On Tue, 2009-10-20 at 16:13 -0400, Stephen Gallagher wrote: > On 10/20/2009 12:19 PM, Sumit Bose wrote: > > On Tue, Oct 20, 2009 at 11:15:52AM -0400, Stephen Gallagher wrote: > >> On 10/20/2009 10:37 AM, Stephen Gallagher wrote: > >>> This patch addresses: https://fedorahosted.org/sssd/ticket/60 > >>> > >>> This adds a new option to the [PAM] section of the sssd.conf. > >>> > >>> It can be specified by seconds, minutes, hours or days and defines > >>> how long a user can perform offline authentications. If the user > >>> does not perform an online authentication within the timeout, they > >>> will be denied auth once the timeout passes. > >>> > >> Whoops, found a minor issue. Had the wrong option in the sssd.api.conf, > >> and I also extended the manpage to describe the timeout options better. > >> > > > > NACK, > > > > as discussed on irc I think it makes sense to check if the current > > domain isn't LOCAL and cache credential are enabled for the current > > domain before writing the last online auth time. > > > > Changes made as requested. Thank you for the review.
Sorry had no time to to a full review (will do later) but I saw a lot of changes with the inclusion of a pam_ctx structure, why did you introduce that instead of extending the rctx structure ? Simo. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel