On Tue, Oct 22, 2013 at 10:15:27AM +0200, Jakub Hrozek wrote:
On Mon, Oct 21, 2013 at 02:54:24PM +0200, Sumit Bose wrote:
Hi,
these two patches are the SSSD part to fix
https://fedorahosted.org/sssd/ticket/2030 . To reset the timeouts I
introduced a new callback type which is always
On Tue, Oct 22, 2013 at 10:46:04AM +0200, Sumit Bose wrote:
Hi,
this patch tries to fix https://fedorahosted.org/sssd/ticket/2126 . Se
commit message for details.
sorry, but the check in the first patch is too strict. When doing a
rootDSE lookup as the very first LDAP request sh-connected
On Tue, Oct 22, 2013 at 10:58:57AM +0200, Sumit Bose wrote:
On Tue, Oct 22, 2013 at 10:15:27AM +0200, Jakub Hrozek wrote:
On Mon, Oct 21, 2013 at 02:54:24PM +0200, Sumit Bose wrote:
Hi,
these two patches are the SSSD part to fix
https://fedorahosted.org/sssd/ticket/2030 . To reset
member domain gets a proper range assigned if the forest root is
configured to manage the POSIX attributes.
bye,
Sumit
From e1a86771137f67e0e8d24c4bbb014bfc21d85538 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 23 Oct 2013 14:39:55 +0200
Subject: [PATCH 1/4] find_subdomain_by_sid
On Thu, Oct 24, 2013 at 11:54:30AM +0200, Lukas Slebodnik wrote:
ehlo,
Global catalog port was ignored from SRV record, hard coded value was used
every time.
1st patch should fix it.
good catch, but see my comment below.
2nd patch add fall back to LDAP if GC is not available.
with this
On Fri, Oct 25, 2013 at 11:21:28AM +0200, Jakub Hrozek wrote:
On Thu, Oct 24, 2013 at 02:14:59PM +0200, Sumit Bose wrote:
Hi,
this patch set tries to fix https://fedorahosted.org/sssd/ticket/2101 .
Currently we rely on the fact that the external mapping is the default
in the case
On Thu, Oct 24, 2013 at 01:13:25PM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1968
The patches do not cleanly apply to current master, can you send a
rebased version?
bye,
Sumit
___
sssd-devel mailing list
On Fri, Oct 25, 2013 at 02:46:31PM +0200, Lukas Slebodnik wrote:
On (25/10/13 11:54), Sumit Bose wrote:
On Thu, Oct 24, 2013 at 11:54:30AM +0200, Lukas Slebodnik wrote:
ehlo,
Global catalog port was ignored from SRV record, hard coded value was used
every time.
1st patch should fix
On Fri, Oct 25, 2013 at 03:09:54PM +0200, Pavel Březina wrote:
On 10/25/2013 02:44 PM, Sumit Bose wrote:
On Thu, Oct 24, 2013 at 01:13:25PM +0200, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1968
The patches do not cleanly apply to current master, can you send a
rebased
On Fri, Oct 25, 2013 at 12:58:23PM +0200, Pavel Březina wrote:
On 10/25/2013 10:55 AM, Pavel Březina wrote:
On 10/24/2013 08:40 PM, Jakub Hrozek wrote:
On Wed, Oct 02, 2013 at 04:13:32PM +0200, Pavel Březina wrote:
On 10/01/2013 09:54 PM, Jakub Hrozek wrote:
On Tue, Sep 24, 2013 at 03:17:47PM
On Fri, Oct 25, 2013 at 01:42:56PM -0400, Pavel Brezina wrote:
- Original Message -
From: Sumit Bose sb...@redhat.com
To: sssd-devel@lists.fedorahosted.org
Sent: Friday, October 25, 2013 4:56:58 PM
Subject: Re: [SSSD] [PATCHES] dp: free sdap domain if subdomain is removed
On Mon, Oct 28, 2013 at 10:28:07PM +0100, Jakub Hrozek wrote:
On Mon, Oct 28, 2013 at 10:20:24PM +0100, Sumit Bose wrote:
On Mon, Oct 28, 2013 at 04:55:17PM +0100, Jakub Hrozek wrote:
Hi,
The first patch adds a unit test for getgrnam. I wanted to make sure we
don't break anything
On Tue, Oct 29, 2013 at 11:41:52AM +0100, Jakub Hrozek wrote:
On Tue, Oct 29, 2013 at 10:12:34AM +0100, Jakub Hrozek wrote:
On Tue, Oct 29, 2013 at 09:43:08AM +0100, Sumit Bose wrote:
On Mon, Oct 28, 2013 at 10:28:07PM +0100, Jakub Hrozek wrote:
On Mon, Oct 28, 2013 at 10:20:24PM +0100
On Tue, Oct 29, 2013 at 02:46:22PM +0100, Jakub Hrozek wrote:
On Tue, Oct 29, 2013 at 12:37:11PM +0100, Sumit Bose wrote:
On Tue, Oct 29, 2013 at 11:41:52AM +0100, Jakub Hrozek wrote:
On Tue, Oct 29, 2013 at 10:12:34AM +0100, Jakub Hrozek wrote:
On Tue, Oct 29, 2013 at 09:43:08AM +0100
Hi,
Pavel found an issue while using getpwuid() or getgrgid() with
algorithmic mapping for sub-domain users and an empty cache. This patch
should fix the issue.
bye,
Sumit
From 9bd5a2eb683485e092d64a2fddff047f56fa7836 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 29 Oct
On Wed, Oct 30, 2013 at 04:32:58PM +0100, Jakub Hrozek wrote:
On Wed, Oct 30, 2013 at 11:26:21AM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/30/2013 10:29 AM, Pavel Březina wrote:
Nack. This happens to work by coincidence (we're
Hi,
Steeve found some unusual behaviour during his test which led to the
shutdown of the whole SSSD. The attached patch should fix it.
bye,
Sumit
From 005ac171d7bcc57db262f9df50a8ba22b01ec510 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 30 Oct 2013 16:49:26 +0100
Subject
On Wed, Oct 30, 2013 at 03:21:16PM +0100, Pavel Březina wrote:
On 10/29/2013 01:43 PM, Pavel Březina wrote:
On 10/28/2013 10:00 PM, Sumit Bose wrote:
On Mon, Oct 28, 2013 at 04:51:27PM +0100, Jakub Hrozek wrote:
On Fri, Oct 25, 2013 at 10:40:28PM +0200, Jakub Hrozek wrote:
On Fri, Oct 25
On Wed, Oct 30, 2013 at 09:43:55PM +0100, Jakub Hrozek wrote:
I'm sorry about the breakage, but if the ad_access_filter was unset yet
access_provider was set to AD, access was denied. Even though the access
order was set correctly to expire, filter, the filter being NULL
caused problems. A
On Thu, Oct 31, 2013 at 07:51:20PM +0100, Jakub Hrozek wrote:
On Thu, Oct 31, 2013 at 10:37:13AM +0100, Pavel Březina wrote:
On 10/22/2013 12:29 PM, Jakub Hrozek wrote:
On Mon, Oct 21, 2013 at 05:33:33PM +0200, Jakub Hrozek wrote:
On Mon, Oct 21, 2013 at 10:38:19AM -0400, Simo Sorce wrote:
Hi,
with this patch it is not required anymore to have cifs-utils-devel
installed for the default build.
Fixes https://fedorahosted.org/sssd/ticket/2125
bye,
Sumit
From 35f5932946d67a943146411a336afac34a78fb90 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 1 Nov 2013 18
Hi,
recently I added some unit tests for find_subdomain_by_sid. This patch
enhances those and adds similar tests for find_subdomain_by_name.
bye,
Sumit
From b388d07ff5f81473c6f54dade9a7acd1a17f7d0c Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 1 Nov 2013 18:40:08 +0100
On Mon, Nov 04, 2013 at 12:13:52PM +0100, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/2133
Patches are looking good, I wonder why you did not cover binary SIDs,
i.e. *_to_bin_sid() calls?
bye,
Sumit
___
sssd-devel mailing list
On Mon, Nov 04, 2013 at 12:05:15PM +0100, Lukas Slebodnik wrote:
On (01/11/13 18:41), Sumit Bose wrote:
Hi,
with this patch it is not required anymore to have cifs-utils-devel
installed for the default build.
Fixes https://fedorahosted.org/sssd/ticket/2125
bye,
Sumit
From
On Mon, Nov 04, 2013 at 10:36:56AM -0500, Simo Sorce wrote:
On Mon, 2013-11-04 at 16:21 +0100, Sumit Bose wrote:
On Mon, Nov 04, 2013 at 12:05:15PM +0100, Lukas Slebodnik wrote:
On (01/11/13 18:41), Sumit Bose wrote:
Hi,
with this patch it is not required anymore to have cifs-utils
On Tue, Nov 05, 2013 at 12:29:25PM +0100, Pavel Březina wrote:
On 11/04/2013 04:39 PM, Pavel Brezina wrote:
- Original Message -
From: Sumit Bose sb...@redhat.com
To: sssd-devel@lists.fedorahosted.org
Sent: Monday, November 4, 2013 3:03:04 PM
Subject: Re: [SSSD] [PATCHES] idmap
On Thu, Nov 07, 2013 at 12:02:12PM +0100, Jakub Hrozek wrote:
See attached patch.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
On Fri, Nov 08, 2013 at 10:32:04AM +0100, Chris Leick wrote:
Hi,
please find attached the german po4a translation of sssd.
While translating, I've found some bugs in the english text. They
are marked in the po file with »FIXME«.
Thanks a lot for this contribution. I've found a few minor
/manual/html_node/Linking.html for
further details.
bye,
Sumit
From a2b6c827cdf83372324081f0a63f02ca89fc990a Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 8 Nov 2013 14:51:34 +0100
Subject: [PATCH] Replace prog_DEPENDENCIES with EXTRA_prog_DEPENDENCIES
Automake computes build
On Mon, Nov 11, 2013 at 09:24:17AM +0100, Lukas Slebodnik wrote:
On (08/11/13 15:01), Sumit Bose wrote:
Hi,
I was fighting with some failing unit tests until I discovered that some
build dependencies were not re-compiled although I've modified them.
After some further digging I came across
On Mon, Nov 11, 2013 at 08:56:12AM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 09:20 +0100, Sumit Bose wrote:
On Sat, Nov 09, 2013 at 04:26:36PM -0500, Simo Sorce wrote:
While checking if our custom signal handlers properly handle errno, I
stumbled on a few cleanups, they are attached
On Mon, Nov 11, 2013 at 10:41:46AM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 15:01 +0100, Sumit Bose wrote:
Hi,
with the patch set SSSD can resolve so called Well-Known SID, i.e. SIDs
with a special, hard-coded meaning.
Currently a man page entry for this feature is missing. I
On Mon, Nov 11, 2013 at 10:03:11PM +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 10:41:46AM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 15:01 +0100, Sumit Bose wrote:
Hi,
with the patch set SSSD can resolve so called Well-Known SID, i.e. SIDs
with a special, hard-coded
On Mon, Nov 11, 2013 at 12:50:54PM +0100, Pavel Březina wrote:
From f9f6e1ce452f9dc507c4779e6ff74aea412e9457 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrez...@redhat.com
Date: Mon, 11 Nov 2013 12:47:53 +0100
Subject: [PATCH] pac: fix double free
---
On Mon, Nov 11, 2013 at 02:37:39PM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 17:33 +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 08:56:12AM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 09:20 +0100, Sumit Bose wrote:
On Sat, Nov 09, 2013 at 04:26:36PM -0500, Simo Sorce wrote
On Mon, Nov 11, 2013 at 05:29:17PM +0100, Lukas Slebodnik wrote:
On (04/11/13 10:36), Simo Sorce wrote:
On Mon, 2013-11-04 at 16:21 +0100, Sumit Bose wrote:
On Mon, Nov 04, 2013 at 12:05:15PM +0100, Lukas Slebodnik wrote:
On (01/11/13 18:41), Sumit Bose wrote:
Hi,
with this patch
On Tue, Nov 12, 2013 at 10:45:48AM +0100, Jakub Hrozek wrote:
On Tue, Nov 12, 2013 at 10:27:48AM +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 02:37:39PM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 17:33 +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 08:56:12AM -0500, Simo Sorce
On Tue, Nov 12, 2013 at 10:41:16AM +0100, Jakub Hrozek wrote:
On Mon, Nov 11, 2013 at 06:28:33PM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 22:03 +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 10:41:46AM -0500, Simo Sorce wrote:
Why should we reserve these names ?
These SID
On Tue, Nov 12, 2013 at 01:40:50PM +0100, Jakub Hrozek wrote:
We kept the string form of the PAC UID list allocated on top responder
context for no reason.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
On Tue, Nov 12, 2013 at 01:42:32PM +0100, Pavel Březina wrote:
On 11/12/2013 10:03 AM, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 12:50:54PM +0100, Pavel Březina wrote:
From f9f6e1ce452f9dc507c4779e6ff74aea412e9457 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrez
On Fri, Nov 15, 2013 at 05:47:08PM +0100, Jakub Hrozek wrote:
On Wed, Nov 13, 2013 at 01:12:02PM +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 06:28:33PM -0500, Simo Sorce wrote:
On Mon, 2013-11-11 at 22:03 +0100, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 10:41:46AM -0500, Simo Sorce
On Mon, Nov 18, 2013 at 04:44:46PM +0100, Jakub Hrozek wrote:
A RHEL customer was hitting this issue. To reproduce, just enable the
matching rule and request an empty group.
ACK.
But I think the main problem is that we are a bit inconsistent handling
ENOENT and the return values. If haven't
On Fri, Nov 15, 2013 at 01:45:15PM +0100, Pavel Březina wrote:
On 11/13/2013 11:43 AM, Sumit Bose wrote:
On Tue, Nov 12, 2013 at 01:42:32PM +0100, Pavel Březina wrote:
On 11/12/2013 10:03 AM, Sumit Bose wrote:
On Mon, Nov 11, 2013 at 12:50:54PM +0100, Pavel Březina wrote:
From
On Wed, Nov 20, 2013 at 02:11:42PM +0100, Pavel Březina wrote:
On 11/19/2013 10:38 AM, Sumit Bose wrote:
On Fri, Nov 15, 2013 at 01:45:15PM +0100, Pavel Březina wrote:
On 11/13/2013 11:43 AM, Sumit Bose wrote:
On Tue, Nov 12, 2013 at 01:42:32PM +0100, Pavel Březina wrote:
On 11/12/2013 10:03
environment can test them for the other object
types as well.
bye,
Sumit
From ad4fd97a4aa9460f7958d0e49d82c8a899f92a52 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 25 Nov 2013 17:54:06 +0100
Subject: [PATCH 1/2] sss_cache: initialize names member of sss_domain_info
sss_tc_fqname
On Thu, Nov 28, 2013 at 08:54:40AM +, greg.lehm...@csiro.au wrote:
Hi All,
I'm after some help tracking this problem down. I am seeing
this from a few different OSes all with the same AD realm: CentOS 6.4, SLES
11SP3 and opensuse 13.1 all of which run sssd 1.9.x and SLES
On Thu, Nov 28, 2013 at 04:40:04PM +0100, Jakub Hrozek wrote:
Hi,
while testing the offline subdomain logins, I found out that clock skew
(which is still an issue in trusted environments even after the recent
MIT Kerberos changes) results in System Error.
The attached patch simply treats
On Thu, Nov 28, 2013 at 04:02:21PM +0100, Jakub Hrozek wrote:
Please see the simple attached patch. To reproduce, start sssd in
offline mode and attempt to authenticate as subdomain user.
The patch is working as expected. I wonder if it would be better to call
sysdb_update_subdomains() during
Hi,
I have two ideas how to fix #2148 Individual group search returned
multiple results in GC lookups.
First a short summary of the issue. In an AD forest where domain have
hierarchical DNS name, e.g. example.com, child.example.com,
grandchild.example.com, a global catalog search for the group
On Mon, Dec 02, 2013 at 01:24:53PM +0100, Jakub Hrozek wrote:
On Mon, Dec 02, 2013 at 01:06:12PM +0100, Sumit Bose wrote:
Hi,
I have two ideas how to fix #2148 Individual group search returned
multiple results in GC lookups.
First a short summary of the issue. In an AD forest where
On Tue, Dec 03, 2013 at 02:01:27PM +0100, Jakub Hrozek wrote:
On Thu, Nov 28, 2013 at 05:55:44PM +0100, Sumit Bose wrote:
On Wed, Nov 27, 2013 at 02:50:35PM +0100, Jakub Hrozek wrote:
On Tue, Nov 26, 2013 at 11:51:41AM +0100, Sumit Bose wrote:
Hi,
Steeve found some issues when
On Tue, Dec 03, 2013 at 03:49:56PM +0100, Jakub Hrozek wrote:
On Fri, Nov 29, 2013 at 12:11:03PM +0100, Jakub Hrozek wrote:
On Fri, Nov 29, 2013 at 12:06:37PM +0100, Sumit Bose wrote:
On Thu, Nov 28, 2013 at 04:02:21PM +0100, Jakub Hrozek wrote:
Please see the simple attached patch
On Wed, Dec 04, 2013 at 05:22:06PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 10:42:52AM +0100, Sumit Bose wrote:
On Tue, Dec 03, 2013 at 02:01:27PM +0100, Jakub Hrozek wrote:
On Thu, Nov 28, 2013 at 05:55:44PM +0100, Sumit Bose wrote:
On Wed, Nov 27, 2013 at 02:50:35PM +0100
17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 5 Dec 2013 13:26:39 +0100
Subject: [PATCH] rfc2307bis_nested_groups_send: reuse search base
If there are multiple members in the sdom list, always the search base
of the first entry were used.
---
src/providers/ldap
On Thu, Dec 05, 2013 at 02:09:05PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 05:25:48PM +0100, Sumit Bose wrote:
On Tue, Dec 03, 2013 at 03:49:56PM +0100, Jakub Hrozek wrote:
On Fri, Nov 29, 2013 at 12:11:03PM +0100, Jakub Hrozek wrote:
On Fri, Nov 29, 2013 at 12:06:37PM +0100
On Thu, Dec 05, 2013 at 02:14:59PM +0100, Jakub Hrozek wrote:
On Thu, Dec 05, 2013 at 02:14:11PM +0100, Jakub Hrozek wrote:
On Thu, Dec 05, 2013 at 02:09:05PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 05:25:48PM +0100, Sumit Bose wrote:
On Tue, Dec 03, 2013 at 03:49:56PM +0100
On Tue, Dec 10, 2013 at 02:44:37PM +0100, Lukas Slebodnik wrote:
ehlo,
krb5-1.12-beta2 was released few days ago.
pac responder was not properly detected with krb5 1.12 library,
because it was not recognized as supported.
The simple patch is attached.
LS
ACK
Just for your
On Tue, Dec 10, 2013 at 02:55:24PM +0100, Jakub Hrozek wrote:
On Tue, Dec 10, 2013 at 02:44:37PM +0100, Lukas Slebodnik wrote:
ehlo,
krb5-1.12-beta2 was released few days ago.
pac responder was not properly detected with krb5 1.12 library,
because it was not recognized as supported.
On Tue, Dec 10, 2013 at 04:20:19PM +0100, Jakub Hrozek wrote:
On Tue, Dec 10, 2013 at 03:01:59PM +0100, Sumit Bose wrote:
On Tue, Dec 10, 2013 at 02:55:24PM +0100, Jakub Hrozek wrote:
On Tue, Dec 10, 2013 at 02:44:37PM +0100, Lukas Slebodnik wrote:
ehlo,
krb5-1.12-beta2
On Wed, Nov 20, 2013 at 02:41:49PM +0100, Pavel Březina wrote:
On 11/19/2013 11:52 AM, Jakub Hrozek wrote:
On Fri, Nov 15, 2013 at 12:22:53PM +0100, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1568
From b66343b207679cbbbdb5d4a54a7f465fbf2ec97f Mon Sep 17 00:00:00 2001
From:
09f69a209548102d00f484f0665ffcb810d5722c Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 9 Dec 2013 11:45:28 +0100
Subject: [PATCH] AD: use LDAP for group lookups
The group memberships cannot be reliable retrieved from the Global
Catalog. By default the memberOf attribute
On Thu, Dec 12, 2013 at 11:46:01AM +0100, Pavel Březina wrote:
On 12/10/2013 04:59 PM, Sumit Bose wrote:
On Wed, Nov 20, 2013 at 02:41:49PM +0100, Pavel Březina wrote:
On 11/19/2013 11:52 AM, Jakub Hrozek wrote:
On Fri, Nov 15, 2013 at 12:22:53PM +0100, Pavel Březina wrote:
https
On Thu, Dec 12, 2013 at 09:57:38PM +0100, Jakub Hrozek wrote:
On Wed, Dec 11, 2013 at 03:12:13PM +0100, Sumit Bose wrote:
Hi,
this patch should fix the issues related to group-memberships in the AD
provider. The aim was to fix https://fedorahosted.org/sssd/ticket/2161
but since now
On Sat, Dec 14, 2013 at 10:18:32PM +0100, Jakub Hrozek wrote:
Hi,
I found this bug when testing the GC patches. Previously, when SSSD was
started, but subdomains list was up-to-date, the ad_ctx was not
initialized for the subdomain.
I was also thinking whether we should re-initialize the
On Thu, Dec 05, 2013 at 01:56:41PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 05:56:30PM +0100, Sumit Bose wrote:
On Wed, Dec 04, 2013 at 05:22:06PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 10:42:52AM +0100, Sumit Bose wrote:
On Tue, Dec 03, 2013 at 02:01:27PM +0100
On Mon, Dec 16, 2013 at 07:05:16PM +0100, Jakub Hrozek wrote:
On Mon, Dec 16, 2013 at 07:03:11PM +0100, Jakub Hrozek wrote:
On Mon, Dec 16, 2013 at 12:04:44PM +0100, Sumit Bose wrote:
On Sat, Dec 14, 2013 at 10:18:32PM +0100, Jakub Hrozek wrote:
Hi,
I found this bug when testing
On Tue, Dec 17, 2013 at 05:34:44PM +0100, Jakub Hrozek wrote:
On Tue, Dec 17, 2013 at 05:02:07PM +0100, Jakub Hrozek wrote:
On Mon, Dec 16, 2013 at 10:09:58PM +0100, Sumit Bose wrote:
On Mon, Dec 16, 2013 at 07:05:16PM +0100, Jakub Hrozek wrote:
On Mon, Dec 16, 2013 at 07:03:11PM +0100
On Wed, Dec 18, 2013 at 06:17:50PM +0100, Jakub Hrozek wrote:
Hi,
I'm sorry, but I broke the IPA server mode with my previous patch :-(
ipa_ad_subdom_refresh was called before IPA server context was
initialized. On IPA server, this caused the code to dereference a NULL
pointer and crash.
On Wed, Dec 18, 2013 at 03:30:41PM +0100, Jakub Hrozek wrote:
On Mon, Dec 16, 2013 at 03:49:01PM +0100, Sumit Bose wrote:
On Thu, Dec 05, 2013 at 01:56:41PM +0100, Jakub Hrozek wrote:
On Wed, Dec 04, 2013 at 05:56:30PM +0100, Sumit Bose wrote:
On Wed, Dec 04, 2013 at 05:22:06PM +0100
://lists.fedorahosted.org/mailman/listinfo/sssd-devel
From 9ec215c6a84e7fdc2e3df4c92e7b6ed7db118742 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 25 Nov 2013 17:54:06 +0100
Subject: [PATCH 1/5] sss_cache: initialize names member of sss_domain_info
sss_tc_fqname() called
On Thu, Dec 19, 2013 at 11:10:08AM +0100, Jakub Hrozek wrote:
On Sat, Dec 14, 2013 at 10:15:14PM +0100, Jakub Hrozek wrote:
Hi,
we're debating what is the right approach to GC lookups by default, but
for the 1.11.3 release, we should offer an option to fall back from GC
to LDAP. The
On Tue, Dec 17, 2013 at 08:02:58PM +0100, Pavel Reichl wrote:
Hello,
please see attached patch fixing missing attribute forest for AD
domains.
the patch looks good, but you only set the forest for the configured
domain (the domain the client is joined to) but not for all other
domains in
Hi,
some of the recent changes to the AD group membership lookups broke
those lookups for the IPA server mode. This patch should fix it.
bye,
Sumit
From 48afb0dd8bff534c1867e7f767e563fe97402db4 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 7 Jan 2014 13:04:58 +0100
On Thu, Dec 19, 2013 at 09:10:59PM +0100, Pavel Reichl wrote:
On Thu, 2013-12-19 at 13:54 +0100, Sumit Bose wrote:
On Tue, Dec 17, 2013 at 08:02:58PM +0100, Pavel Reichl wrote:
Hello,
please see attached patch fixing missing attribute forest for AD
domains.
the patch looks
On Wed, Jan 08, 2014 at 05:55:35PM +0100, Jakub Hrozek wrote:
Hi,
the attached patch solves https://fedorahosted.org/sssd/ticket/2164 by
special casing an openldap return code.
One drawback of the patch is that if the new return code bubbles all the
way up, calls to strerror (as opposed
On Thu, Jan 09, 2014 at 10:50:36AM +0100, Jakub Hrozek wrote:
On Thu, Jan 09, 2014 at 10:39:25AM +0100, Sumit Bose wrote:
On Wed, Jan 08, 2014 at 05:55:35PM +0100, Jakub Hrozek wrote:
Hi,
the attached patch solves https://fedorahosted.org/sssd/ticket/2164 by
special casing
On Tue, Dec 17, 2013 at 05:18:38PM +0100, Lukas Slebodnik wrote:
ehlo,
attached patches address ticket #2172
I think you meant #2175?
LS
From e9bc3fa6bd52afc5108e79182f32bb26d2843609 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik lsleb...@redhat.com
Date: Fri, 13 Dec 2013 15:33:23
On Thu, Jan 09, 2014 at 06:01:21PM +0100, Lukas Slebodnik wrote:
On (09/01/14 14:10), Sumit Bose wrote:
On Tue, Dec 17, 2013 at 05:18:38PM +0100, Lukas Slebodnik wrote:
ehlo,
attached patches address ticket #2172
I think you meant #2175?
I meant #2172.
LS
From
On Tue, Dec 17, 2013 at 09:00:25PM +0100, Jakub Hrozek wrote:
Hi,
the attached patches address ticket
https://fedorahosted.org/sssd/ticket/2142
There are some things I'm still not satisfied with and one of them is
refreshing subdomains. Currently the subdomain refresh happens after
On Fri, Jan 10, 2014 at 02:35:12PM +0100, Jakub Hrozek wrote:
On Fri, Jan 10, 2014 at 12:59:05PM +0100, Sumit Bose wrote:
On Tue, Dec 17, 2013 at 09:00:25PM +0100, Jakub Hrozek wrote:
Hi,
the attached patches address ticket
https://fedorahosted.org/sssd/ticket/2142
On Wed, Jan 15, 2014 at 04:10:09PM +0100, Pavel Reichl wrote:
Hello,
please see attached patch.
PR
I'm quite confident that the patch works as expected, but I think it is
a bit too strong. The ticket only asks to do this for the IPA server
running in ipa-server-mode. Your patch will
On Wed, Jan 15, 2014 at 05:05:05PM +0100, Jakub Hrozek wrote:
On Wed, Jan 15, 2014 at 04:51:11PM +0100, Sumit Bose wrote:
On Wed, Jan 15, 2014 at 04:10:09PM +0100, Pavel Reichl wrote:
Hello,
please see attached patch.
PR
I'm quite confident that the patch works as expected
On Fri, Jan 17, 2014 at 12:04:38PM +0100, Jakub Hrozek wrote:
On Fri, Jan 17, 2014 at 11:55:08AM +0100, Pavel Reichl wrote:
We just have to remember to touch this code, if we start to support home
directories defined in AD.
I'm sorry that I failed to see what you were implying.
On Fri, Jan 17, 2014 at 12:56:09PM +0100, Jakub Hrozek wrote:
On Fri, Jan 17, 2014 at 12:43:04PM +0100, Sumit Bose wrote:
On Fri, Jan 17, 2014 at 12:04:38PM +0100, Jakub Hrozek wrote:
On Fri, Jan 17, 2014 at 11:55:08AM +0100, Pavel Reichl wrote:
We just have to remember to touch
On Mon, Jan 20, 2014 at 05:07:32PM +0100, Jakub Hrozek wrote:
I found this small typo in man page when working on another bugzilla.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
On Wed, Jan 15, 2014 at 03:51:05PM +0100, Lukas Slebodnik wrote:
On (09/01/14 18:58), Sumit Bose wrote:
On Thu, Jan 09, 2014 at 06:01:21PM +0100, Lukas Slebodnik wrote:
On (09/01/14 14:10), Sumit Bose wrote:
On Tue, Dec 17, 2013 at 05:18:38PM +0100, Lukas Slebodnik wrote:
ehlo
On Tue, Jan 21, 2014 at 07:08:55PM -0500, Yassir Elley wrote:
It seems that the only network protocols used by SSSD are LDAP, KRB5, and
DNS. On the other hand, Samba makes RPC calls all over the place (for
authentication, etc).
* Does sssd make any RPC calls (e.g. when interacting with a
On Fri, Jan 24, 2014 at 10:53:02AM +0100, Jakub Hrozek wrote:
Hi,
During further testing, Kaushik found out that requesting an ID that
doesn't match any configured ID mapping domain still emits strange error
messages:
(Wed Jan 22 11:35:58 2014) [sssd[be[sssdad2012.com]]]
On Fri, Jan 24, 2014 at 10:53:02AM +0100, Jakub Hrozek wrote:
Hi,
During further testing, Kaushik found out that requesting an ID that
doesn't match any configured ID mapping domain still emits strange error
messages:
(Wed Jan 22 11:35:58 2014) [sssd[be[sssdad2012.com]]]
On Fri, Jan 24, 2014 at 01:21:36PM +0100, Jakub Hrozek wrote:
On Fri, Jan 24, 2014 at 12:00:13PM +0100, Sumit Bose wrote:
ACK.
I wonder if you want to fix a copy-and-paste error in the following
comment before push the patch?
@@ -497,7 +513,19 @@ struct tevent_req *groups_get_send
On Tue, Jan 21, 2014 at 11:30:47AM +0100, Lukas Slebodnik wrote:
ehlo,
I found few unused macros: PAM_SM_AUTH, PAM_SM_ACCOUNT, PAM_SM_SESSION,
PAM_SM_PASSWORD.
In my opinion, they were proposed for the same purpose as values from
enum sss_cli_command (SSS_PAM_AUTHENTICATE,
Hi,
while testing Jakub's enumeration fixes I came across this.
bye,
Sumit
From 5199aa89f5e856aa390161d142480187d0e4651b Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 24 Jan 2014 16:52:22 +0100
Subject: [PATCH] AD SRV: use right domain name for CLDAP ping
Currently
On Mon, Jan 27, 2014 at 03:49:15PM +, Rowland Penny wrote:
Hi, there is a bit of a debate going on over on the samba list,
about using sssd or winbind. It is now being said that sssd should
not be used on a file server because sssd cannot do what winbind can
do.
So here are the
On Mon, Jan 27, 2014 at 04:25:26PM +, Rowland Penny wrote:
On 27/01/14 16:10, Sumit Bose wrote:
On Mon, Jan 27, 2014 at 03:49:15PM +, Rowland Penny wrote:
Hi, there is a bit of a debate going on over on the samba list,
about using sssd or winbind. It is now being said that sssd should
On Tue, Jan 28, 2014 at 03:34:52PM +0100, Jakub Hrozek wrote:
On Tue, Jan 28, 2014 at 11:17:55AM +0100, Sumit Bose wrote:
Thank you for the review. A new set of patches is attached.
Patches 1, 2, 3 and 5 are looking good.
In patch 4 you add ad_enum_subdom_send
On Wed, Jan 29, 2014 at 03:39:41PM +0100, Pavel Březina wrote:
On 01/27/2014 11:33 PM, Jakub Hrozek wrote:
Hi,
When the schema is set to AD and ID mapping is used, there is a one-time
you wanted to say when ID mapping is *not* used
check ran when searching for users to detect the
On Wed, Jan 29, 2014 at 05:20:55PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 04:03:15PM +0100, Sumit Bose wrote:
On Wed, Jan 29, 2014 at 02:53:15PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 02:14:38PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 01:33:52PM +0100
On Wed, Jan 29, 2014 at 05:49:03PM +0100, Lukas Slebodnik wrote:
On (29/01/14 16:03), Sumit Bose wrote:
On Wed, Jan 29, 2014 at 02:53:15PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 02:14:38PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 01:33:52PM +0100, Sumit Bose wrote
On Wed, Jan 29, 2014 at 05:11:59PM +0100, Jakub Hrozek wrote:
On Wed, Jan 29, 2014 at 03:39:41PM +0100, Pavel Březina wrote:
On 01/27/2014 11:33 PM, Jakub Hrozek wrote:
Hi,
When the schema is set to AD and ID mapping is used, there is a one-time
you wanted to say when ID mapping is
On Mon, Feb 03, 2014 at 09:19:49AM +0100, Lukas Slebodnik wrote:
On (02/02/14 11:16), Noam Meltzer wrote:
+return 0;
+}
+
+static int sss_nfs_princ_to_ids(char *secname, char *princ, uid_t *uid,
+gid_t *gid, extra_mapping_params **ex)
+{
+
901 - 1000 of 3319 matches
Mail list logo