Hi,
Am Mittwoch 14 März 2012, 08:59:33 schrieb Stephen Gallagher:
SSSD is designed to have support for multiple cryptography libraries.
Originally we build in support for both Mozilla NSS and libcrypto.
However, over the last several releases, libcrypto support has fallen
by the wayside and
Hi,
On Montag 01 August 2011 18:19:50 Stephen Gallagher wrote:
On Mon, 2011-08-01 at 10:49 -0400, Stephen Gallagher wrote:
On Mon, 2011-08-01 at 15:49 +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/940
Ack
Pushed to master and sssd-1-5.
BTW, this also fixes
Hi,
On Dienstag 12 Juli 2011 20:24:21 Stephen Gallagher wrote:
On Tue, 2011-07-12 at 17:24 +0200, Ralf Haferkamp wrote:
reason not to use it. (e.g. I don't see a good reason for using
paged results with OpenLDAP by default).
Ralf, could you elaborate on this specifically? I can't really
Hi,
On Donnerstag 16 Juni 2011 14:09:43 Simo Sorce wrote:
On Thu, 2011-06-16 at 11:32 +0200, Sumit Bose wrote:
Hi,
by chance I realized that an OpenLDAP server does not list all
controls it can handle in the rootDSE attribute supportedControl.
Especially LDAP_CONTROL_PASSWORDPOLICY
Am Dienstag 19 Oktober 2010, 14:04:06 schrieb Stephen Gallagher:
On 10/18/2010 07:42 PM, Petr Baudis wrote:
This RFC patch adds support for new interfaces: getgrgid2(),
getgrnam2() and their *_r() variants. These interfaces allow
the user to specify whether the group.gr_mem field shall be
On Friday 01 October 2010 15:22:09 Ralf Haferkamp wrote:
Hi,
find yet another release of the patches attached. It adresses the
remaining issues we discussed in IRC:
- included the Simo's style fixes and rearrangements to better match
the overall sssd code style
- Errors detected
00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Mon, 11 Oct 2010 17:13:58 +0200
Subject: [PATCH 1/2] Shortcut for save_group() to accept sysdb DNs as member attributes
Addtional parameter populate_members for save_group() and save_groups()
to indicate that the member attribute
is permanently broken. What error code would that be, EIO?
But this should probably better addressed together with #633.
--
regards,
Ralf
From 2494425b1faf7b83266b844e5c82c696256c33de Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Fri, 1 Oct 2010 14:48:16 +0200
Subject
Am Montag 27 September 2010, 16:37:14 schrieb Simo Sorce:
On Fri, 24 Sep 2010 16:31:24 +0200
Ralf Haferkamp rha...@suse.de wrote:
Hi,
find updated patches attached. (Rebased against current master)
Am Donnerstag 23 September 2010, 20:02:20 schrieb Stephen Gallagher:
On 09/20
On Thursday 23 September 2010 20:02:20 Stephen Gallagher wrote:
On 09/20/2010 11:13 AM, Ralf Haferkamp wrote:
[..]
Nice, that makes the code a little cleaner, thanks. New patches
attached.
Patch 0001: Ack. This looks fine to me.
Patch 0002: Nack.
There are still a few style issues
Am Freitag 24 September 2010, 16:29:33 schrieb Jakub Hrozek:
On 09/24/2010 11:27 AM, Ralf Haferkamp wrote:
I agree that the parallel approach is a bit more complex. But it was
significantly faster in the tests I did compared to serially
processing the group members. Otherwise I wouldn't
On Friday 17 September 2010 19:56:15 Stephen Gallagher wrote:
On 09/17/2010 12:16 PM, Ralf Haferkamp wrote:
Find a new version attached. Does that look better? If that is not
what you were referring to lets discuss it in IRC on monday.
Note, I needed to implement sdap_process_group_send
Hi,
On Thursday 16 September 2010 20:16:56 Simo Sorce wrote:
On Thu, 16 Sep 2010 17:50:28 +0200
Ralf Haferkamp rha...@suse.de wrote:
Hi,
On Thursday 09 September 2010 15:14:10 Ralf Haferkamp wrote:
[..]
Find a newer version of my patch attached. Actually it's 3 patches
now. Please
Hi,
On Thursday 09 September 2010 15:14:10 Ralf Haferkamp wrote:
[..]
I have started working on a patch to let sssd look up the non-cached
users via LDAP (and save them into the cache). Find it attached. Note:
That patch is not really complete (e.g. it doesn't handle rfc2307
groups
On Friday 10 September 2010 13:48:31 Simo Sorce wrote:
On Fri, 10 Sep 2010 12:06:25 +0200
Ralf Haferkamp rha...@suse.de wrote:
On Thursday 09 September 2010 18:33:26 Simo Sorce wrote:
So we have the following scenarios:
1) If we use rfc2307 classic with memberUid attributes, we can
On Friday 10 September 2010 15:34:22 Simo Sorce wrote:
On Fri, 10 Sep 2010 09:06:29 -0400
Dmitri Pal d...@redhat.com wrote:
Is this the right summary:
1a) Initgroups do not fetch groups from LDAP - bug
I am not sure this is correct. It normally works (we have tests) but
it may not work
. it doesn't handle rfc2307 groups
correctly). But before putting more effort into this I like to make sure
that I am not trying to fix a feature here.
--
regards,
Ralf
From 063dab6715f97aeeb6c29f5c3210f609cfea0f81 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Wed, 8 Sep 2010
On Thursday 09 September 2010 15:59:46 Simo Sorce wrote:
On Thu, 09 Sep 2010 09:18:12 -0400
Stephen Gallagher sgall...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2010 09:14 AM, Ralf Haferkamp wrote:
Hi,
Is it really the intended behaviour
Am Donnerstag 22 April 2010 17:03:23 schrieb Sumit Bose:
On Thu, Apr 22, 2010 at 04:37:36PM +0200, Ralf Haferkamp wrote:
Am Donnerstag 22 April 2010 12:08:46 schrieb Sumit Bose:
Hi,
the two patches attached should fix #446 and #417 respectively.
For #417 a different solution
Am Donnerstag 22 April 2010 12:08:46 schrieb Sumit Bose:
Hi,
the two patches attached should fix #446 and #417 respectively.
For #417 a different solution, where the message is generated by SSSD
and send to the client, would be possilbe. But I decided against it,
because with the attached
Am Donnerstag 18 März 2010 15:25:49 schrieb Dmitri Pal:
Ralf Haferkamp wrote:
Am Donnerstag 18 März 2010 12:42:23 schrieb Simo Sorce:
On Wed, 17 Mar 2010 15:33:38 +0100
Ralf Haferkamp rha...@suse.de wrote:
Hi,
here's another set of enhancements to the LDAP Password Policy
Hi,
attached a small fix for the SUSE init script to use logfiles for debug
logging.
--
Ralf
From 7a33b5915571e1c38fec3f5e69b1d1711148db1b Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Mon, 8 Mar 2010 14:42:06 +0100
Subject: [PATCH] use logfiles for debug messages
part of the Entry that contains the
Policy. Addtionally it might be protected by ACLs and not be returned for
anonymous (without losing any functionality).
--
Ralf
From 0b06bdc110a489802e359ceea3b890cf84524491 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Fri, 12 Mar 2010 10
,
Ralf
From c4978d1f40c3cbaa6f24c0fa1d9f3b8b4c00e616 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Fri, 12 Mar 2010 15:06:44 +0100
Subject: [PATCH 1/3] Fixed check for expired passwords
When the user's password is expired it might also be indicated by
the bind operation returning
Am Freitag 12 März 2010 16:41:47 schrieb Dmitri Pal:
[..]
Regardless of the outcome it would be nice to have a ticket open about
the issue.
Ok, this is now Ticket#417.
--
Ralf
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
Am Freitag 12 März 2010 17:58:48 schrieb Sumit Bose:
On Fri, Mar 12, 2010 at 04:37:26PM +0100, Ralf Haferkamp wrote:
Hi,
I did some testing of pam_sss and the LDAP backend's password policy
features and ran into some issue. One of the being the getuid() == 0
checks in pam_sss when
?
--
regards,
Ralf
From ea4a9c83c11bead6f0ab1099aed6a8bc952fd544 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Mon, 12 Oct 2009 15:15:36 +0200
Subject: [PATCH] SUSE specific init script
---
server/sysv/sssd.SUSE | 78 +
1
Hi,
since the LDAP provider does calls into the krb5 libs it should also be linked
against them :). Attached patch should fix that.
--
regards,
Ralf
From 6169242cc432b48d86eaae03fbee52af69527860 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp rha...@suse.de
Date: Mon, 12 Oct 2009 11:50
28 matches
Mail list logo