On Wed, 2009-09-23 at 12:07 +0200, Jakub Hrozek wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Remove this provider type, as well as any references in the docs and
> examples to the "LEGACYLOCAL" migration domain.
Does not apply on top of master, can you rebase and re-post ?
Simo.
On Wed, 2009-09-23 at 13:03 +0200, Sumit Bose wrote:
> On Tue, Sep 22, 2009 at 01:10:34PM -0400, Simo Sorce wrote:
> > 0001 caught compiling against talloc 2.0
> > 0002 fixes long standing segfault with proxy+files
> >
> > Simo.
> ACK t
On Wed, 2009-09-23 at 13:01 +0200, Sumit Bose wrote:
> Hi,
>
> with this patch to the Kerberos locator plugin it is possible to use
> either the name or the IP address of the KDC in the krb5KDCIP option.
ack and pushed
Simo.
___
sssd-devel mailing lis
On Wed, 2009-09-23 at 14:26 +0200, Jakub Hrozek wrote:
> On 09/23/2009 06:14 PM, Simo Sorce wrote:
> > Does not apply on top of master, can you rebase and re-post ?
> Sorry, attached
make[3]: *** No rule to make target `examples/sssdproxylocal', needed by
`all-am'. S
On Wed, 2009-09-23 at 15:24 +0200, Jakub Hrozek wrote:
> On 09/23/2009 02:51 PM, Simo Sorce wrote:
> > make[3]: *** No rule to make target `examples/sssdproxylocal',
> needed by `all-am'. Stop.
> > make[2]: *** [all-recursive] Error 1
> > make[1]: *** [all] Er
On Wed, 2009-09-23 at 17:32 +0200, Sumit Bose wrote:
> Hi,
>
> this patch contains a man page for pam_sss and the necessary changes
> to
> configure.ac and Makefile.am to build man pages in sss_client.
ack and pushed.
Simo.
___
sssd-devel mailing list
On Wed, 2009-09-23 at 12:31 -0400, Dmitri Pal wrote:
> I have a question about this patch.
> Does the PAM code do the check of the availability of the getaddinfo()
> function in configure?
> I have a ticket to add such check for ELAPI and I wonder if this
> work
> has already been done or we nee
On Thu, 2009-09-24 at 14:39 +0200, Sumit Bose wrote:
> Hi,
>
> this patch suppresses a compiler warning when KRB5_PLUGIN_DEBUG is not
> set, which is the common case.
Sumit,
would it be possible to use an env variable to control debug instead of
a compile time define ? That would solve it more ne
When a laptop is suspended the clock may be jumping hours, with this
patch now we explicitly count failure to pong back, so that at most we
may loose one ping due to time jumping and not kill the children right
away.
Simo.
0001-Handle-suspend-cases.patch
Description: application/mbox
___
On Thu, 2009-09-24 at 09:09 -0400, Stephen Gallagher wrote:
> The backends do not honor the reloadConfig SBUS message right now,
> so if an admin changes the sssd.conf file, it will update only the
> monitor, potentially leaving the SSSD as a whole in a bad state.
>
> This patch will simply commen
On Thu, 2009-09-24 at 20:19 +0200, Sumit Bose wrote:
>
> ok, I have only implemented the explicit way so far, because the
> other way might interfere with to debug_to_files scheme.
>
> A man page for the locator plugin will be in another patch I will sent
> soon.
ack
Simo.
On Fri, 2009-09-25 at 12:35 +0200, Jakub Hrozek wrote:
> /* set up things like debug , signals, daemonization, etc... */
> +debug_log_file = talloc_strdup(NULL, "sssd_pam");
> +if (debug_log_file == NULL) return 2;
> +
debug_log_file is a process constant, it's useless to allocate mem
On Fri, 2009-09-25 at 13:13 +0200, Jakub Hrozek wrote:
> On 09/25/2009 12:47 PM, Stephen Gallagher wrote:
> > Why did you use asprintf() instead of talloc_asprintf() in
> open_debug_log()?
> >
>
> discussed on IRC
>
> > Please update sysv/sssd to use debug-to-files by default (at level
> 0),
>
This patch splits the RPMs into a server and client parts.
The server depends on the client package.
This allow to make only sssd-client multilib and not the whole daemon.
Fixes #197
Simo.
0001-Split-out-an-sssd-clients-package.patch
Description: application/mbox
___
On Wed, 2009-09-23 at 13:57 +0200, Sumit Bose wrote:
> Hi,
>
> this patch should fix #179.
ACK.
Simo.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Fri, 2009-09-25 at 15:09 +0200, Sumit Bose wrote:
>
> Hi,
>
> this patch to the sssd-krb5 man page should clarify how the krb5
> provider will find the right UPN.
>
> This hopefully fixes #204.
>
> Please fell free to correct any grammar or spelling mistakes.
Ack but I think some native eng
This is actually a workaround as we don't have a way to create a low
prio tevent queue that fires at a priority lower than file events.
I'll work with upstream to fix this later on, meanwhile this patch will
do.
FYI: I haven't used timed_timeval_add() because it is buggy wrt
microseconds in curre
just make double sure we do not leak info.
Simo.
0001-Tighten-up-permission.patch
Description: application/mbox
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Mon, 2009-09-28 at 08:22 -0400, Stephen Gallagher wrote:
> On 09/28/2009 08:10 AM, Simo Sorce wrote:
> > just make double sure we do not leak info.
> Ack, although you may want to change "sensible" to "sensitive" in the
> commit comment before pushing.
On Mon, 2009-09-28 at 09:38 -0400, Stephen Gallagher wrote:
> The SSSD needs a config_from_fd() variant of the config_from_file()
> call
> so that we can preopen a config file and perform some verification on
> it
> before parsing it. The config_from_fd() call is used to avoid race
> conditions bet
This is an initial implementation of SASL support for the id provider.
It works and IMO it is complete enough to be committed.
Comments or acks welcome :-)
Simo.
0001-Initial-implementation-of-sasl-bind-support.patch
Description: application/mbox
___
On Tue, 2009-09-29 at 07:37 -0400, Stephen Gallagher wrote:
> Loop control variable was not being incremented.
> I also converted a goto loop into a do...while loop to make it
> easier to follow the logic.
>
> This should fix https://fedorahosted.org/sssd/ticket/211
>
> I tested with a single LOC
Newer tevent library now enforce the "no nested loops" unwritten rule.
Tools had a funny way to do async that nested loops.
This patch fixes tools to not nest loops and use common code to
start/end transactions.
It also fixes the memory hierarchy of the tools_ctx.
Simo.
0001-Fix-tools-sync-ope
On Wed, 2009-09-30 at 09:28 -0400, Stephen Gallagher wrote:
> Requiring libldb 0.9.3 explicitly broke using sssd on the Fedora 12 beta.
>
> Pushed to master under the one-line rule.
I'd like to start requiring tevent >= 0.9.8 and ldb >= 0.9.6 at least in
F12 ...
Simo.
__
On Sun, 2009-09-27 at 10:11 -0400, Stephen Gallagher wrote:
> Sent on behalf of Piotr Drąg
Is this waiting an ack ?
Simo.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Wed, 2009-09-30 at 11:15 -0400, Stephen Gallagher wrote:
> Yes, it is. I didn't want to repeat my previous mistake and push this
> without a second pair of eyes.
>
> On Sep 30, 2009, at 11:14 AM, Simo Sorce wrote:
>
> > On Sun, 2009-09-27 at 10:11 -0400, Stephen Gal
In some places we had very long timeouts (10 min.) on some operations.
This patch unifies timeouts but raises defaults to 60 seconds.
Simo.
0001-Fix-long-timeout-on-ldap-operation.patch
Description: application/mbox
___
sssd-devel mailing list
sssd-dev
On Mon, 2009-10-05 at 10:45 +0200, Sumit Bose wrote:
> - currently PAM_AUTHTOK_EXPIRED is returned if the password is expired
> regardless of the supplied password is correct or not. Would it be
> better to return a different error if the password is wrong?
We should return an auth error if th
On Mon, 2009-10-05 at 11:31 +0200, Sumit Bose wrote:
> Hi,
>
> there are two schemes of password management with LDAP servers
> - the LDAP server supports attributes like 'shadowLastChange',
> 'shadowExpire' etc to store the relevant information at a central
> storage, but the evaluation is d
On Mon, 2009-10-05 at 09:17 +0200, Sumit Bose wrote:
> Hi,
>
> this patch adds a sentence about the strict requirements on sssd.conf
> to
> the man page and another test.
ack
Simo.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://
On Mon, 2009-10-05 at 14:06 +0200, Sumit Bose wrote:
> On Mon, Oct 05, 2009 at 06:48:14AM -0400, Simo Sorce wrote:
> > On Mon, 2009-10-05 at 10:45 +0200, Sumit Bose wrote:
> > > - currently PAM_AUTHTOK_EXPIRED is returned if the password is
> expired
> > > regardle
Should fix 218 (tested with non responding ldap server), and also fix
other races and potential memleaks.
Simo.
0001-Make-dp-requests-more-robust.patch
Description: application/mbox
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://
On Mon, 2009-10-05 at 14:20 -0400, Stephen Gallagher wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/05/2009 01:33 PM, Simo Sorce wrote:
> > Should fix 218 (tested with non responding ldap server), and also fix
> > other races and potential memleaks.
&
On Mon, 2009-10-05 at 15:58 -0400, Simo Sorce wrote:
> > Consider the case where our backend crashes and is restarted by the
> > monitor. If we have a busy system where one entry is being requested
> > continuously, say once per second, and the backend that NSS is
> talking
On Mon, 2009-10-05 at 17:10 +0200, Sumit Bose wrote:
>
> I asked Jenny for a third opinion and she vote for the second version,
> i.e. returning the wrong password error.
ok pushed all 3 to master.
Simo.
___
sssd-devel mailing list
sssd-devel@lists.fe
On Mon, 2009-10-05 at 13:59 -0400, Stephen Gallagher wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/05/2009 10:56 AM, Sumit Bose wrote:
> > Hi,
> >
> > this patch is a fix for bug #213. The reason for the bug is a double
> > free during the call of the sdap timeout handler.
>
On Tue, 2009-10-06 at 10:48 -0400, Stephen Gallagher wrote:
> We no longer use it anywhere in the code, having replaced it with the
> more efficient dhash.
ack, you may want to add a small comment in some header like:
/* R.I.P. btreemap 2008-2009 */ :-)
Simo.
On Tue, 2009-10-06 at 16:45 +0200, Sumit Bose wrote:
>
> this patch makes it possible to add more user attribute mappings. I
> need
> this (or a similar patch) to read password policy information from a
> LDAP server to evaluate if the password is expired on the client if
> the
> LDAP server does
See subj and patch comment.
Simo.
0001-Remove-magicPrivateGroups-option.patch
Description: application/mbox
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Tue, 2009-10-06 at 13:16 -0400, Stephen Gallagher wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/06/2009 12:16 PM, Simo Sorce wrote:
> > See subj and patch comm
Ok changed the code to cope with lack of providers (tested when only
LOCAL is configured and works).
Also while looking at the code I found out that a second bogus
destructor was overriding the regular services destructor.
Removed the second destructor and merged it into the right one.
Simo.
-
On Thu, 2009-10-08 at 10:00 +0200, Sumit Bose wrote:
> Hi,
>
> this patch adds an explanation of the chpass_provider option to the
> sssd.conf man page.
ack and pushed
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel maili
On Thu, 2009-10-08 at 10:41 +0200, Sumit Bose wrote:
> Hi,
>
> with this patch pam_sss sends a syslog message in a format used by
> pam_unix. The idea is to help tools to search log files.
>
> This patch should fix #222.
Ack and pushed
Simo.
--
Simo Sorce * Red H
password policies.
>
> As a next step I will add support for the client side evaluation of
> LDAP
> attributes indicating an expired password
Ack and pushed.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sss
On Fri, 2009-10-09 at 22:04 +0200, Sumit Bose wrote:
>
> All three patches are working for me and I think it is a good idea to
> start using the DP removal patch as soon as possible.
>
> ACK
Thanks, pushed.
Simo.
___
sssd-devel mailing list
sssd-deve
On Fri, 2009-10-09 at 21:54 +0200, Sumit Bose wrote:
> I think it make sense to have it as a DB attribute and I would prefer
> to
> keep the attribute around.
>
> ACK
Pushed.
Simo.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://
On Fri, 2009-10-09 at 15:55 +0200, Sumit Bose wrote:
> Hi,
>
> I found an error for the case where the kerberos provider is used as
> change password provider but not as auth provider. This patch sould
> fix it.
Looks obviously right!
Ack and pushed.
Simo.
__
On Fri, 2009-10-09 at 21:02 +0200, Sumit Bose wrote:
> Hi,
>
> this one should fix #223. Because sshd runs as root the old password
> was
> not sent to sssd and changing the user password failed. Please review
> carefully.
I guess the problem here is to understand what do current pam modules,
whe
?)
>
> I think forking isn't needed here, because pam_sss should be kept
> simple. Send everything you know to sssd and wait for a response.
I meant forking in the proxy module, not in pam_sss, you can't fork in
pam_sss.
Simo
ild use that fd to send debug messages.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
re us to
replicate logic to open/close debug files in the children.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
;
> I am not sure this approach is portable.
> I know Solaris and Linux can do it.
> I am not sure HP-UX can.
We are not *transferring* a socket between process, we are merely not
closing it on fork/exec. It is standard posix behavior that file
descriptors are inherited by c
ng, we can stand some mixed inputs there to
keep the thing simple, however in the children we can change the debug
function to always print the PID on every debug message, so that at
least it should be clear where messages came from.
Simo.
--
Simo Sorc
On Mon, 2009-10-12 at 13:54 -0400, Stephen Gallagher wrote:
>
> New patch attached.
Looks good to me.
Ack.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/m
When only LOCAL is configured I forgot to mark the services started at
startup, so they were started twice.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From 06e29cdf515715646b8c273a17672ba98165a27a Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Mon, 12 Oct 2009 08:55:24 -0400
Subj
On Mon, 2009-10-12 at 17:21 -0400, Stephen Gallagher wrote:
""
ACK
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Tue, 2009-10-13 at 16:53 +0200, Sumit Bose wrote:
> Hi,
>
> this patch adds -Werror-implicit-function-declaration to the gcc
> flags.
> This should help to identify missing library calls.
ACK
--
Simo Sorce * Red Hat, Inc * New York
___
On Tue, 2009-10-13 at 16:56 +0200, Sumit Bose wrote:
> Hi,
>
> this patch should fix the build issue on RHEL5 where
> ldap_control_create
> is not available. I'm preparing a similar patch for Kerberos.
Looks good to me.
Simo.
--
Simo Sorce * Red
ould be nice to have "make install" automatically pick
> the
> correct file. Any ideas how that could be implemented?
I am not sure how that could be implemented but it is a neat idea if it
can be pulled off without too much trouble.
Simo.
--
Simo
On Wed, 2009-10-14 at 14:57 -0400, Stephen Gallagher wrote:
> On 10/08/2009 05:13 PM, Simo Sorce wrote:
> > On Wed, 2009-10-07 at 17:10 -0400, Simo Sorce wrote:
> >> 0001 moves code from deep down the ldap code into generic code that
> >> can
> >> be used by ot
have been moved to
ldap_common.c
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Fri, 2009-10-09 at 21:02 +0200, Sumit Bose wrote:
> Hi,
>
> this one should fix #223. Because sshd runs as root the old password
> was
> not sent to sssd and changing the user password failed. Please review
> carefully.
Ok acked and pushed.
Simo.
--
Simo Sorce * Red H
Offline authentication got broken when we removed the Data Provider.
Before the bug was masked by the DP itself, so it became evident only
when DP has been removed.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From 91bad1cd1e69066fcb87d1b6b26dd1e7047442c8 Mon Sep 17 00:00:00 2001
From: S
knowledge that comes from
errors like DP_ERR_OFFLINE.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From 79f9047955afbcc1c66aea1f538b4359bb834c1b Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Wed, 14 Oct 2009 19:17:57 -0400
Subject: [PATCH] Return the dp error from the providers
---
ser
ubconf/krb5.include.d/
>
> [logging]
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
>
> [libdefaults]
> default_realm = TESTRELM.TEST
> dns_lookup_realm = false
> dns_lookup_kdc = true
This ^^^^
On Thu, 2017-09-21 at 17:56 +0200, Sumit Bose wrote:
> On Thu, Sep 21, 2017 at 11:23:20AM -0400, Simo Sorce wrote:
> > On Thu, 2017-09-21 at 16:52 +0200, Lukas Slebodnik wrote:
> > > Here you are.
> > > local master: kvm-02-guest11.testrelm.test
> > > rep
nd what is the point of nss_truste_users why a force
reload is a privileged operation ?
I guess DNLSGTM ?
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
On Thu, 2017-10-26 at 22:14 +0200, Sumit Bose wrote:
> On Thu, Oct 26, 2017 at 02:43:29PM -0400, Simo Sorce wrote:
> > On Thu, 2017-10-26 at 12:16 +0200, Jakub Hrozek wrote:
> > > On Wed, Oct 25, 2017 at 05:39:21PM +0200, Sumit Bose wrote:
> > > > Hi,
> > >
On Thu, 2017-11-02 at 13:14 +0100, Sumit Bose wrote:
> On Fri, Oct 27, 2017 at 08:43:28AM -0400, Simo Sorce wrote:
> > On Thu, 2017-10-26 at 22:14 +0200, Sumit Bose wrote:
> > > On Thu, Oct 26, 2017 at 02:43:29PM -0400, Simo Sorce wrote:
> > > > On Thu, 2017-10-2
On Thu, 2017-11-02 at 14:53 +0200, Alexander Bokovoy wrote:
> On to, 02 marras 2017, Simo Sorce wrote:
> > On Thu, 2017-11-02 at 13:14 +0100, Sumit Bose wrote:
> > > On Fri, Oct 27, 2017 at 08:43:28AM -0400, Simo Sorce wrote:
> > > > On Thu, 2017-10-26 at
he operations we do are over.
>
> Is there any other suggestion? Whatever comes out of this discussion will
> be used to update the feature's design page accordingly.
Change euid to that of the user during operations, leave the
permissions strict ?
Simo.
--
Simo Sorce
Sr. Princi
least desirable way to handle this "issue".
HTH,
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
king at simple text based HTTP Requests and Replies.
It requires to dump or sniff the communication between kcm and secrets,
but I did not think it was too hard to do ?
If debuggability is the only issue have you thought about adding an
option to dump all requests and replies from both the kcm
On Tue, 2018-03-20 at 12:54 +0100, Jakub Hrozek wrote:
> Let me bump this thread..see some ideas inline.
>
> > On 13 Mar 2018, at 14:07, Jakub Hrozek wrote:
> >
> >
> >
> > > On 13 Mar 2018, at 13:42, Simo Sorce wrote:
> > >
> > &
On Tue, 2018-03-20 at 20:36 +0100, Jakub Hrozek wrote:
> > On 20 Mar 2018, at 13:51, Simo Sorce wrote:
> >
> > On Tue, 2018-03-20 at 12:54 +0100, Jakub Hrozek wrote:
> > > Let me bump this thread..see some ideas inline.
>
> Thank you for the prompt response.
YW
so the same trust limitations apply)
bus1 was also a kernel implementation, but that one also did not pan
out ...
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscr
f Conduct: https://getfedora.org/code-of-conduct.html
> > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
> > https://lists.fedoraproject.org/archives/list/sssd-devel@lists.fedorahosted.org/message/Z7ZSIEX7QAAZAUGCV
On Mon, 2018-05-21 at 10:38 +0200, Jakub Hrozek wrote:
> > On 18 May 2018, at 21:50, Simo Sorce wrote:
> >
> > Sorry Pavel,
> > but I need to ask, why a new bus instead of somthing like varlink ?
>
> Do you think there is an advantage with varlink over D-Bus as lo
On Mon, 2018-05-21 at 11:52 +0200, Pavel Březina wrote:
> On 05/18/2018 09:50 PM, Simo Sorce wrote:
> > On Fri, 2018-05-18 at 16:11 +0200, Sumit Bose wrote:
> > > On Fri, May 18, 2018 at 02:33:32PM +0200, Pavel Březina wrote:
> > > > Hi folks,
> > > > I
LGTM,
great work guys.
Simo.
On Mon, 2018-08-13 at 15:20 +0200, Jakub Hrozek wrote:
> Hi,
>
> we’re about to release 2.0. Here are my draft release notes:
>
> SSSD 2.0.0
> ===
>
>
> Highlights
> --
> This release removes or deprecates functionality from SSSD, therefore the SSS
r so many mistakes in such a short text.
>
> CI link: http://sssd-ci.duckdns.org/logs/job/16/06/summary.html
> * master: aa8a8318aaa3270e9d9957d0c22dec6342360a37
> * sssd-1-12: c494e100f9b2422e2890507f63019afcaff9b7c6
>
> I still think it makes sense to push the patch to sssd-1-12 as
unstructured with replies hard to follow) and we
should direct people to trac for real bug reporting.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
> http://sssd-ci.duckdns.org/logs/commit/27/df243b8f6182a6093af432f1d23a21e4fb1456/1743/summary.html
LGTM
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
ed before, there may be a cycle but in general I think we
should rather use signals to kick the process or notifying the clients.
The process ID to signal should be obtained somehow, probably by having
the IFP write it down in the TDB file as soon as it is started (or it
may be maintained by the m
ut sssd debug logs.
>
> - our man pages are not structured well, especially the LDAP man page is
> too big and contains too many options.
>
> One reason I'm bringing this up now is that we'll have a new SSSD developer
> starting soon and these might be
ng mechanism to copy from the memory ccache to the actual ccache.
But we should really do either per-ccache queuing (maybe not per user as
in pathological cases we may have the same ccache for different users ?)
or use memory ccaches and copy them with locking, but fully serializing
all authenti
On Fri, 2015-07-03 at 20:33 +0200, Jakub Hrozek wrote:
> On Fri, Jul 03, 2015 at 02:12:34PM -0400, Simo Sorce wrote:
> > On Fri, 2015-07-03 at 11:59 +0200, Jakub Hrozek wrote:
> > > On Fri, Jul 03, 2015 at 11:54:46AM +0200, Jakub Hrozek wrote:
> > > > Hi,
> > &
On Fri, 2015-07-03 at 21:34 +0200, Sumit Bose wrote:
> On Fri, Jul 03, 2015 at 02:12:34PM -0400, Simo Sorce wrote:
> > On Fri, 2015-07-03 at 11:59 +0200, Jakub Hrozek wrote:
> > > On Fri, Jul 03, 2015 at 11:54:46AM +0200, Jakub Hrozek wrote:
> > > > Hi,
> > &
On Mon, 2015-07-06 at 11:46 +0200, Sumit Bose wrote:
> On Fri, Jul 03, 2015 at 05:01:13PM -0400, Simo Sorce wrote:
> > On Fri, 2015-07-03 at 21:34 +0200, Sumit Bose wrote:
> > > On Fri, Jul 03, 2015 at 02:12:34PM -0400, Simo Sorce wrote:
> > > > On Fri, 2015-07-0
sult will be an object path.
>
> LGTM, but I would think userCertificate;binary should be the default
> everywhere, i.e. generic LDAP, as that is the correct attribute name
> according to RFC 4523. IMHO when someone uses the standard name in
> generic LDAP, they should not be forc
//www.lua.org/manual/5.3/manual.html
> [3] http://www.eluaproject.net/
Hi Nick,
can you provide an example of a piece of SSSD youd replace with Lua ?
I am not asking for an implementation but a high level view of what a
function looks like to d
t a Javascript to Lua comparison doesn't really help much
understanding if Lua could be an asset for SSSD or not.
See above questions.
Simo.
> Nick
>
> [1]
> https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference#Equality_operators
> _
On Tue, 2015-08-25 at 17:59 +0200, Lukas Slebodnik wrote:
> So the ideal would be to use
> Erlang and message passing instead of shared variables.
Say Erlang one more time! ... (cit.) >:-|
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
s
On Tue, 2015-08-25 at 21:26 +0300, Nikolai Kondrashov wrote:
> On 08/25/2015 08:48 PM, Simo Sorce wrote:
> > On Tue, 2015-08-25 at 16:14 +0300, Nikolai Kondrashov wrote:
> >> On 08/24/2015 11:54 AM, Pavel Březina wrote:
> >>> On 08/21/2015 07:01 PM, Nikolai Kondrashov
On Wed, 2015-08-26 at 16:10 +0300, Nikolai Kondrashov wrote:
> On 08/25/2015 10:19 PM, Simo Sorce wrote:
> > On Tue, 2015-08-25 at 21:26 +0300, Nikolai Kondrashov wrote:
> >> On 08/25/2015 08:48 PM, Simo Sorce wrote:
> >>> On Tue, 2015-08-25 at 16:14 +
ter the for loop to check for
failure/success when the loop breaks in the middle.
Simo.
P.S: please do not use HTML emails, see how butchered your email comes
out in the txt version.
--
Simo Sorce * Red Hat, Inc * New York
___
sssd-devel mailing
with the main binaries.
I do not think it would serve any useful purpose to make internal
interfaces public, or commit to ABI stability for them, they are
supposed to be easy to change to adapt to new needs and other internal
changes.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
gt; Thanks!
>
>
>
> [*] github has gained enough traction already, so they don't care about
> this functionality anymore..
They start to become hostile to "competition" I guess... not a good
sign, oh well.
--
Simo Sorce * Red Hat, Inc * New York
__
On Tue, 2016-01-12 at 14:04 +0100, Jakub Hrozek wrote:
> On Mon, Jan 11, 2016 at 01:39:33PM -0500, Simo Sorce wrote:
> > The following 2 patches change the connection setup code to be more
> > flexible.
> >
> > They are the groundwork to add a new secrets[1] respond
://fedorahosted.org/sssd/ticket/2921
--
Simo Sorce * Red Hat, Inc * New York
From 8820926905b9bfb188b6be6766e932be49aa3e0b Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Wed, 13 Jan 2016 11:51:09 -0500
Subject: [PATCH 3/3] Monitor: Remove ping infrastructure
Now thast services use an internal
201 - 300 of 1853 matches
Mail list logo