[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT lslebodn commented: """ master: * b130adaa3934d0531aca0f32961ab8b4cc720820 * ee7e72a65d323636600ffda271d5b5c4ddbc78b1 * 32474fa2f0a6dc09386bab405fc3461cb3dd12ac *

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ jfyi, I opend https://pagure.io/SSSD/sssd/issue/3419 to track the issue with the expired password. """ See the full comment at

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ As I have not noticed any new warning on coverity and as CI passed successfully (although I will not share the link due to issues with our internal CI) and

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ @sumit-bose, you nailed it. That's exactly the issue you described. """ See the full comment at https://github.com/SSSD/sssd/pull/268#issuecomment-305433730

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ Yes, I think this is unrelated. I assume you just set the password as admin but did not use it as the user. In this case the password is expired and must be

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ This version works as expected! The way I tested the patches: - promptusername: False ``` [root@client x86_64]# sssctl user-checks "" -a auth -s gdm-smartcard

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ CI: http://sssd-ci.duckdns.org/logs/job/70/58/summary.html (passed) """ See the full comment at https://github.com/SSSD/sssd/pull/268#issuecomment-304788184

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ I still haven't tested the code, but gave it a quite good read. There's basically a few comments made "inline" and the most part of those are actually doubts

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT fidencio commented: """ @jhrozek: feel free to also do the review. I'm setting up an environment now in order to test it right now, but one more pair of eyes would be nice. """ See the

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT jhrozek commented: """ @fidencio not trying to be too pushy, but these patches should be applied to downstream as well, could you review them? Or if you're busy, I can take a look as

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ Rebased to current master which made the last patch obsolete. """ See the full comment at https://github.com/SSSD/sssd/pull/268#issuecomment-304298269

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT jhrozek commented: """ Looks like this PR must be rebased, therefore I'm setting Changes Requested. """ See the full comment at

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT abbra commented: """ I opened RFE https://pagure.io/SSSD/sssd/issue/3396 to discuss details of this. I believe "sending potentially bogus data to SSSD" is not an argument -- any

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ > Still, why you cannot make that decision without an option's help? Sorry, I > don't see a difference -- why by seeing a certificate pam_sss cannot defer >

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT abbra commented: """ Still, why you cannot make that decision without an option's help? Sorry, I don't see a difference -- why by seeing a certificate `pam_sss` cannot defer decision

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ >Is there a technical reason sssd cannot discover what to do without >allow_missing_name option to pam_sss? I'd prefer to avoid modifying PAM config >files...