On 07/21/2010 05:46 PM, Sumit Bose wrote: > On Wed, Jul 21, 2010 at 04:43:41PM +0400, Eugene Indenbom wrote: > >> The patch attached fixes issues reported in tickets #565 and 567. >> >> Eugene >> > Hi, > > I agree with returning PAM_PERM_DENIED instead of PAM_SYSTEM_ERROR, but > I think you remove more entries from the cache then expected. The > response from the LDAP server will only contain information about the > local host and the current remote host (if any). If you delete anything > from the cache except those two (or even only one) entries the offline > access is largely restricted, because there is no data about other > remote hosts in the cache. > No, I delete only records that match search criteria, but not returned by LDAP. Records that are not matched (not local or remote host) are left intact.
Please read the patch more carefully. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
