On Fri, 2012-03-09 at 13:18 +0100, Jan Zelený wrote: > > Patch 0001: Make sdap_access_send() public so the IPA provider can > > consume it. > > > > Patch 0002: Check that the user is not disabled before performing the > > HBAC check. I chose to do the nsAccountLock check first because it's a > > very fast operation against the cache, so if it returns PAM_PERM_DENIED > > we will skip the slower HBAC checks and jump straight to denial. > > Ack to both.
Pushed to master and sssd-1-8.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
