URL: https://github.com/SSSD/sssd/pull/5547
Title: #5547: systemd configs: add CAP_DAC_OVERRIDE for ifp in certain case
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@l
URL: https://github.com/SSSD/sssd/pull/5552
Author: sumit-bose
Title: #5552: files: split update into batches
Action: opened
PR body:
"""
If the files managed by the files provider contain many users or groups
processing them might take a considerable amount of time. To k
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
Hi,
I didn't include changes with respect to use talloc-pools in this PR because
currently I cannot reproduce the original performance improvements
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
> So far when we talked about "batches" I thought we meant "accumulating few
> consequent update events and processing in a single 'b
URL: https://github.com/SSSD/sssd/pull/5549
Title: #5549: data_provider: Configure backend probing interval
sumit-bose commented:
"""
Hi,
just a general comment, please use `sss_rand()`. It makes sure `srand()` is
called and would help if we want to use different general
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
sumit-bose commented:
"""
Hi,
thank you for the patches and especially for the extensive tests. I think both
`partial_chain` and `pam_cert_verification` are useful. I will
URL: https://github.com/SSSD/sssd/pull/5542
Title: #5542: nss client: make innetgr() thread safe
sumit-bose commented:
"""
> Wouldn't it be possible to use `thread_local` instead?
Hi,
in general yes, and I was thinking about this as well. I guess you a are
thinking of
URL: https://github.com/SSSD/sssd/pull/5537
Author: sumit-bose
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5537/head:pr5537
git checkout
URL: https://github.com/SSSD/sssd/pull/5537
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
sumit-bose commented:
"""
Hi,
thanks for the review. I tired to use a single return but I agree that with
your suggestions to code is more readable. New versi
URL: https://github.com/SSSD/sssd/pull/5537
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le.
URL: https://github.com/SSSD/sssd/pull/5537
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
Label: +Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le
URL: https://github.com/SSSD/sssd/pull/5546
Title: #5546: kcm: add GET_CRED_LIST for faster iteration
sumit-bose commented:
"""
Hi,
the patches work well for me.
The feature is already covered by the current KCM integration tests, i.e. if
the krb5 client library supports t
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
sumit-bose commented:
"""
Hi,
can you add something like
```
diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c
index ab47e2986..8d69eaf07 100644
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lis
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
> Is it safe to remove `sdap_domain_remove` call? IIRC there was a reason for
> it.
Hi,
I guess you are thinking of the domain-disab
URL: https://github.com/SSSD/sssd/pull/5562
Author: sumit-bose
Title: #5562: AD GPO: respect ad_gpo_implicit_deny if no GPO is present
Action: opened
PR body:
"""
Currently ad_gpo_implicit_deny=True is not applied if there is no GPO at
all for the given client. With this pat
URL: https://github.com/SSSD/sssd/pull/5552
Author: sumit-bose
Title: #5552: files: split update into batches
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5552/head:pr5552
git checkout pr5552
From
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
Hi,
the latest version only updates the commit message.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
Label: +Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.o
URL: https://github.com/SSSD/sssd/pull/5546
Title: #5546: kcm: add GET_CRED_LIST for faster iteration
sumit-bose commented:
"""
> > The feature is already covered by the current KCM integration tests, i.e.
> > if the krb5 client library supports the extension it wil
URL: https://github.com/SSSD/sssd/pull/5546
Title: #5546: kcm: add GET_CRED_LIST for faster iteration
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.
URL: https://github.com/SSSD/sssd/pull/5546
Title: #5546: kcm: add GET_CRED_LIST for faster iteration
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fed
URL: https://github.com/SSSD/sssd/pull/5532
Title: #5532: ldap: retry ldap_install_tls() when watchdog interruption
sumit-bose commented:
"""
> > Thanks. From functional point of view this now looks good.
> > I'm really not sure about implementation of FO code ch
URL: https://github.com/SSSD/sssd/pull/5537
Author: sumit-bose
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5537/head:pr5537
git checkout
URL: https://github.com/SSSD/sssd/pull/5537
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
sumit-bose commented:
"""
> Shall this target 1-16 as well?
> (https://bugzilla.redhat.com/show_bug.cgi?id=1945552)
yes
"""
See the full comm
URL: https://github.com/SSSD/sssd/pull/5537
Title: #5537: negcache: use right domain in nss_protocol_fill_initgr()
sumit-bose commented:
"""
> Ack to the code but there is conflict. Can you please rebase it?
done
"""
See the full comment at
https://github.com
URL: https://github.com/SSSD/sssd/pull/5562
Author: sumit-bose
Title: #5562: AD GPO: respect ad_gpo_implicit_deny if no GPO is present
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5562/head:pr5562
git checkout
URL: https://github.com/SSSD/sssd/pull/5562
Title: #5562: AD GPO: respect ad_gpo_implicit_deny if no GPO is present
sumit-bose commented:
"""
> `ad_gpo_implicit_deny` is now respected even if there are no applicable GPOs
> present
Updated in the latest version. Thanks.
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
> The reason why the message is not delivered is because we send it over
> `provider->sbus_conn` which requires accessing the backend's tevent loo
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
> > > What is the reason for this patches?
> >
> >
> > IIUC, to avoid single large blocking operation. see #5557
>
> IMHO in
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
sumit-bose commented:
"""
Hi,
the RHEL/Fedora package is called `libfaketime`, if you change this hopefully
more CI tests should pass.
bye,
Sumit
"""
URL: https://github.com/SSSD/sssd/pull/5552
Title: #5552: files: split update into batches
sumit-bose commented:
"""
> > where do you see the difficulties to add a diff approach? The step the
> > remove the cache has to be replaced by the diff step and then the
URL: https://github.com/SSSD/sssd/pull/5573
Title: #5573: configure: set CPP macro with AC_PROG_CPP
sumit-bose commented:
"""
Hi,
thanks, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5573
Title: #5573: configure: set CPP macro with AC_PROG_CPP
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.or
URL: https://github.com/SSSD/sssd/pull/5566
Title: #5566: Fix exponent padding when deriving rsapubkey to ssh
sumit-bose commented:
"""
Hi,
thanks for the patch, I agree with the fix. You are right, this issue is not
specific to rsassa-pss but is related to how BIGNUM handles n
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
sumit-bose commented:
"""
> Mhmh, not sure what's this failure is about:
>
> ```
> rpmbuild --define "_topdir /shared/sssd/rpmbuild" -ba SPECS/sssd.s
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
sumit-bose commented:
"""
Hi,
CI looks better now :-), ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5558
Title: #5558: p11_child: Add partial verification support
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.
URL: https://github.com/SSSD/sssd/pull/5532
Title: #5532: ldap: retry ldap_install_tls() when watchdog interruption
sumit-bose commented:
"""
> Retry logic means that something failed but we have resolved the server
> successfully so imho the retry logic should be implem
URL: https://github.com/SSSD/sssd/pull/5580
Author: sumit-bose
Title: #5580: ipa subdomains: do not fail completely if one step fails
Action: opened
PR body:
"""
Currently while updating server side data stored on an IPA server during a
subdomains request the whole request
URL: https://github.com/SSSD/sssd/pull/5566
Title: #5566: Fix exponent padding when deriving rsapubkey to ssh
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedor
URL: https://github.com/SSSD/sssd/pull/5566
Title: #5566: Fix exponent padding when deriving rsapubkey to ssh
sumit-bose commented:
"""
Hi,
thanks for the fixes and squashing everything together. ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SS
URL: https://github.com/SSSD/sssd/pull/5542
Title: #5542: nss client: make innetgr() thread safe
sumit-bose commented:
"""
> I was thinking to make
> [sss_cli_sd](https://github.com/SSSD/sssd/blob/master/src/sss_client/common.c#L68)
> `thread_local` and get rid of loc
URL: https://github.com/SSSD/sssd/pull/5584
Author: sumit-bose
Title: #5584: negcache: use right domain in nss_protocol_fill_initgr()
Action: opened
PR body:
"""
When checking if a group returned by an initgroups request is filtered
in the negative cache the domain of the user
URL: https://github.com/SSSD/sssd/pull/5529
Author: sumit-bose
Title: #5529: AD: read trusted domains from local domain as well
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5529/head:pr5529
git checkout pr5529
From
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
Hi,
the latest version does not remove `sdap_domain_remove` anymore.
bye,
Sumit
"""
See the full comment at
https://
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lis
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
Label: +Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@li
URL: https://github.com/SSSD/sssd/pull/5588
Author: sumit-bose
Title: #5588: man: clarify single_prompt option
Action: opened
PR body:
"""
Make it more clear that the single_prompt prompting configuration option
can only be used with both factor even if the second is opti
URL: https://github.com/SSSD/sssd/pull/5590
Author: sumit-bose
Title: #5590: nss: prefer homedir overrides over override_homedir option
Action: opened
PR body:
"""
Currently the override_homedir option will overwrite every home
directory even if a dedicated user override ex
URL: https://github.com/SSSD/sssd/pull/5590
Author: sumit-bose
Title: #5590: nss: prefer homedir overrides over override_homedir option
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5590/head:pr5590
git checkout
URL: https://github.com/SSSD/sssd/pull/5529
Author: sumit-bose
Title: #5529: AD: read trusted domains from local domain as well
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5529/head:pr5529
git checkout pr5529
From
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
> Hi Sumit, the first commit has wrong commit message, can you fix that please?
ah, sorry, fixed in the latest version.
bye,
Sumit
"&
URL: https://github.com/SSSD/sssd/pull/5541
Author: sumit-bose
Title: #5541: nss client: make innetgr() thread safe
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5541/head:pr5541
git checkout pr5541
From
URL: https://github.com/SSSD/sssd/pull/5541
Title: #5541: nss client: make innetgr() thread safe
sumit-bose commented:
"""
Hi,
thank you for the review. I set `enum_limit` to `0` and added a comment which
explains that it is not used for this specific call.
bye,
Sumit
&q
URL: https://github.com/SSSD/sssd/pull/5584
Author: sumit-bose
Title: #5584: negcache: use right domain in nss_protocol_fill_initgr() (1.16)
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5584/head:pr5584
git
URL: https://github.com/SSSD/sssd/pull/5584
Title: #5584: negcache: use right domain in nss_protocol_fill_initgr() (1.16)
sumit-bose commented:
"""
Hi,
thank you for the careful review, hash is fixed in the latest version.
bye,
Sumit
"""
See the full comment at
URL: https://github.com/SSSD/sssd/pull/5584
Title: #5584: negcache: use right domain in nss_protocol_fill_initgr() (1.16)
Label: +Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-d
URL: https://github.com/SSSD/sssd/pull/5584
Title: #5584: negcache: use right domain in nss_protocol_fill_initgr() (1.16)
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-de
URL: https://github.com/SSSD/sssd/pull/5541
Author: sumit-bose
Title: #5541: nss client: make innetgr() thread safe
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5541/head:pr5541
git checkout pr5541
From
URL: https://github.com/SSSD/sssd/pull/5594
Author: sumit-bose
Title: #5594: AD: read trusted domains from local domain as well (1.16)
Action: opened
PR body:
"""
Currently SSSD only uses information stored in a domain controller of
the forest root domain to get the names o
URL: https://github.com/SSSD/sssd/pull/5541
Author: sumit-bose
Title: #5541: nss client: make innetgr() thread safe
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5541/head:pr5541
git checkout pr5541
From
URL: https://github.com/SSSD/sssd/pull/5541
Title: #5541: nss client: make innetgr() thread safe
sumit-bose commented:
"""
Hi,
the latest version fixes the comments for the test program as well and adds a
GPLv3 header to the file.
bye,
Sumit
"""
See the full
URL: https://github.com/SSSD/sssd/pull/5541
Author: sumit-bose
Title: #5541: nss client: make innetgr() thread safe
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5541/head:pr5541
git checkout pr5541
From
URL: https://github.com/SSSD/sssd/pull/5593
Title: #5593: BUILD: prefer PCRE2 over PCRE
sumit-bose commented:
"""
Hi,
it looks like only `PCRE_LIBS` and `PCRE_CLAGS` are used in `Makefile.am` but
the configure check defines only `PCRE2_LIBS` and `PCRE2_CFLAGS` if version 2
URL: https://github.com/SSSD/sssd/pull/5593
Title: #5593: BUILD: prefer PCRE2 over PCRE
sumit-bose commented:
"""
> > it looks like only `PCRE_LIBS` and `PCRE_CLAGS` are used in `Makefile.am`
> > but the configure check defines only `PCRE2_LIBS` and `PCRE2_CFLAGS`
URL: https://github.com/SSSD/sssd/pull/5593
Title: #5593: BUILD: prefer PCRE2 over PCRE
sumit-bose commented:
"""
Hi,
I was thinking of
-[PCRE2],
+[PCRE],
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5599
Title: #5599: monitor: avoid NULL deref in monitor_service_shutdown()
sumit-bose commented:
"""
Hi,
thank you, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5599
Title: #5599: monitor: avoid NULL deref in monitor_service_shutdown()
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.f
URL: https://github.com/SSSD/sssd/pull/5599
Title: #5599: monitor: avoid NULL deref in monitor_service_shutdown()
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le.
URL: https://github.com/SSSD/sssd/pull/5608
Author: sumit-bose
Title: #5608: nss: fix getsidbyname for IPA user-private-groups
Action: opened
PR body:
"""
Currently the getsidbyname request does not work properly for IPA users
due to the way IPA user-private-groups are handle
URL: https://github.com/SSSD/sssd/pull/5611
Author: sumit-bose
Title: #5611: man: clarify priority in sss-certmap man page
Action: opened
PR body:
"""
Explain in the man page what is expected when two or more mapping and
matching rules have the same priority.
Resolves: htt
URL: https://github.com/SSSD/sssd/pull/5611
Title: #5611: man: clarify priority in sss-certmap man page
sumit-bose commented:
"""
Hi Scott,
would you mind to check this paragraph for the sss-certmap man page?
bye,
Sumit
"""
See the full comment at
https://
URL: https://github.com/SSSD/sssd/pull/5611
Author: sumit-bose
Title: #5611: man: clarify priority in sss-certmap man page
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5611/head:pr5611
git checkout pr5611
From
URL: https://github.com/SSSD/sssd/pull/5611
Title: #5611: man: clarify priority in sss-certmap man page
sumit-bose commented:
"""
Hi,
thank you for the review, I've updated the patch accordingly.
bye,
Sumit
"""
See the full comment at
https://github.c
URL: https://github.com/SSSD/sssd/pull/5605
Title: #5605: libwbclient-sssd: removed
sumit-bose commented:
"""
> ACK for removal of test
Thanks for the feedback.
"""
See the full comment at
https://github.com/SSSD/sssd
URL: https://github.com/SSSD/sssd/pull/5605
Title: #5605: libwbclient-sssd: removed
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of
URL: https://github.com/SSSD/sssd/pull/5617
Title: #5617: man: fix p11_uri example URIs
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Cod
URL: https://github.com/SSSD/sssd/pull/5617
Title: #5617: man: fix p11_uri example URIs
sumit-bose commented:
"""
Hi,
thank you very much for the patch, the change is correct. ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
sumit-bose commented:
"""
Hi,
thank you for the patches. So far I tested the `true` and `false` options in
different trust setups and came across an issue if the t
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le.
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
sumit-bose commented:
"""
Hi,
some additional observations. The setting is inherited but only after multiple
refreshes:
```
[r...@master.ipa.vm /var/log/sssd]#
URL: https://github.com/SSSD/sssd/pull/5621
Title: #5621: Deprecate 'local-provider' and 'secrets' support
sumit-bose commented:
"""
Hi,
since there are no further comments I set the flag.
bye,
Sumit
"""
See the full comment at
https://git
URL: https://github.com/SSSD/sssd/pull/5621
Title: #5621: Deprecate 'local-provider' and 'secrets' support
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedoraho
URL: https://github.com/SSSD/sssd/pull/5597
Author: sumit-bose
Title: #5597: sss_cache: reset original timestamp and USN
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5597/head:pr5597
git checkout pr5597
From
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN
sumit-bose commented:
"""
Hi,
thank you for the review, I updated the second patch so that the new initial
value is treated as "Initgroups were not yet performed&q
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
sumit-bose commented:
"""
Hi,
thanks for the updates. In the latest version the setting is inherited
properly. However it looks like the `hybrid` mode is still
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
sumit-bose commented:
"""
Hi,
thank you for the updates, I think lookups on the server-side now work as
expected.
When testing on a client with POSIX IDs from AD
URL: https://github.com/SSSD/sssd/pull/5633
Title: #5633: Gentoo/openrc: Add sssd-kcm service script
sumit-bose commented:
"""
Hi,
thank you for the patch. I haven't tested it on Gentoo but all changes are in
agreement with the SSSD init script we already have for
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
sumit-bose commented:
"""
>
> > Finally, not strictly related to your patches, I think the `hybrid` mode
> > make no sense for auto-generated I
URL: https://github.com/SSSD/sssd/pull/5613
Title: #5613: ipa: read auto_private_groups from id range if available
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.
URL: https://github.com/SSSD/sssd/pull/5633
Title: #5633: Gentoo/openrc: Add sssd-kcm service script
sumit-bose commented:
"""
> Not exclusively related to this PR, but rather a question in general: do we
> really want to keep (and extend) any distribution specific stuf
URL: https://github.com/SSSD/sssd/pull/5608
Author: sumit-bose
Title: #5608: nss: fix getsidbyname for IPA user-private-groups
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5608/head:pr5608
git checkout pr5608
From
URL: https://github.com/SSSD/sssd/pull/5608
Title: #5608: nss: fix getsidbyname for IPA user-private-groups
sumit-bose commented:
"""
Hi,
thank you for your comments, I update the commit message to make it (hopefully)
more clear.
bye,
Sumit
"""
See the full
URL: https://github.com/SSSD/sssd/pull/5643
Title: #5643: SECRETS: Resolve mkey path correctly
sumit-bose commented:
"""
Hi,
I tested updates from sssd-2.4.0 and kcm is now working as expected, so ACK
with respect to functionality.
bye,
Sumit
"""
See the full
URL: https://github.com/SSSD/sssd/pull/5647
Title: #5647: krb5_child: Honor Kerberos keytab location
sumit-bose commented:
"""
Hi,
I'm afraid this won't work. With your patch you cannot make a difference if
`/etc/krb5.keytab` is set because the SSSD default for `kr
URL: https://github.com/SSSD/sssd/pull/5652
Author: sumit-bose
Title: #5652: pac: allow larger PACs
Action: opened
PR body:
"""
Currently the PAC responder only accepts request which are about 1k in
size. Since a PAC can be larger there are cases where the PAC is not
acce
URL: https://github.com/SSSD/sssd/pull/5653
Author: sumit-bose
Title: #5653: kcm: use %zu as format for size_t
Action: opened
PR body:
"""
size_t might be a different integer type on different platforms. The %z
length modifier was added to handle this.
Resolves: https://githu
501 - 600 of 3711 matches
Mail list logo
