09/03/16 10:23), Jakub Hrozek wrote: > >On Tue, Mar 08, 2016 at 11:03:40PM +0100, Lukas Slebodnik wrote: > >> On (08/03/16 18:21), Jakub Hrozek wrote: > >> >On Fri, Mar 04, 2016 at 02:01:5

[SSSD] Re: [PATCH] memberof: Don't allocate on a NULL context

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 11:32:39AM +0100, Pavel Březina wrote: > On 02/26/2016 02:03 PM, Jakub Hrozek wrote: > >On Fri, Feb 26, 2016 at 11:08:45AM +0100, Pavel Březina wrote: > >>On 02/24/2016 03:19 PM, Jakub Hrozek wrote: > >>>Hi, > >>> >

[SSSD] Re: [PATCH] Move two options in sssd.conf to the correct section

2016-03-09 Thread Jakub Hrozek

On Wed, Mar 09, 2016 at 11:35:53AM +0100, Pavel Březina wrote: > On 02/23/2016 09:14 PM, Jakub Hrozek wrote: > >On Tue, Feb 23, 2016 at 03:00:56PM +0100, Jakub Hrozek wrote: > >>On Tue, Feb 23, 2016 at 01:29:42PM +0100, Pavel Březina wrote: > >>>On 02/23/201

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-09 Thread Jakub Hrozek

On Tue, Mar 08, 2016 at 11:03:40PM +0100, Lukas Slebodnik wrote: > On (08/03/16 18:21), Jakub Hrozek wrote: > >On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: > >> This allows configuration with id_provider = proxy > >> and sudo_provider = ipa when someon

[SSSD] Re: [PATCH] IPA SUDO: download externalUser attribute

2016-03-08 Thread Jakub Hrozek

On Fri, Mar 04, 2016 at 02:01:54PM +0100, Pavel Březina wrote: > This allows configuration with id_provider = proxy > and sudo_provider = ipa when someone needs to fetch > rules for local users. > From a6f23fd5ab16d7903b8388d90eb3bb995c4426d0 Mon Sep 17 00:00:00 2001 > From:

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-03-08 Thread Jakub Hrozek

On Tue, Mar 08, 2016 at 09:34:29AM +0100, Lukas Slebodnik wrote: > On (25/02/16 11:06), Jakub Hrozek wrote: > >On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: > >> On (24/02/16 16:43), Jakub Hrozek wrote: > >> >We don't know the group name at that

[SSSD] Re: [PATCH] make async connect generic

2016-03-08 Thread Jakub Hrozek

On Tue, Mar 08, 2016 at 10:18:46AM -0500, Simo Sorce wrote: > Fixing everything else commented before. > > On Sat, 2016-03-05 at 15:31 +0100, Jakub Hrozek wrote: > > And this is the question. The new code doesn't restore the flags, is > > this an intentional change? Do you

[SSSD] Re: Design stub: performance enhancements for 1.14

2016-03-07 Thread Jakub Hrozek

On Sat, Mar 05, 2016 at 05:09:00PM +0100, Sumit Bose wrote: > On Wed, Mar 02, 2016 at 05:13:40PM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 12:03:32PM +0100, Sumit Bose wrote: > > > On Mon, Feb 22, 2016 at 11:45:21AM +0100, Jakub Hrozek wrote: > > > > On M

[SSSD] Re: [PATCH] make async connect generic

2016-03-05 Thread Jakub Hrozek

On Wed, Mar 02, 2016 at 05:51:47PM -0500, Simo Sorce wrote: > See ticket #2968. > > Simo. > > -- > Simo Sorce * Red Hat, Inc * New York > From dcaae5431617312b69d175274c8b29c430ec6b04 Mon Sep 17 00:00:00 2001 > From: Simo Sorce > Date: Wed, 2 Mar 2016 14:33:38 -0500 >

[SSSD] [PATCH] Add a test for external group members resolution

2016-03-05 Thread Jakub Hrozek

Hi, I was in a hurry when I submitted the patch for external group members, so I didn't add a test. Bad developer, no cookie. The attached patch adds a test for that code. >From c8ea0bb8763a2991d6d6c6c6fbfeb8c051e30d62 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Dat

[SSSD] Re: [PATCH] NSS: Move a DEBUG message so that it's less confusing

2016-03-04 Thread Jakub Hrozek

On Fri, Mar 04, 2016 at 11:56:03AM +0100, Pavel Reichl wrote: > > > On 03/04/2016 11:46 AM, Jakub Hrozek wrote: > >Hi, > > > >the attached patch would hopefully make analyzing of NSS logs files in a > >multi-domain scenario (typically a trust setup) less confusi

[SSSD] Re: Tlog integration and packages

2016-03-04 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 07:36:51PM +0200, Nikolai Kondrashov wrote: > On 02/26/2016 12:37 PM, Jakub Hrozek wrote: > >On Thu, Feb 25, 2016 at 03:09:25PM +0200, Nikolai Kondrashov wrote: > >>I'd like to continue the discussion of tlog integration, and also present > >&g

[SSSD] [PATCH] NSS: Move a DEBUG message so that it's less confusing

2016-03-04 Thread Jakub Hrozek

00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Fri, 4 Mar 2016 11:21:55 +0100 Subject: [PATCH] NSS: Move a DEBUG message so that it's less confusing --- po/ca.po | 690 + src/responder/nss/nsssrv_cmd.c | 6 +- 2

[SSSD] Re: [PATCH] Use refcount to keep track of server structures returned from failover

2016-03-03 Thread Jakub Hrozek

On Thu, Mar 03, 2016 at 04:50:33PM +0100, Lukas Slebodnik wrote: > On (23/10/15 10:22), Jakub Hrozek wrote: > >On Wed, Oct 21, 2015 at 11:50:07AM +0200, Pavel Březina wrote: > >> On 10/11/2015 10:00 PM, Jakub Hrozek wrote: > >> >Hi, > >> > > &g

[SSSD] Re: Design stub: performance enhancements for 1.14

2016-03-02 Thread Jakub Hrozek

On Mon, Feb 22, 2016 at 12:03:32PM +0100, Sumit Bose wrote: > On Mon, Feb 22, 2016 at 11:45:21AM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 11:26:34AM +0100, Sumit Bose wrote: > > > On Wed, Feb 17, 2016 at 11:45:36AM +0100, Jakub Hrozek wrote: > > > > Hi,

[SSSD] Re: [PATCH] sdap: improve filtering of multiple results in GC lookups

2016-03-01 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 11:17:14AM +0100, Jakub Hrozek wrote: > ACK. > > There were some downstream tests failing, but the same tests kept > failing even with a vanilla RHEL-7.2 package, so I think it's a fluke in > the test and not a regres

[SSSD] Re: [PATCH] remove user certificate if not found on the server

2016-03-01 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 02:05:37PM +0100, Sumit Bose wrote: > On Thu, Feb 25, 2016 at 11:36:43AM +0100, Pavel Březina wrote: > > On 02/25/2016 11:07 AM, Sumit Bose wrote: > > >On Thu, Feb 25, 2016 at 10:53:03AM +0100, Pavel Březina wrote: > > >>On 02/24/2016 02:34 PM, Sumit Bose wrote: > > >>>On

[SSSD] Re: [PATCH] IDMAP: Add minor performance improvements

2016-03-01 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 03:10:05PM +0100, Sumit Bose wrote: > On Wed, Feb 17, 2016 at 10:47:26AM +0100, Pavel Reichl wrote: > > On 02/15/2016 06:19 PM, Sumit Bose wrote: > > >On Tue, Jan 26, 2016 at 05:35:06PM +0100, Pavel Reichl wrote: > > >>>Hello, > > >>> > > >>>please see simple patch

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-29 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 04:29:05PM +0100, Jan Pazdziora wrote: > On Mon, Feb 29, 2016 at 03:30:12PM +0100, Jakub Hrozek wrote: > > > > > > So, effectively, there would be no way to make some URI accessible to > > > more than one group? > > > > There

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-29 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 04:23:18PM +0100, Jan Pazdziora wrote: > On Mon, Feb 29, 2016 at 12:44:01PM +0100, Jakub Hrozek wrote: > > > > > E.g., allow every URI that does NOT start with > > > $(hostname)/admin/ . It would be possible if there was finite number o

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-29 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 12:56:55PM +0100, Lukáš Hellebrandt wrote: > On 02/29/2016 12:44 PM, Jakub Hrozek wrote: > > On Mon, Feb 29, 2016 at 11:50:06AM +0100, Lukáš Hellebrandt wrote: > >> On 02/28/2016 11:42 AM, Jakub Hrozek wrote: > >>> On Fri, Feb 26, 2016 at 02:03

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-29 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 11:50:06AM +0100, Lukáš Hellebrandt wrote: > On 02/28/2016 11:42 AM, Jakub Hrozek wrote: > > On Fri, Feb 26, 2016 at 02:03:37PM +0100, Lukáš Hellebrandt wrote: > >>> First question I have is that the URLs only match on complete string > >>>

[SSSD] Re: [PATCH] cache_req improvements

2016-02-29 Thread Jakub Hrozek

On Mon, Feb 29, 2016 at 11:22:00AM +0100, Pavel Březina wrote: > On 02/26/2016 01:47 PM, Jakub Hrozek wrote: > >On Wed, Feb 24, 2016 at 12:41:24PM +0100, Pavel Březina wrote: > >>>> From f61d0192b8254247802167ea385b52f65d4e175d Mon Sep 17 00:00:00 2001 > >>>&

[SSSD] Re: [PATCH] sdap: improve filtering of multiple results in GC lookups

2016-02-29 Thread Jakub Hrozek

On Thu, Feb 25, 2016 at 01:37:27PM +0100, Sumit Bose wrote: > On Thu, Feb 25, 2016 at 12:50:55PM +0100, Jakub Hrozek wrote: > > On Tue, Feb 23, 2016 at 12:53:25PM +0100, Sumit Bose wrote: > > > Hi, > > > > > > this patch fixes and issue during initgroups in AD

[SSSD] Re: [PATCH]: test ldap provider with TLS or SSL

2016-02-29 Thread Jakub Hrozek

> testing/supporting against correct? Yes, we support RHEL >= 6, Fedora (all supported versions) and Debian Testing. > Also wondering if the ci setup issue I'm > seeing applies to apt. > > Dan > > > On 2/26/16 5:53 AM, Jakub Hrozek wrote: > >On Thu, Feb 25

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-28 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 02:03:37PM +0100, Lukáš Hellebrandt wrote: > > First question I have is that the URLs only match on complete string > > match. From past conversations I thought we wanted to add a more > > granular evaluation..? > > I am planning to interpret URI as a prefix. However,

[SSSD] Re: [PATCH] memberof: Don't allocate on a NULL context

2016-02-26 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 11:08:45AM +0100, Pavel Březina wrote: > On 02/24/2016 03:19 PM, Jakub Hrozek wrote: > >Hi, > > > >the attached patch fixes: > > https://fedorahosted.org/sssd/ticket/2959 > > > >It was confirmed by the original reporter. The bug w

[SSSD] Re: [PATCH] LDAP: Use the common get_uppercase_realm to uppercase the realm

2016-02-26 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 10:47:13AM +0100, Pavel Březina wrote: > On 02/25/2016 02:04 PM, Jakub Hrozek wrote: > >Hi, > > > >attached is a simple clan-up patch. > > Hi, > make_realm_upper_case also contains a check that returns the original string > if delimiter is

[SSSD] Re: [PATCH] cache_req improvements

2016-02-26 Thread Jakub Hrozek

On Wed, Feb 24, 2016 at 12:41:24PM +0100, Pavel Březina wrote: > >> From f61d0192b8254247802167ea385b52f65d4e175d Mon Sep 17 00:00:00 2001 > >>From: =?UTF-8?q?Pavel=20B=C5=99ezina?= > >>Date: Thu, 18 Feb 2016 14:25:18 +0100 > >>Subject: [PATCH 07/12] sysdb: reset ldb errors >

[SSSD] Re: URI in HBAC rules - patch - request for feedback

2016-02-26 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 01:15:59PM +0100, Lukáš Hellebrandt wrote: > Hi, FreeIPA and SSSD communities! > > I am working on adding URI to HBAC as my thesis [1]. The goal is to > control access not only based on (user, host, service), but on (user, > host, service, resource's URI). > > I created a

[SSSD] Re: [PATCH] IPA: lookup idview name even if there is no master domain

2016-02-26 Thread Jakub Hrozek

On Thu, Feb 25, 2016 at 11:26:13AM +0100, Jakub Hrozek wrote: > On Tue, Feb 23, 2016 at 03:26:57PM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 06:40:44PM +0100, Sumit Bose wrote: > > > Hi, > > > > > > these two patches fixes and issue which was repo

[SSSD] Re: [PATCH] tests: Extend test_child_common.c to include tests for the only_extra_args functionality

2016-02-26 Thread Jakub Hrozek

On Fri, Feb 26, 2016 at 10:58:16AM +0100, Pavel Březina wrote: > On 02/24/2016 04:26 PM, Jakub Hrozek wrote: > >Hi, > > > >the attached patch was already acked by Sumit as part of the adcli > >thread, so I'd like to push it now. &g

[SSSD] Re: Tlog integration and packages

2016-02-26 Thread Jakub Hrozek

On Thu, Feb 25, 2016 at 03:09:25PM +0200, Nikolai Kondrashov wrote: > Hi everyone, > > I'd like to continue the discussion of tlog integration, and also present you > the first release of tlog - a development preview, which has the configuration > interface necessary to implement the integration:

[SSSD] Re: [PATCH] sudo: use cache_req interface

2016-02-25 Thread Jakub Hrozek

On Tue, Feb 09, 2016 at 02:07:21PM +0100, Pavel Březina wrote: > First of the responders is converted -) Sorry for the first delay in review. Before reading the code, I submitted the patches to automated tests, so far I found: Error: COMPILER_WARNING:

[SSSD] [PATCH] LDAP: Use the common get_uppercase_realm to uppercase the realm

2016-02-25 Thread Jakub Hrozek

Hi, attached is a simple clan-up patch. >From ad68e5cd80a5bef154e57cfa0b07cfb3b0b434b8 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Wed, 2 Dec 2015 13:44:42 +0100 Subject: [PATCH] LDAP: Use the common get_uppercase_realm to uppercase the realm The private

[SSSD] Re: [PATCH] IPA: Use the common if-else coding style

2016-02-25 Thread Jakub Hrozek

On Thu, Feb 25, 2016 at 12:04:23PM +0100, Petr Cech wrote: > On 02/25/2016 10:54 AM, Pavel Březina wrote: > >On 02/24/2016 04:43 PM, Jakub Hrozek wrote: > >>This is just a code-style patch, but I got confused by the two if > >>statements, they made me think they were unr

[SSSD] Re: [PATCH] sdap: improve filtering of multiple results in GC lookups

2016-02-25 Thread Jakub Hrozek

On Tue, Feb 23, 2016 at 12:53:25PM +0100, Sumit Bose wrote: > Hi, > > this patch fixes and issue during initgroups in AD forests. Please see > the commit message for details. > > To reproduce this you can create a new user outside of CN=Users on the > forest root. The new user can be created in

[SSSD] Re: [PATCH] IPA: lookup idview name even if there is no master domain

2016-02-25 Thread Jakub Hrozek

On Tue, Feb 23, 2016 at 03:26:57PM +0100, Jakub Hrozek wrote: > On Mon, Feb 22, 2016 at 06:40:44PM +0100, Sumit Bose wrote: > > Hi, > > > > these two patches fixes and issue which was reported on > > https://www.redhat.com/archives/freeipa-users/2016-February/msg00148.

[SSSD] Re: [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-02-25 Thread Jakub Hrozek

On Wed, Feb 24, 2016 at 06:05:11PM +0100, Lukas Slebodnik wrote: > On (24/02/16 16:43), Jakub Hrozek wrote: > >We don't know the group name at that point yet, so better not print > >"null" in the debug message.. > > >From ffdc00755a9fbaeb54f781956a0025719e532b1

[SSSD] Re: [PATCH] Warn if ad_server contains IP address

2016-02-25 Thread Jakub Hrozek

On Thu, Feb 25, 2016 at 10:53:43AM +0100, Sumit Bose wrote: > On Wed, Feb 24, 2016 at 05:19:50PM -0500, Justin Stephenson wrote: > > First patch, see attached. > > > > This is for easy fix from ticket > > https://fedorahosted.org/sssd/ticket/2789 > > > > I am going on the assumption that if the

[SSSD] [PATCH] LDAP: Do not print "null" in the DEBUG message

2016-02-24 Thread Jakub Hrozek

We don't know the group name at that point yet, so better not print "null" in the debug message.. >From ffdc00755a9fbaeb54f781956a0025719e532b11 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Tue, 26 Jan 2016 16:29:08 +0100 Subject: [PATCH] LDAP:

[SSSD] [PATCH] IPA: Use the common if-else coding style

2016-02-24 Thread Jakub Hrozek

This is just a code-style patch, but I got confused by the two if statements, they made me think they were unrelated.. >From 20259fe42b8cec38b913c17a6b5be2e6456a31d3 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Mon, 22 Feb 2016 10:56:52 +0100 Subject: [PATCH]

[SSSD] [PATCH] tests: Extend test_child_common.c to include tests for the only_extra_args functionality

2016-02-24 Thread Jakub Hrozek

Hi, the attached patch was already acked by Sumit as part of the adcli thread, so I'd like to push it now. >From 52003e9d03a38e863b46bb25fffd803ecf1716e5 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Fri, 15 Jan 2016 11:24:11 +0100 Subject: [PATCH] test

[SSSD] Re: libini - config file validity checks

2016-02-24 Thread Jakub Hrozek

On Wed, Feb 24, 2016 at 04:20:10PM +0100, Michal Židek wrote: > On 02/23/2016 09:17 PM, Jakub Hrozek wrote: > >On Tue, Feb 23, 2016 at 05:06:57PM +0100, Michal Židek wrote: > >>On 02/22/2016 09:21 AM, Jakub Hrozek wrote: > >>>On Fri, Feb 19, 2016 at 04:35:

[SSSD] Re: [DESIGN] Invalidate cached sudo rules

2016-02-24 Thread Jakub Hrozek

On Tue, Feb 23, 2016 at 04:08:52PM +0100, Petr Cech wrote: > Hello, > > I've started the design page for Invalidating cached sudo rules here: > https://fedorahosted.org/sssd/wiki/DesignDocs/SUDOCachingRulesInvalidate > > This task consists of two tickets (see below). So far, I have worked on the

[SSSD] [PATCH] memberof: Don't allocate on a NULL context

2016-02-24 Thread Jakub Hrozek

Hi, the attached patch fixes: https://fedorahosted.org/sssd/ticket/2959 It was confirmed by the original reporter. The bug was there since 2009, by the way, I'm really suprised we only caught it now.. >From 0e734587a8fc4bb0160a2a7cbb5fae2054d5283c Mon Sep 17 00:00:00 2001 From: Jakub Hro

[SSSD] Re: [PATCH] Resolve IPA external group members during getgr* requests

2016-02-24 Thread Jakub Hrozek

On Wed, Feb 24, 2016 at 01:17:27PM +0100, Sumit Bose wrote: > On Tue, Feb 23, 2016 at 09:37:57PM +0100, Jakub Hrozek wrote: > > On Mon, Feb 22, 2016 at 06:04:07PM +0100, Jakub Hrozek wrote: > > > Hi, > > > > > > the attached patches implement https

[SSSD] Re: [PATCH] Revert "DEBUG: Preventing chown_debug_file if journald on"

2016-02-23 Thread Jakub Hrozek

On Mon, Jan 25, 2016 at 12:00:11PM +0100, Lukas Slebodnik wrote: > ehlo, > > The first patch fixes regression introduced in 1.13.2. > https://fedorahosted.org/sssd/ticket/2493 > > I'm sorry I didn't catch it in review. > Fortunatelly there is a simple but annoying workaround. > > Change user to

[SSSD] Re: [PATCH] IPA: lookup idview name even if there is no master domain

2016-02-23 Thread Jakub Hrozek

On Mon, Feb 22, 2016 at 06:40:44PM +0100, Sumit Bose wrote: > Hi, > > these two patches fixes and issue which was reported on > https://www.redhat.com/archives/freeipa-users/2016-February/msg00148.html > and is now tracked in https://fedorahosted.org/sssd/ticket/2960 . > > The first patch makes

[SSSD] Re: [PATCH] Move two options in sssd.conf to the correct section

2016-02-23 Thread Jakub Hrozek

On Tue, Feb 23, 2016 at 01:29:42PM +0100, Pavel Březina wrote: > On 02/23/2016 12:09 PM, Jakub Hrozek wrote: > >Reported in https://bugzilla.redhat.com/show_bug.cgi?id=1310141 > > Ack. Attached patches are rebased on top of Sumit's addition to subdomains

[SSSD] Re: [PATCHES] UTIL: Provide varargs version of debug_fn

2016-02-23 Thread Jakub Hrozek

On Tue, Feb 23, 2016 at 01:32:19PM +0100, Lukas Slebodnik wrote: > On (23/02/16 13:15), Jakub Hrozek wrote: > >On Tue, Feb 23, 2016 at 12:41:04PM +0100, Lukas Slebodnik wrote: > >> On (23/02/16 12:30), Jakub Hrozek wrote: > >> >On Fri, Feb 12, 2016 at 11:33:3

[SSSD] Re: [PATCH] CLIENT: Retry request after EPIPE

2016-02-23 Thread Jakub Hrozek

On Thu, Feb 18, 2016 at 02:04:54PM +0100, Lukas Slebodnik wrote: > ehlo, > > It took me some time to reproduce issue with cron. > It occured very rarely in my case (twice in a week). > > Therefore I prepared different reproducer "mini_cron.c" > attached in mail. It tries to query for data in the

< 3 4 5 6 7 8 9 10 11 12 >

701 - 800 of 7424 matches

Mail list logo