URL: https://github.com/SSSD/sssd/pull/232
Author: sumit-bose
Title: #232: sbus: check connection for NULL before unregister it
Action: opened
PR body:
"""
There seem to be code paths where the data is a added to the hash before
the connection is properly initialized, to
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
sumit-bose commented:
"""
I think the approach currently used in the patch is ok especially since the old
code also used specific IPA knowledge to parse the DN.
URL: https://github.com/SSSD/sssd/pull/232
Author: sumit-bose
Title: #232: sbus: check connection for NULL before unregister it
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/232/head:pr232
git checkout pr232
From
URL: https://github.com/SSSD/sssd/pull/232
Title: #232: sbus: check connection for NULL before unregister it
sumit-bose commented:
"""
I fixed the typo.
I'm not sure about
> We should also set dbus.conn to NULL on places where we call
> dbus_connection_close or dbu
URL: https://github.com/SSSD/sssd/pull/245
Author: sumit-bose
Title: #245: ad: handle forest root not listed in ad_enabled_domains
Action: opened
PR body:
"""
Although users and groups from the forest root should be ignored SSSD will
still try to get information about the fores
URL: https://github.com/SSSD/sssd/pull/251
Author: sumit-bose
Title: #251: overrides: add certificates to mapped attribute
Action: opened
PR body:
"""
Certificates in overrides are explicitly used to map users to
certificates, so we add them to SYSDB_USER_MAPPED_CERT as well.
URL: https://github.com/SSSD/sssd/pull/252
Author: sumit-bose
Title: #252: PAM: check matching certificates from all domains
Action: opened
PR body:
"""
Although the cache_req lookup found matching in multiple domains only
the results from the first domain were used. With
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
Thank you, the patch improves the situation (no DBus error returned) and works
reliable for the configured domain.
But if I r
URL: https://github.com/SSSD/sssd/pull/257
Title: #257: LDAP/AD: Do not fail in case rfc2307bis_nested_groups_recv()
returns ENOENT
sumit-bose commented:
"""
ACK, ENOENT should not be treated as error here because it just indicates that
there are no groups.
"""
URL: https://github.com/SSSD/sssd/pull/257
Title: #257: LDAP/AD: Do not fail in case rfc2307bis_nested_groups_recv()
returns ENOENT
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
Thank you, that patch is now working great for ListByName request. But it still
fails for ListByCertificate. Can you change th
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
New version passes all my tests.
Codewise I wonder if the 2 if-blocks in cache_req_process_input() can be
combined in a singl
URL: https://github.com/SSSD/sssd/pull/252
Title: #252: PAM: check matching certificates from all domains
sumit-bose commented:
"""
Yes, it was confirmed that the patch solves the issue.
"""
See the full comment at
https://github.com/SSSD/sssd/p
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
I think it should not only be called unconditionally. It should be called after
startup before any request is processed to
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
As I said, if it is done at startup and for unknown domains then checking it
additionally once an hour is fine.
""&
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
I would like to suggest an alternative solution for
https://pagure.io/SSSD/sssd/issue/3387.
Since all responders already sen
URL: https://github.com/SSSD/sssd/pull/262
Title: #262: MAN: AD Provider GSSAPI clarification
sumit-bose commented:
"""
ok to test
"""
See the full comment at
https://github.com/SSSD/sssd/pull/262#issuecomment-299628708
_
URL: https://github.com/SSSD/sssd/pull/264
Author: sumit-bose
Title: #264: sss_nss_getlistbycert: return results from multiple domains
Action: opened
PR body:
"""
Currently only the results from one domain were returned although all
domains were searched and the results were
URL: https://github.com/SSSD/sssd/pull/264
Title: #264: sss_nss_getlistbycert: return results from multiple domains
sumit-bose commented:
"""
Hi Pavel, thank you for the review.
If you think the new names would help to understand to code better I'd like to
ask you to ope
URL: https://github.com/SSSD/sssd/pull/264
Author: sumit-bose
Title: #264: sss_nss_getlistbycert: return results from multiple domains
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/264/head:pr264
git checkout pr264
URL: https://github.com/SSSD/sssd/pull/264
Title: #264: sss_nss_getlistbycert: return results from multiple domains
sumit-bose commented:
"""
The call was renamed in a recent commit to master. The new version should fix
it.
"""
See the full comment at
https:/
URL: https://github.com/SSSD/sssd/pull/266
Title: #266: IPA: Fix the PAM error code that auth code expects to start
migration
sumit-bose commented:
"""
While I have no doubt that this patch makes password migration work again I
wonder if it wouldn't be better to fix the
URL: https://github.com/SSSD/sssd/pull/268
Author: sumit-bose
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
Action: opened
PR body:
"""
This patchset got lost when I prepared the certificate mapping patch set.
Applications like gdm with enabled Smartcard s
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
sumit-bose commented:
"""
>Is there a technical reason sssd cannot discover what to do without
>allow_missing_name option to pam_sss? I'd prefer to avoid mo
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
sumit-bose commented:
"""
> Still, why you cannot make that decision without an option's help? Sorry, I
> don't see a difference -- why by seeing a c
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
jfyi, I think my suggested patch is not the right solution either because it
will delay the startup time especially when the sy
URL: https://github.com/SSSD/sssd/pull/271
Author: sumit-bose
Title: #271: pam: properly support UPN logon names
Action: opened
PR body:
"""
Many logon applications like /bin/login or sshd canonicalize the user
name before they call pam_start() and hence the UPN is not see
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
sumit-bose commented:
"""
CI: http://sssd-ci.duckdns.org/logs/job/69/65/summary.html
The rawhide issue is not related to this patch
"""
See the full
URL: https://github.com/SSSD/sssd/pull/272
Title: #272: cache_req: Fix warning maybe-uninitialized
sumit-bose commented:
"""
While this patch will certainly fix the compiler warning I wonder if it
wouldn't be better to call talloc_new() after req is set in 'req =
URL: https://github.com/SSSD/sssd/pull/273
Title: #273: CACHE_REQ_SEARCH: Avoid using of unitialized value
Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists
URL: https://github.com/SSSD/sssd/pull/273
Title: #273: CACHE_REQ_SEARCH: Avoid using of unitialized value
sumit-bose commented:
"""
With the patch I do not see the compiler warning and cache requests are still
work.
There is only the line about coverity in the commit mess
URL: https://github.com/SSSD/sssd/pull/273
Title: #273: CACHE_REQ_SEARCH: Avoid using of unitialized value
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedoraho
URL: https://github.com/SSSD/sssd/pull/273
Title: #273: CACHE_REQ_SEARCH: Avoid using of unitialized value
sumit-bose commented:
"""
ACK
"""
See the full comment at
https://github.com/SSSD/sssd/pull/273#issuecomment-301474552
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
I withdraw my suggested patch. I think @fidencio's patch is the better fix.
But I would like to ask you to in
URL: https://github.com/SSSD/sssd/pull/275
Title: #275: Implement access verification by rhost using ldap_access_order
rhost option
sumit-bose commented:
"""
ok to test
"""
See the full comment at
https://github.com/SSSD/sssd/p
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
sumit-bose commented:
"""
> I agree on the first part, but the second is not clear, sorry. The
> ipa_groups_basedn is the group container, but the members[i]-&
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
> but there's on functional changes in the patch apart from the one suggested
> by yourself
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
ah, sorry for the noise, there must have been an older version in my browser
cache.
"""
See the full comment at
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
sumit-bose commented:
"""
I run a couple of tests with wildcard and certificate searches and all went
well. So ACK from my side.
@pbrezina, do you have
URL: https://github.com/SSSD/sssd/pull/259
Title: #259: RESPONDER: Also populate cr_domains when initializing the
responders
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-l
URL: https://github.com/SSSD/sssd/pull/270
Title: #270: Subdomains direct integration
sumit-bose commented:
"""
retest this please
"""
See the full comment at
https://github.com/SSSD/sssd/pull/270#issuecomment-302673988
_
URL: https://github.com/SSSD/sssd/pull/270
Title: #270: Subdomains direct integration
sumit-bose commented:
"""
The patch looks good, Alexander's comments are included and I was able to
properly overwrite the search bases for subdomains, so ACK.
Before pushing you mig
URL: https://github.com/SSSD/sssd/pull/270
Title: #270: Subdomains direct integration
sumit-bose commented:
"""
Since it is a fallback to the old default behavior I think a fallback is fine
here.
"""
See the full comment at
https://github.com/SSSD/sssd/p
URL: https://github.com/SSSD/sssd/pull/271
Author: sumit-bose
Title: #271: pam: properly support UPN logon names
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/271/head:pr271
git checkout pr271
From
URL: https://github.com/SSSD/sssd/pull/271
Title: #271: pam: properly support UPN logon names
sumit-bose commented:
"""
@fidencio found an issue with the patch while testing, cache_req_send() should
not be called with the domain name to allow cache_req to properly split a
fully
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
sumit-bose commented:
"""
CI: http://sssd-ci.duckdns.org/logs/job/69/94/summary.html
"""
See the full comment at
https://github.com/SSSD/sssd/p
URL: https://github.com/SSSD/sssd/pull/281
Author: sumit-bose
Title: #281: ldap: handle certmap errors gracefully
Action: opened
PR body:
"""
Currently the LDAP user lookup request errors out if e.g. there is no
matching rule for a certificate. This might cause the relat
URL: https://github.com/SSSD/sssd/pull/282
Author: sumit-bose
Title: #282: ipa: filter IPA users from extdom lookups by certificate
Action: opened
PR body:
"""
The extdom lookup by certificate will return the names of all matching
users, both from the IPA and trusted domains
URL: https://github.com/SSSD/sssd/pull/281
Title: #281: ldap: handle certmap errors gracefully
sumit-bose commented:
"""
Good point, I'll enhance the patch
"""
See the full comment at
https://github.com/SSSD/s
URL: https://github.com/SSSD/sssd/pull/284
Author: sumit-bose
Title: #284: krb5: accept changed principal if krb5_canonicalize=True
Action: opened
PR body:
"""
Currently SSSD accepts significant changes in the principal only if
krb5_use_enterprise_principal=True. But canonicali
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
sumit-bose commented:
"""
All my comments are covered, CI passed and the patch worked well in my testing,
so ACK.
I do not understand either why Coverity c
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le..
URL: https://github.com/SSSD/sssd/pull/234
Title: #234: HBAC: Use memberof ASQ search instead of originalMemberOf
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.f
URL: https://github.com/SSSD/sssd/pull/281
Author: sumit-bose
Title: #281: ldap: handle certmap errors gracefully
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/281/head:pr281
git checkout pr281
From
URL: https://github.com/SSSD/sssd/pull/281
Title: #281: ldap: handle certmap errors gracefully
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahoste
URL: https://github.com/SSSD/sssd/pull/268
Author: sumit-bose
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/268/head:pr268
git checkout pr268
From
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lis
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
sumit-bose commented:
"""
Rebased to current master which made the last patch obsolete.
"""
See the full comment at
https://github.com/SSSD/sssd/p
On Wed, May 31, 2017 at 10:31:38AM +0200, Lukas Slebodnik wrote:
> ehlo,
>
> I had a discussion with QEs and realized that sssd need to be restarted
> if default_ccache_name is changed in krb5 configuration files.
>
> The reason is that we cache the value but do not refresh it.
> https://pagure.i
URL: https://github.com/SSSD/sssd/pull/268
Author: sumit-bose
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/268/head:pr268
git checkout pr268
From
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
sumit-bose commented:
"""
Yes, I think this is unrelated. I assume you just set the password as admin but
did not use it as the user. In this case the password is expi
URL: https://github.com/SSSD/sssd/pull/268
Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT
sumit-bose commented:
"""
jfyi, I opend https://pagure.io/SSSD/sssd/issue/3419 to track the issue with
the expired password.
"""
See the full comment at
URL: https://github.com/SSSD/sssd/pull/297
Author: sumit-bose
Title: #297: IPA: Fix the PAM error code that auth code expects to start
migration
Action: opened
PR body:
"""
Recent patches which adds support for PKINIT in krb5_child changed a
return code which is used to indi
URL: https://github.com/SSSD/sssd/pull/302
Author: sumit-bose
Title: #302: krb5: disable enterprise principals during password changes
Action: opened
PR body:
"""
Currently using enterprise principals during password changes does not
work reliable.
First there is a spec
URL: https://github.com/SSSD/sssd/pull/299
Title: #299: pam_sss: Fix leaking of memory in case of failures
sumit-bose commented:
"""
Patch looks good and is needed. ACK from my side, @fidencio are your concerns
taken care of?
"""
See the full comment at
https:/
URL: https://github.com/SSSD/sssd/pull/315
Author: sumit-bose
Title: #315: tests: update expired certificate
Action: opened
PR body:
"""
This is a short term fix to un-break the unit tests. The proper fix
would be to create the certificates at runtime during the tests.
R
URL: https://github.com/SSSD/sssd/pull/265
Title: #265: Test for issue #3391 (sss_override doesn't work with files
provider)
sumit-bose commented:
"""
The test looks good and passes with my patches after the change mentioned
above. I wonder if for completeness you'
URL: https://github.com/SSSD/sssd/pull/317
Author: sumit-bose
Title: #317: Make sure overrides work with files provider
Action: opened
PR body:
"""
There are two issues with overrides and the files provider. First since there
is not backend to call the domain object is not r
URL: https://github.com/SSSD/sssd/pull/265
Title: #265: Test for issue #3391 (sss_override doesn't work with files
provider)
sumit-bose commented:
"""
Patches for the issue itself can be found at
https://github.com/SSSD/sssd/pull/317.
"""
See the full
URL: https://github.com/SSSD/sssd/pull/318
Author: sumit-bose
Title: #318: libwbclient-sssd: update interface to version 0.14
Action: opened
PR body:
"""
The main change is a new member of the wbcAuthErrorInfo struct.
"""
To pull the PR as Git branch:
git remote
URL: https://github.com/SSSD/sssd/pull/317
Author: sumit-bose
Title: #317: Make sure overrides work with files provider
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/317/head:pr317
git checkout pr317
From
URL: https://github.com/SSSD/sssd/pull/317
Title: #317: Make sure overrides work with files provider
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedor
URL: https://github.com/SSSD/sssd/pull/317
Title: #317: Make sure overrides work with files provider
sumit-bose commented:
"""
Patches are updated and should cover all your comments.
"""
See the full comment at
https://github.com/SSSD/sssd/p
URL: https://github.com/SSSD/sssd/pull/265
Title: #265: Test for issue #3391 (sss_override doesn't work with files
provider)
sumit-bose commented:
"""
If I apply the patch on top of #317 the tests pass:
test_files_provider.py::test_user_overriden PASSED
te
URL: https://github.com/SSSD/sssd/pull/265
Title: #265: Test for issue #3391 (sss_override doesn't work with files
provider)
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-l
URL: https://github.com/SSSD/sssd/pull/321
Author: sumit-bose
Title: #321: certmap: add OpenSSL implementation
Action: opened
PR body:
"""
The OpenSSL 1.1 API is used but there is a short macro block which
should added the needed compatibility if and older OpenSSL version is
us
URL: https://github.com/SSSD/sssd/pull/324
Title: #324: MAN: Improve description of 'trusted domain section' in
sssd.conf's man page
sumit-bose commented:
"""
ok to test
"""
See the full comment at
https://github.
URL: https://github.com/SSSD/sssd/pull/330
Author: sumit-bose
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
Action: opened
PR body:
"""
If sss_idmap_unix_to_sid() returns an error we can assume that the given
POSIX ID is not from the current domain and can b
URL: https://github.com/SSSD/sssd/pull/330
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
sumit-bose commented:
"""
The idmap part of not needed in 1.15.3. If we decide we want the shortcut patch
in 1.15.3 I can drop the idmap part from this PR and create anothe
URL: https://github.com/SSSD/sssd/pull/332
Author: sumit-bose
Title: #332: sydb: index improvements
Action: opened
PR body:
"""
This patch first adds some missing attributes to the index. The most
important one here is 'ghost' which is used in the backed during gro
URL: https://github.com/SSSD/sssd/pull/330
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
sumit-bose commented:
"""
Maybe, but I guess it is more a side effect so that the issue is already seen
in ad_account_can_shortcut(). My feeling is that it is more
URL: https://github.com/SSSD/sssd/pull/330
Author: sumit-bose
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/330/head:pr330
git checkout pr330
From
URL: https://github.com/SSSD/sssd/pull/330
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
sumit-bose commented:
"""
I pushed a new version without the idmap patch. Since Lukas is right that have
to increase the revision of the idmap library I'd prefer
URL: https://github.com/SSSD/sssd/pull/336
Author: sumit-bose
Title: #336: idmap_error_string: add missing descriptions
Action: opened
PR body:
"""
Related to https://fedorahosted.org/sssd/ticket/1960
Related to https://fedorahosted.org/sssd/ticket/1938
Related to https://f
URL: https://github.com/SSSD/sssd/pull/330
Title: #330: ad_account_can_shortcut: shortcut if ID is unknown
sumit-bose commented:
"""
The idmap patch can now be found in https://github.com/SSSD/sssd/pull/336 .
"""
See the full comment at
https://github.com/S
On Wed, Aug 02, 2017 at 09:44:41AM +0200, Jakub Hrozek wrote:
> On Tue, Aug 01, 2017 at 06:52:41PM -, smfre...@gmail.com wrote:
> > In one of our test domains, we noticed that the short name of the domain
> > was not being returned by "adcli info" (it is visible in the output of "net
> > rpc
URL: https://github.com/SSSD/sssd/pull/353
Title: #353: libwbclient: Change return code for wbcAuthenticateUserEx
sumit-bose commented:
"""
@lslebodn, thank you for taking case of this. For this PR is it a plain ACK
from me. Imo #351 is fine as well but I would prefer the hear i
URL: https://github.com/SSSD/sssd/pull/353
Title: #353: libwbclient: Change return code for wbcAuthenticateUserEx
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.f
URL: https://github.com/SSSD/sssd/pull/354
Title: #354: libwbclient: Fix warning statement with no effect
sumit-bose commented:
"""
oops, I'm sorry for not catching this, so I put a postit to my monitor
reminding me to really run a build with even the simplest looking chang
URL: https://github.com/SSSD/sssd/pull/354
Title: #354: libwbclient: Fix warning statement with no effect
sumit-bose commented:
"""
ACK
"""
See the full comment at
https://github.com/SSSD/sssd/pull/354#issuecomment-324065118
URL: https://github.com/SSSD/sssd/pull/354
Title: #354: libwbclient: Fix warning statement with no effect
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahos
URL: https://github.com/SSSD/sssd/pull/355
Author: sumit-bose
Title: #355: localauth plugin: change return code of sss_an2ln
Action: opened
PR body:
"""
It is expected that the an2ln plugin function returns KRB5_LNAME_NOTRANS to
indicate that no mapping can be determined
URL: https://github.com/SSSD/sssd/pull/321
Title: #321: certmap: add OpenSSL implementation
sumit-bose commented:
"""
@fidencio, building with libcrypto and running make check
@lslebodn, no, I think there is none, would you mind to open one and assign it
to me?
""&
URL: https://github.com/SSSD/sssd/pull/321
Author: sumit-bose
Title: #321: certmap: add OpenSSL implementation
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/321/head:pr321
git checkout pr321
From
URL: https://github.com/SSSD/sssd/pull/321
Title: #321: certmap: add OpenSSL implementation
sumit-bose commented:
"""
Thank you for the review, I addressed all your comments.
About the tickets, the validation is currently done in two places, the ssh
responder and p11_child. S
URL: https://github.com/SSSD/sssd/pull/362
Author: sumit-bose
Title: #362: IPA: format fixes
Action: opened
PR body:
"""
There are format warnings when compiling on 32bit. One is about time_t
where I added SPRItime and the other is about size_t where %zu should be
used.
R
URL: https://github.com/SSSD/sssd/pull/362
Title: #362: IPA: format fixes
sumit-bose commented:
"""
@lslebodn, for clarification, do you prefer to define SPRItime to 'ld' or use
'%ld' directly in the format template?
"""
See the full
On Wed, Aug 30, 2017 at 05:30:02PM +0200, Jakub Hrozek wrote:
> Hi,
>
> I'm afraid I got a little stuck looking into upstream ticket
> https://pagure.io/SSSD/sssd/issue/3465
>
> The reporter is seeing sssd memory usage increasing on RHEL-6 and
> RHEL-7. There is a valgrind log from RHEL-6 attache
URL: https://github.com/SSSD/sssd/pull/664
Title: #664: pep8: Ignore W504 and W605 to silence warnings on Debian
sumit-bose commented:
"""
About W504, if I understand it correctly there is no final agreement about the
line break and binary operators in pep8, so there is W504 fo
URL: https://github.com/SSSD/sssd/pull/665
Author: sumit-bose
Title: #665: p11: handle multiple certs during auth with OpenSSL
Action: opened
PR body:
"""
This patch adds missing code already available in the NSS version to
select a certificate for authentication if multiple c
901 - 1000 of 3711 matches
Mail list logo
