On Thu, May 31, 2012 at 09:09:53AM +0200, Jakub Hrozek wrote:
On Thu, May 24, 2012 at 03:04:36PM +0200, Sumit Bose wrote:
Hi,
this patch allows us besides other conversions to convert the dom_sid
structure used by samba to strings and back. This structure is used by
various samba
On Mon, Jun 04, 2012 at 02:15:37PM +0200, Jakub Hrozek wrote:
On Fri, Jun 01, 2012 at 01:06:11PM +0200, Sumit Bose wrote:
On Thu, May 31, 2012 at 09:09:53AM +0200, Jakub Hrozek wrote:
On Thu, May 24, 2012 at 03:04:36PM +0200, Sumit Bose wrote:
Hi,
this patch allows us besides
On Mon, Jun 04, 2012 at 02:04:38PM +0200, Jakub Hrozek wrote:
On Fri, Jun 01, 2012 at 01:10:32PM +0200, Sumit Bose wrote:
Hi,
I found a missing 'u' in the idmap code. This patch fixes the typo and
adds a test.
bye,
Sumit
The patch seems to be breaking unit tests:
Running
On Mon, Jun 04, 2012 at 02:49:48PM +0200, Sumit Bose wrote:
On Mon, Jun 04, 2012 at 02:15:37PM +0200, Jakub Hrozek wrote:
On Fri, Jun 01, 2012 at 01:06:11PM +0200, Sumit Bose wrote:
On Thu, May 31, 2012 at 09:09:53AM +0200, Jakub Hrozek wrote:
On Thu, May 24, 2012 at 03:04:36PM +0200
On Wed, Jun 06, 2012 at 08:03:28AM +0200, Jakub Hrozek wrote:
On Tue, Jun 05, 2012 at 06:34:20PM +0200, Sumit Bose wrote:
On Mon, Jun 04, 2012 at 02:49:48PM +0200, Sumit Bose wrote:
On Mon, Jun 04, 2012 at 02:15:37PM +0200, Jakub Hrozek wrote:
On Fri, Jun 01, 2012 at 01:06:11PM +0200
On Thu, Jun 21, 2012 at 04:57:35AM -0400, Jan Zeleny wrote:
- Original Message -
On Tue, 2012-06-19 at 17:15 +0200, Jan Zelený wrote:
This patch fixes an issue which resulted in a need to initialize
responder with data from local domain, otherwise it would not
correctly
-experimental-features or similar set.
bye,
Sumit
From 7ea7827a133dbf55726a37657d2ca0998efb59bf Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 21 Jun 2012 22:12:55 +0200
Subject: [PATCH] Try to build PAC responder only if all dependencies are
available
---
contrib/sssd.spec.in
Hi,
the unit tests of the pac responder basically have the same dependencies
as the pac responder and should be build only if the pac responder is
build as well.
bye,
Sumit
From 13c93ac960fd9d3ced1c503ef4d806a07e91f420 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Sat, 23 Jun
Hi,
the following patch will add a description about the pac responder to
the sssd.conf man page.
bye,
Sumit
From a60c2f5fa62c2834fe8ca51aab1a48be4d847584 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 25 Jun 2012 11:34:33 +0200
Subject: [PATCH] Add man page section
Hi,
to make sub-domain configuration easier this patch adds a default value
for the subdomain_homedir parameter.
bye,
Sumit
From 89fa3575d45e208827754943e82e2e33afec13e5 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 25 Jun 2012 15:16:35 +0200
Subject: [PATCH] Set default
On Mon, Jul 02, 2012 at 12:52:42PM -0400, Simo Sorce wrote:
On Mon, 2012-07-02 at 18:18 +0200, Stef Walter wrote:
On 07/02/2012 06:02 PM, Simo Sorce wrote:
1.
You should never allow to set a domain that differs from the realm name
in the AD provider, it is always assumed realm = domain
directory but could not load it, because there was only
__init__.py.in. This patch tries to find out if SSSDConfigTest.py is run
under make be check the srcdir envvar and then sets sys.path
accordingly.
bye,
Sumit
From bed8b874c33da6f8243cd570b688e4e86d817330 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb
Hi,
the pac responser does not honor the file descriptor limits option. This
patch adds it.
bye,
Sumit
From 0a100bc766ef2afa7f5460442dca6a26b45a3dec Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 2 Jul 2012 14:28:03 +0200
Subject: [PATCH] Set file descriptor limits in pac
the PAC responder by default. Is this too restrictive?
bye,
Sumit
From f3918008bbcd9bca54cd10cdd57750a39f32c708 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 5 Jul 2012 10:50:08 +0200
Subject: [PATCH] pac responder: limit access by checking UIDs
A check for allowed UIDs is added
On Thu, Jul 05, 2012 at 11:28:31AM -0400, Stephen Gallagher wrote:
On Thu, 2012-07-05 at 13:15 +0200, Sumit Bose wrote:
Hi,
the pac responser does not honor the file descriptor limits option. This
patch adds it.
Nack. You are checking for the fd_limit value in the [nss] section
On Thu, Jul 05, 2012 at 01:30:02PM -0400, Simo Sorce wrote:
On Thu, 2012-07-05 at 18:51 +0200, Sumit Bose wrote:
On Thu, Jul 05, 2012 at 09:12:16AM -0400, Simo Sorce wrote:
On Thu, 2012-07-05 at 14:06 +0200, Sumit Bose wrote:
Hi,
this patch added the checks requested
On Thu, Jul 05, 2012 at 03:05:37PM -0400, Simo Sorce wrote:
On Thu, 2012-07-05 at 21:01 +0200, Sumit Bose wrote:
On Thu, Jul 05, 2012 at 01:30:02PM -0400, Simo Sorce wrote:
On Thu, 2012-07-05 at 18:51 +0200, Sumit Bose wrote:
On Thu, Jul 05, 2012 at 09:12:16AM -0400, Simo Sorce wrote
Hi,
the following two patches fixes issues found by Coverity.
bye,
Sumit
From e684620d8f6ead4e6c82910bfe37f06cbd810a7f Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 9 Jul 2012 20:45:12 +0200
Subject: [PATCH 1/2] Remove resource leak in sssdpac_import_authdata
Fixes https
00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 9 Aug 2012 10:10:42 +0200
Subject: [PATCH] Add python bindings for murmurhash3
---
Makefile.am| 21 -
contrib/sssd.spec.in |1 +
src/python/pysss_murmur.c | 63
On Thu, Aug 09, 2012 at 06:09:37PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1462
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
On Fri, Aug 10, 2012 at 06:40:35PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1460
Please see the commit. I'm wondering if there is still a (small) race
condition between the call to pthread_cleanup_pop() and unlocking the
mutex. Would it be better to i.e. always call
On Mon, Aug 13, 2012 at 06:13:24PM +0200, Jakub Hrozek wrote:
On Mon, Aug 13, 2012 at 04:40:03PM +0200, Jakub Hrozek wrote:
On Mon, Aug 13, 2012 at 01:30:21PM +0200, Sumit Bose wrote:
On Fri, Aug 10, 2012 at 06:40:35PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1460
On Mon, Aug 13, 2012 at 11:28:07AM +0200, Jakub Hrozek wrote:
On Thu, Aug 09, 2012 at 02:20:23PM +0200, Sumit Bose wrote:
Hi,
I would like to find a range/slice for Posix IDs based on a domain SID
on the IPA server the same way as sssd does. For this I need python
bindings
On Thu, Aug 16, 2012 at 11:05:26AM +0200, Jakub Hrozek wrote:
The attached patch fixes compiling the python murmurhash bindings on
RHEL5.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
On Wed, Aug 15, 2012 at 02:07:12PM +0200, Sumit Bose wrote:
On Mon, Aug 13, 2012 at 06:13:24PM +0200, Jakub Hrozek wrote:
On Mon, Aug 13, 2012 at 04:40:03PM +0200, Jakub Hrozek wrote:
On Mon, Aug 13, 2012 at 01:30:21PM +0200, Sumit Bose wrote:
On Fri, Aug 10, 2012 at 06:40:35PM +0200
/ticket/1499 to track this.
The second patch just replace the remaining old debug levels with the
new ones.
bye,
Sumit
From a7abacfbb1e9921eb43562449fca45e2a7d9e255 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 24 Aug 2012 10:56:38 +0200
Subject: [PATCH 1/2] Fix fallback
On Thu, Aug 23, 2012 at 01:05:13PM +0200, Jakub Hrozek wrote:
On Wed, Aug 22, 2012 at 07:00:02PM +0200, Jakub Hrozek wrote:
On Tue, Aug 21, 2012 at 12:02:43PM +0200, Jakub Hrozek wrote:
I haven't tested F-16 yet, but I'll spin up a VM.
The patch worked fine for me on a 64bit F-16
:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 3 Sep 2012 13:53:55 +0200
Subject: [PATCH] Check flat names when searching for sub-domains as well
---
src/util/usertools.c |4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/util/usertools.c b/src/util
On Tue, Sep 04, 2012 at 06:34:23PM +0200, Jakub Hrozek wrote:
The sdap_id_release_conn_data function is already called inside
sdap_id_op_hook_conn_data() so the net result is a double free. I can't
think of a reason when you'd want to call release_conn_data but not
op_hook_conn_data..
This
On Wed, Sep 05, 2012 at 03:05:49PM +0200, Pavel Březina wrote:
0001 fixes https://fedorahosted.org/sssd/ticket/1458
0002 fixes a memory leak when be_process_init() fails. I think it
should be fixed, even though the backend is in this case immediately
terminated
Hi,
the patches compile
On Mon, Sep 10, 2012 at 09:35:25AM +0200, Pavel Březina wrote:
On 09/07/2012 11:31 AM, Sumit Bose wrote:
On Wed, Sep 05, 2012 at 03:05:49PM +0200, Pavel Březina wrote:
0001 fixes https://fedorahosted.org/sssd/ticket/1458
0002 fixes a memory leak when be_process_init() fails. I think it
should
On Mon, Sep 10, 2012 at 01:52:53PM +0200, Pavel Březina wrote:
On 09/10/2012 10:48 AM, Sumit Bose wrote:
On Mon, Sep 10, 2012 at 09:35:25AM +0200, Pavel Březina wrote:
On 09/07/2012 11:31 AM, Sumit Bose wrote:
On Wed, Sep 05, 2012 at 03:05:49PM +0200, Pavel Březina wrote:
0001 fixes https
On Wed, Sep 12, 2012 at 10:19:57AM +0200, Pavel Březina wrote:
On 09/11/2012 06:54 PM, Sumit Bose wrote:
On Mon, Sep 10, 2012 at 01:52:53PM +0200, Pavel Březina wrote:
On 09/10/2012 10:48 AM, Sumit Bose wrote:
On Mon, Sep 10, 2012 at 09:35:25AM +0200, Pavel Březina wrote:
On 09/07/2012 11:31
changes to the startup process which are not suitable at
this stage of the 1.9 development. So I picked a more direct solution.
bye,
Sumit
From 6388218c6a4802cb533e777161557c3a48fea41f Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 19 Sep 2012 21:28:28 +0200
Subject: [PATCH] Add
On Thu, Sep 20, 2012 at 10:19:38AM +0200, Pavel Březina wrote:
On 09/19/2012 09:49 PM, Sumit Bose wrote:
Hi,
this patch add specific default values for the regular expression to
split user names for the AD and IPA provider. In a perfect patch the
ID provider itself would report back what he
Hi,
this patch fixes https://fedorahosted.org/sssd/ticket/1517 by increasing
some of the debug levels and print a log messages about the actual
request only if the subdomain provider is configured.
bye,
Sumit
From 72de4771f26192cb1fa616280efc347d0f48e347 Mon Sep 17 00:00:00 2001
From: Sumit Bose
On Fri, Sep 21, 2012 at 11:06:28AM +0200, Pavel Březina wrote:
On 09/20/2012 09:16 PM, Sumit Bose wrote:
Hi,
this patch fixeshttps://fedorahosted.org/sssd/ticket/1517 by increasing
some of the debug levels and print a log messages about the actual
request only if the subdomain provider
On Sun, Sep 23, 2012 at 09:10:04PM +0200, Jakub Hrozek wrote:
To test, remove the openldap24 RPMs on RHEL5 systems and attempt to
build the SSSD. Without the patch, compilation fails because there's no
LDAPDerefRes. With the patch, the build process fails during configure.
On Sun, Sep 23, 2012 at 09:34:13PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1487
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
On Sun, Sep 23, 2012 at 11:12:30PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1384
I tested by logging in from one terminal, then chowning the ccache to
root.root to make the existing ccache unusable by the krb5_child process
and attempting to log in from another
On Mon, Sep 24, 2012 at 01:03:44PM +0200, Jakub Hrozek wrote:
On Mon, Sep 24, 2012 at 12:41:07PM +0200, Pavel Březina wrote:
On 09/21/2012 06:42 PM, Sumit Bose wrote:
On Fri, Sep 21, 2012 at 11:06:28AM +0200, Pavel Březina wrote:
On 09/20/2012 09:16 PM, Sumit Bose wrote:
Hi
On Mon, Sep 24, 2012 at 12:46:51PM +0200, Jakub Hrozek wrote:
On Mon, Sep 24, 2012 at 12:18:36PM +0200, Sumit Bose wrote:
On Sun, Sep 23, 2012 at 09:10:04PM +0200, Jakub Hrozek wrote:
To test, remove the openldap24 RPMs on RHEL5 systems and attempt to
build the SSSD. Without the patch
On Mon, Oct 01, 2012 at 04:50:27PM +0200, Jakub Hrozek wrote:
On Mon, Oct 01, 2012 at 01:03:11PM +0200, Sumit Bose wrote:
Hi,
this patch adds man page comments about the provider specific
re_expression feature introduced in 1.9.0.
bye,
Sumit
Isn't there too many backslashes
On Fri, Oct 05, 2012 at 06:45:38PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1563
Build is working fine and for me the text looks good. ACK.
If there is a native speaker who can have a look at the text it would be
even better.
bye,
Sumit
On Tue, Oct 09, 2012 at 11:38:57AM +0200, Ondrej Kos wrote:
https://fedorahosted.org/sssd/ticket/1499
Adds log message about not finding appropriate entry in keytab and using
the last keytab entry when validation is enabled.
Adds more information about validation into manpage.
Patch is
On Tue, Oct 09, 2012 at 12:41:43PM +0200, Ondrej Kos wrote:
On 10/09/2012 12:28 PM, Sumit Bose wrote:
On Tue, Oct 09, 2012 at 11:38:57AM +0200, Ondrej Kos wrote:
https://fedorahosted.org/sssd/ticket/1499
new patch attached
Thank you. ACK
bye,
Sumit
O.
--
Ondrej Kos
On Tue, Oct 09, 2012 at 07:10:02PM +0200, Jakub Hrozek wrote:
I accidentally enabled ID mapping for an IPA domain and saw this crash.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
On Thu, Oct 11, 2012 at 12:41:47AM +0200, Thorsten Scherf wrote:
From 79e768d2033cf1aba70dd5065fd49146158628f0 Mon Sep 17 00:00:00 2001
From: Thorsten Scherf tsch...@redhat.com
Date: Thu, 11 Oct 2012 00:35:54 +0200
Subject: [PATCH] Fixed: translation bug
---
po/de.po |2 +-
1 files
On Thu, Oct 11, 2012 at 10:00:15AM +0200, Jakub Hrozek wrote:
When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close the pipe from its end.
https://fedorahosted.org/sssd/ticket/1569
Patch looks good, I just wonder if pam_set_data() better should
On Wed, Oct 10, 2012 at 10:14:22PM +0200, Jakub Hrozek wrote:
The attached patch fixes the user-after-free crash I was seeing
occasionally.
https://fedorahosted.org/sssd/ticket/1571
The patch changes the subdomains discovery to use the tevent_req
style. Previously, the code violated
On Thu, Oct 11, 2012 at 01:37:49PM +0200, Jakub Hrozek wrote:
On Thu, Oct 11, 2012 at 01:28:03PM +0200, Sumit Bose wrote:
On Thu, Oct 11, 2012 at 10:00:15AM +0200, Jakub Hrozek wrote:
When a PAM-aware application calls pam_end(), our module would call its
close_fd destructor and close
applied the request will
go to the extended operation to map the uid to a name.
bye,
Sumit
From 14d8f1f7c18341ae4de8f1253670f618430312b0 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 11 Oct 2012 14:50:33 +0200
Subject: [PATCH 1/2] Check for subdomains if getpwuid or getgrgid
On Thu, Oct 11, 2012 at 05:32:20PM +0200, Pavel Březina wrote:
On 10/11/2012 04:16 PM, Sumit Bose wrote:
Hi,
those two patch fixes https://fedorahosted.org/sssd/ticket/1561 from the
sssd side. While testing I found that there is also a server side issue
which is tracked by https
Hi,
while testing other stuff I found those two issues.
bye,
Sumit
From 7c65a85f1b75c2b0c1f24039ecc6e808ed871753 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 19 Oct 2012 18:10:43 +0200
Subject: [PATCH] Fix two errors in the nss responder
One is a copy-and-paste error
On Thu, Oct 18, 2012 at 01:11:00PM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1482
From b40a0e4d5a05e78adce3c2eff0e981333a1a6e40 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrez...@redhat.com
Date: Thu, 18 Oct 2012 12:42:50 +0200
Subject: [PATCH] do
On Mon, Nov 05, 2012 at 05:54:10PM +0100, Pavel Březina wrote:
I found this bug when setting my own trust environment.
I was unable to match username@subdomain to subdomain. This patch
puts me a step forward. I can match the subdomain now, but I can't
get account info:
On Tue, Nov 06, 2012 at 03:36:37PM +0100, Pavel Březina wrote:
On 11/05/2012 06:16 PM, Sumit Bose wrote:
On Mon, Nov 05, 2012 at 05:54:10PM +0100, Pavel Březina wrote:
I found this bug when setting my own trust environment.
I was unable to match username@subdomain to subdomain. This patch
Hi,
this patch fixes https://fedorahosted.org/sssd/ticket/1610 by changing
the debug message. See commit message for details.
bye,
Sumit
From 2d87f59dae27587028db1b6b9183fff052da1c81 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 8 Nov 2012 10:11:15 +0100
Subject: [PATCH
On Thu, Nov 08, 2012 at 09:34:19AM -0500, Simo Sorce wrote:
On Wed, 2012-11-07 at 13:13 +0100, Sumit Bose wrote:
Can you change the function name to diff_gid_lists() ?
Also may be nice to change the following arg names:
current_gid_count - cur_gid_num
current_gids - cur_gid_list
On Sat, Nov 10, 2012 at 10:05:36PM -0500, Simo Sorce wrote:
This patch changes the way subdomain users are stored in the database.
Thank you for the patch.
I run couple of test and have not see an issue so far. But I have a
couple of comments, see below.
The reason for changing the way we
On Mon, Nov 12, 2012 at 02:14:17PM +0100, Jakub Hrozek wrote:
Reported by Sumit.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
On Mon, Nov 12, 2012 at 04:47:29PM +0100, Pavel Březina wrote:
This patch hides following message:
[client_registration] (0x0020): Unknown client! [PAC]
From 0a0437a444e473a3b5b62dc133723a87925a6e2b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrez...@redhat.com
Date:
On Mon, Nov 12, 2012 at 01:36:50PM -0500, Simo Sorce wrote:
On Mon, 2012-11-12 at 18:31 +0100, Sumit Bose wrote:
I wonder if those becli-bectx-*_cli members are still used
somewhere?
The only place I see is be_client_destructor() to print a debug
message
with the type of the client
in the server. Please see commit messages for further details.
bye,
Sumit
From ec91dbc33228db42314fc0e5c5dce547f2e3b534 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 8 Nov 2012 09:55:17 +0100
Subject: [PATCH 1/2] Always start PAC responder if IPA ID provider is
configured
Since
On Tue, Nov 13, 2012 at 05:23:13PM +0100, Jakub Hrozek wrote:
On Tue, Nov 13, 2012 at 01:43:25PM +0100, Sumit Bose wrote:
Hi,
the following two patches fix https://fedorahosted.org/sssd/ticket/1613
by running the PAC responder and the subdomains provider for an IPA
domain with being
On Tue, Nov 13, 2012 at 03:53:43PM +0100, Pavel Březina wrote:
On 11/12/2012 02:33 PM, Pavel Březina wrote:
On 11/09/2012 03:18 PM, Simo Sorce wrote:
On Fri, 2012-11-09 at 14:28 +0100, Pavel Březina wrote:
From 724ebcafa2d4e54df048ca2a578b03281fb7fe6f Mon Sep 17 00:00:00 2001
From:
which might block password changes under specific
conditions.
bye,
Sumit
From d8564ea3b360dc1909cc7a33e15cf4832e5c49f8 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 14 Nov 2012 13:56:43 +0100
Subject: [PATCH 1/3] Just use the service name with
krb5_get_init_creds_password
On Wed, Nov 14, 2012 at 09:01:15AM -0500, Simo Sorce wrote:
In some case we allocate and assign data to a const pointer.
When we then try to free it we would get a const warning because talloc_free
accepts a void, not a const void pointer. Use discard_const to avoid the
warning, it is safe in
On Wed, Nov 14, 2012 at 12:03:14PM -0500, Simo Sorce wrote:
On Wed, 2012-11-14 at 17:27 +0100, Sumit Bose wrote:
Hi,
the following three patches make password changes for trusted AD users
work and fix https://fedorahosted.org/sssd/ticket/1615 . The most
important fix, disabling
On Thu, Nov 15, 2012 at 07:44:24AM +0100, Jakub Hrozek wrote:
I'm sorry, I overlooked the compilation warning in the recent sudo
patches as I was testing on a VM that didn't have the silent rules
enabled. A patch is attached.
ACK
bye,
Sumit
From ceec408542627a21e9e08acebe9488d5f11e7147 Mon
://patchwork.acksyn.org/patch/336/
This patchset fixes: https://fedorahosted.org/sssd/ticket/1629
Simo Sorce (2):
Refactor the way subdomain accounts are saved
Handle conversion to fully qualified usernames
Sumit Bose (1):
Do not save HBAC rules in subdomain subtree
src/db
const char *src_name but it is unnecessary
Dropped the const
This should be hte last revision (last famous words :-)
:-)
ACK
bye,
Sumit
Simo.
Simo Sorce (2):
Refactor the way subdomain accounts are saved
Handle conversion to fully qualified usernames
Sumit Bose (1):
Do
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
From 1b3fe38f413307c5ff5540a3aa2311524ab26a74 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 19 Nov 2012 12:34:03 +0100
Subject: [PATCH] Simplify finish_upgrade()
---
src/db/sysdb_upgrade.c | 36
On Mon, Nov 19, 2012 at 03:45:06PM +0100, Jakub Hrozek wrote:
On Wed, Nov 14, 2012 at 06:33:04PM +0100, Sumit Bose wrote:
On Wed, Nov 14, 2012 at 12:03:14PM -0500, Simo Sorce wrote:
On Wed, 2012-11-14 at 17:27 +0100, Sumit Bose wrote:
Hi,
the following three patches make
On Mon, Nov 19, 2012 at 10:15:48PM +0100, Jakub Hrozek wrote:
On Mon, Nov 19, 2012 at 05:53:38PM +0100, Sumit Bose wrote:
On Mon, Nov 19, 2012 at 03:45:06PM +0100, Jakub Hrozek wrote:
On Wed, Nov 14, 2012 at 06:33:04PM +0100, Sumit Bose wrote:
On Wed, Nov 14, 2012 at 12:03:14PM -0500
On Tue, Nov 20, 2012 at 11:08:10AM +0100, Jakub Hrozek wrote:
I noticed a seemigly random crash in the monitor while testing the IPA
provider.
From 63e461f508bf406517826a1eeda82d1f6e389647 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Tue, 20 Nov 2012 05:03:32 -0500
On Tue, Nov 20, 2012 at 11:18:22AM +0100, Pavel Březina wrote:
On 11/19/2012 04:59 PM, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1638
Self nack.
-if (pwd_exp_warning == 0 ||
-difftime(now + pwd_exp_warning, ppolicy-expire) 0.0) {
+
On Wed, Nov 28, 2012 at 04:54:45PM +0100, Pavel Březina wrote:
On 11/28/2012 11:15 AM, Sumit Bose wrote:
On Tue, Nov 20, 2012 at 11:18:22AM +0100, Pavel Březina wrote:
On 11/19/2012 04:59 PM, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1638
Self nack
or
changing the order is too risky, please just ignore this patch.
bye,
Sumit
From 97ad669a7ab6e34d0c9f9e9d6cdac9444f86ba12 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 17 Dec 2012 22:08:59 +0100
Subject: [PATCH 1/2] select_principal_from_keytab() look for plain input as
well
On Mon, Dec 17, 2012 at 06:00:21PM -0800, Andrew Wygle wrote:
Hello,
Thanks to the help of this list I successfully got SSSD to
authenticate against a Windows Server 2008 R2 Active Directory domain
controller. SSH logins work. I am, however, having a problem with UID and
GID mappings.
Hi,
the following two patches fix gcc warnings I came across.
bye,
Sumit
From 914da6bfdb4bbeffac65bac7dc0c5fcc331d2772 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 19 Dec 2012 10:17:27 +0100
Subject: [PATCH 1/2] Fix a 'shadows a global declaration' warning
---
src/db
Hi,
which this patch Kerberos ticket renewal after reboot should work again.
bye,
Sumit
From 9a82919e0f480dcdbac17865b371d9c565a3445e Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 19 Dec 2012 18:37:32 +0100
Subject: [PATCH] krb5 tgt renewal: fix usage
On Fri, Jan 04, 2013 at 04:31:03PM +0100, Jakub Hrozek wrote:
On Fri, Dec 21, 2012 at 12:31:32PM +0100, Sumit Bose wrote:
On Wed, Dec 19, 2012 at 08:10:02AM -0500, Simo Sorce wrote:
On Tue, 2012-12-18 at 21:43 +0100, Sumit Bose wrote:
I started to change it but didn't like
On Mon, Jan 07, 2013 at 12:29:14AM +0100, Jakub Hrozek wrote:
This patchset fixes the SELinux processing so that it works also offline
for cases described in #1626 for example.
The code was architected in an extremely strange way where every request
would store a per-request/per-user score
On Tue, Jan 08, 2013 at 12:44:54PM +0100, Sumit Bose wrote:
On Mon, Jan 07, 2013 at 12:29:14AM +0100, Jakub Hrozek wrote:
This patchset fixes the SELinux processing so that it works also offline
for cases described in #1626 for example.
The code was architected in an extremely strange
On Tue, Jan 08, 2013 at 02:51:07PM +0100, Jakub Hrozek wrote:
On Tue, Jan 08, 2013 at 01:37:50PM +0100, Sumit Bose wrote:
On Tue, Jan 08, 2013 at 12:44:54PM +0100, Sumit Bose wrote:
On Mon, Jan 07, 2013 at 12:29:14AM +0100, Jakub Hrozek wrote:
This patchset fixes the SELinux processing
:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 9 Jan 2013 10:42:29 +0100
Subject: [PATCH] Add a default section to a swtich-statement
Besides adding the missing default this patch suppresses a compiler
warning about ret being uninitialized.
---
src/tools/sss_cache.c |3 +++
1 files
On Sun, Jan 06, 2013 at 02:44:14PM +0100, Jakub Hrozek wrote:
There is one quirk that comes with using tokenGroups - the user is
reported as a member of groups that are parent groups of his primary
SID/GID as well. These group memberships are reflected in the database
with member/memberof
, Jan 09, 2013 at 11:31:53AM +0100, Jakub Hrozek wrote:
On Wed, Jan 09, 2013 at 10:51:34AM +0100, Sumit Bose wrote:
Hi,
a switch statement which was introduced with Remove unhelpful
vtable
from sss_cache has a missing default section which results
On Mon, Jan 07, 2013 at 03:06:59PM +0100, Jakub Hrozek wrote:
On Mon, Jan 07, 2013 at 02:51:53PM +0100, Jakub Hrozek wrote:
On Sun, Jan 06, 2013 at 02:35:42PM +0100, Jakub Hrozek wrote:
Please see the commit message. I was wondering whether to include a new
sysdb function, but then I
On Wed, Jan 09, 2013 at 03:37:17PM +0100, Jakub Hrozek wrote:
On Wed, Jan 09, 2013 at 02:32:41PM +0100, Sumit Bose wrote:
On Sun, Jan 06, 2013 at 02:44:14PM +0100, Jakub Hrozek wrote:
There is one quirk that comes with using tokenGroups - the user is
reported as a member of groups
On Wed, Jan 09, 2013 at 05:47:06PM +0100, Jakub Hrozek wrote:
On Wed, Jan 09, 2013 at 05:41:54PM +0100, Sumit Bose wrote:
On Mon, Jan 07, 2013 at 03:06:59PM +0100, Jakub Hrozek wrote:
On Mon, Jan 07, 2013 at 02:51:53PM +0100, Jakub Hrozek wrote:
On Sun, Jan 06, 2013 at 02:35:42PM +0100
On Tue, Jan 15, 2013 at 02:38:59PM +0100, Jakub Hrozek wrote:
Patch only for master.
I'm sorry, I missed this codepath when testing the recent changes.
ACK
bye,
Sumit
From ac3aed75dbfcfdd4af605ca5bea0ac4baf7c2517 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Tue,
On Tue, Jan 15, 2013 at 02:41:33PM +0100, Jakub Hrozek wrote:
The attached patches fix https://fedorahosted.org/sssd/ticket/1764. We
were only invalidating memcache when removing users or groups, but we
should invalidate it on any changes including changes to group
memberships etc.
Patches
On Tue, Jan 22, 2013 at 09:35:18AM +0100, Jakub Hrozek wrote:
On Sat, Jan 19, 2013 at 07:19:38PM +0100, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1773
Commit bf8cce77a35cb0a3cdb0d21fb9c39b7b6372bc11 broke
pam_pwd_expiration_warning because it started treating its value as
On Wed, Jan 23, 2013 at 05:21:00PM +0100, Jakub Hrozek wrote:
[PATCH 1/2] SYSDB: make the sss_ldb_modify_permissive function public
SSIA
[PATCH 2/2] SYSDB: Expire group if adding ghost users fails with EEXIST
In some cases, the ghost attribute is propagated from a nested group
before being
On Fri, Jan 25, 2013 at 04:12:38PM +0100, Michal Židek wrote:
Bug found by coverity.
https://fedorahosted.org/sssd/ticket/1790
Patch is attached.
Thanks
Michal
sorry, there are missing braces:
-DEBUG(SSSDBG_CRIT_FAILURE, talloc_zero() failed.\n);
+
On Fri, Jan 25, 2013 at 05:38:25PM +0100, Michal Židek wrote:
On 01/25/2013 04:52 PM, Sumit Bose wrote:
On Fri, Jan 25, 2013 at 04:12:38PM +0100, Michal Židek wrote:
Bug found by coverity.
https://fedorahosted.org/sssd/ticket/1790
Patch is attached.
Thanks
Michal
sorry
debug level to connection to the
domain controller can also be verified with the netstat or ss utilities.
=== Author(s) ===
Sumit Bose sb...@redhat.com
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman
On Thu, Jan 31, 2013 at 11:31:35AM +0100, Pavel Březina wrote:
On 01/29/2013 09:50 PM, Alexander Bokovoy wrote:
krb5.conf manual page states that includedir allows to source all
files which names are constructed from alpha-numeric chars, dashes and
underscores.
Files with other characters
601 - 700 of 3319 matches
Mail list logo