On Fri, Feb 18, 2011 at 09:45:13AM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 09:40 AM, Stephen Gallagher wrote:
Previously, we were setting the client context PAM lookup timeout
after the first domain replied. However, if the user wasn't a
On Fri, Feb 18, 2011 at 04:28:13PM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The IPA provider was not properly removing groups in the cache
that the user was no longer a member of.
Fixes https://fedorahosted.org/sssd/ticket/803
ACK
I've have also
On Fri, Feb 18, 2011 at 11:29:28AM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/16/2011 12:12 PM, Sumit Bose wrote:
Hi,
with this patch the credential cache files stored in the cache are
checked if they contain TGTs which are still renewable
On Mon, Feb 21, 2011 at 02:04:52PM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/21/2011 11:45 AM, Stephen Gallagher wrote:
On 02/21/2011 11:34 AM, Stephen Gallagher wrote:
It is possible to set up FreeIPA servers where the Kerberos realm
differs
On Tue, Feb 22, 2011 at 08:02:56AM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/22/2011 06:13 AM, Sumit Bose wrote:
On Mon, Feb 21, 2011 at 02:04:52PM -0500, Stephen Gallagher wrote:
Un-withdrawing this patch (re-attaching for posterity).
I
On Tue, Feb 22, 2011 at 11:11:16AM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Previously, we were only constructing the basedn variable if the
ldap_search_base was not specified (which is unlikely to be in use
when using the IPA provier). However, if it
On Tue, Feb 22, 2011 at 12:44:53PM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/22/2011 12:10 PM, Sumit Bose wrote:
Sorry, I just realized that my testing was flawed. You access
options-id-basic in ipa_service_init() before it is initialized
On Wed, Feb 23, 2011 at 05:24:20PM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/sssd/ticket/807
NACK, please use the new option from 'Add krb5_realm to the basic IPA
options'
bye,
Sumit
-BEGIN PGP SIGNATURE-
Version: GnuPG
On Wed, Feb 23, 2011 at 05:59:13PM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/23/2011 05:33 PM, Sumit Bose wrote:
On Wed, Feb 23, 2011 at 05:24:20PM +0100, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/807
NACK, please use the new option
Hi,
Thank you very much for your contribution. In my experience LDB searches
with DNs are pretty much case-insensitive, only the value of the RDN is
checked case sensitive. I would like to investigate a bit further why
you see this issue in sssd.
On Wed, Feb 23, 2011 at 05:40:49PM +0300, Sergei
On Thu, Feb 24, 2011 at 12:54:44PM +0300, Sergei V. Kovylov wrote:
2011/2/24 Sumit Bose sb...@redhat.com:
Hi,
Thank you very much for your contribution. In my experience LDB searches
with DNs are pretty much case-insensitive, only the value of the RDN is
checked case sensitive. I would
On Thu, Feb 24, 2011 at 12:23:05PM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/23/2011 06:18 PM, Sumit Bose wrote:
On Wed, Feb 23, 2011 at 05:59:13PM +0100, Jakub Hrozek wrote:
On 02/23/2011 05:33 PM, Sumit Bose wrote:
On Wed, Feb 23, 2011 at 05:24
On Thu, Feb 24, 2011 at 08:45:19AM -0500, Simo Sorce wrote:
On Thu, 24 Feb 2011 11:46:24 +0100
Sumit Bose sb...@redhat.com wrote:
This should make all originalDN comparisons case-insensitive. Please
tell me if this fixes your issue. If yes, I will discuss with the
other sssd developers
On Thu, Feb 24, 2011 at 06:36:34PM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/24/2011 01:07 PM, Sumit Bose wrote:
Sorry for not sseing this earlier, but would you mind to move the whole
setting of IPA_KRB5_REALM from ipa_service_init
Hi,
this patch should fix trac ticket #810 and fixes pro-actively a
potential issue with the realm.
bye,
Sumit
From d42c47a22854a97d8bc6d54aebfa93371ac1bd19 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 25 Feb 2011 12:52:59 +0100
Subject: [PATCH] Fixes for dynamic DNS
On Fri, Feb 25, 2011 at 08:05:08AM -0500, Simo Sorce wrote:
On Fri, 25 Feb 2011 13:06:22 +0100
Sumit Bose sb...@redhat.com wrote:
Hi,
this patch should fix trac ticket #810 and fixes pro-actively a
potential issue with the realm.
bye,
Sumit
NACK,
not all IPA server
On Mon, Feb 28, 2011 at 10:56:12AM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/sssd/ticket/809
When resetting a port status, check a timeout, if it passed, also reset
the server status which will trigger a hostname lookup next time.
Hi,
Jakub found an issue with RFC2307bis domains without memberOf
attributes on the server. This patch should fix it.
bye,
Sumit
From 0421cf164ffe1ddae691bcd837b99631d5c5f5f0 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 28 Feb 2011 15:29:46 +0100
Subject: [PATCH] Do
Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 7 Mar 2011 10:04:13 +0100
Subject: [PATCH 1/2] Add missing name to struct getent_ctx for missing netgroup
https://fedorahosted.org/sssd/ticket/817
---
src/responder/nss/nsssrv_netgroup.c |6 ++
1 files changed, 6 insertions
On Mon, Mar 07, 2011 at 10:58:00AM +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This patch should fix a segfault in failover code introduced by my
recent hostname expiration patch.
I didn't realize that when using SRV records, server-common == NULL is
legal as
On Tue, Mar 08, 2011 at 11:28:57AM -0500, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
These patches will make it easier to manage translations in the SSSD.
The first patch adds the transifex_client configuration, the second
patch pulls in pending translations from
it in the in-memory cache as an empty netgroup.
I'm not sure if this is only irritating or a real bug. I have opendd
ticket #820 to track this.
bye,
Sumit
From e4174040684d511a00ede540f7ed6c4d15d42543 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 9 Mar 2011 10:22:17 +0100
Hi,
this aims to be a short term fix for trac ticket #821. In general we
should find out why the handle is not release when the backend goes
offline.
bye,
Sumit
From ebb4bf5612b00cef3f9e76f5568ea1d960d8b098 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 9 Mar 2011 12:52:39
On Mon, Mar 14, 2011 at 10:00:12AM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/11/2011 10:51 AM, Sumit Bose wrote:
On Fri, Mar 11, 2011 at 05:56:57AM -0500, Stephen Gallagher wrote:
This is most commonly seen with ActiveDirectory?. The 'group
On Mon, Mar 14, 2011 at 01:51:21PM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It is impossible to predict which name to use for a group if the
attribute used for name contains multiple values. We will log and
skip over these groups
Fixes
On Thu, Mar 17, 2011 at 10:41:37AM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/17/2011 10:09 AM, Sumit Bose wrote:
On Thu, Mar 17, 2011 at 09:57:22AM -0400, Stephen Gallagher wrote:
When we added the Kerberos access provider (for support
On Thu, Mar 17, 2011 at 05:25:55PM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/16/2011 02:07 PM, Simo Sorce wrote:
On Wed, 16 Mar 2011 13:28:20 -0400
Stephen Gallagher sgall...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Mar 22, 2011 at 02:09:27PM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/21/2011 04:24 PM, Sumit Bose wrote:
On Thu, Mar 17, 2011 at 05:25:55PM -0400, Stephen Gallagher wrote:
On 03/16/2011 02:07 PM, Simo Sorce wrote:
On Wed, 16 Mar 2011 13
Hi,
shanks found an issue if the rootDSE is not available. This patch should
fix it.
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
On Fri, Apr 08, 2011 at 09:14:02AM -0400, Dmitri Pal wrote:
On 04/08/2011 07:32 AM, Sumit Bose wrote:
and now with patch :-)
On Fri, Apr 08, 2011 at 01:30:44PM +0200, Sumit Bose wrote:
Hi,
shanks found an issue if the rootDSE is not available. This patch should
fix it.
bye
Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 12 Apr 2011 08:56:10 +0200
Subject: [PATCH] Initialise rootdse to NULL if not available
---
src/providers/ldap/sdap_async_connection.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/providers/ldap
On Tue, Apr 12, 2011 at 12:54:54PM -0400, Stephen Gallagher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Now that gecos can come from either the 'gecos' or 'cn' attributes,
we need to ensure that we never remove it from the cache.
We were being too greedy with our removal code. It
Hi,
this patch fixes an issue which was introduced by using talloc_move()
insttead of talloc_steal().
bye,
Sumit
From 81fb08fc7e7fee13fdb09aeb6b7fafc8eba992b1 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 2 May 2011 14:54:20 +0200
Subject: [PATCH] Return pam data
On Mon, May 02, 2011 at 09:56:18PM -0700, Ben Kevan wrote:
I'm wondering what the heck I'm doing wrong. I'm working on getting SSSD +
KRB5 working against 2008 R2 AD. It's working fine in RHEL5 w/ the standard
LDAP.conf configuration. I'm working on sssd, but am not getting a binddn
connection
On Tue, May 03, 2011 at 12:44:46PM +0200, Jan Zelený wrote:
Function sss_krb5_unparse_name_flags and some of its supporting functions have
been added in order to ensure compilation on systems having kerberos 1.8.
Currently I don't have any machine with RHEL5, so please be sure to test the
On Thu, May 05, 2011 at 02:56:26PM -0400, Stephen Gallagher wrote:
We want to support building against RHEL 5.7 with openldap24-libs
This will fix the nightly RHEL5 builds.
From b811b573ab8a8ff5f29ba98b6d50ae89a35ec23a Mon Sep 17 00:00:00 2001
From: Stephen Gallagher sgall...@redhat.com
. This test is quite simple, but I think we can take care
of RHEL 5.10 and later version if they are available.
bye,
Sumit
From 6f3a2f0650fb897d10a3b29dca4810845eaf7028 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 6 May 2011 14:31:30 +0200
Subject: [PATCH] Add support
way how to handle
_GNU_SOURCE and friends.
bye,
Sumit
From cd87293c9ca06d0e7d16f638ec3e30fcc6b6f72e Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 19 May 2011 09:58:09 +0200
Subject: [PATCH] Only set _GNU_SOURCE if not already set
---
src/confdb/confdb.c
On Fri, May 20, 2011 at 09:34:06AM +0200, Jakub Hrozek wrote:
On 05/19/2011 05:12 PM, Sumit Bose wrote:
Hi,
there are a couple of places where we set _GNU_SOURCE in the source
files to enable glibc specific extensions. If by chance
'-D_GNU_SOURCE=1' is set on the gcc command line, e.g
Hi,
with this email I would like to start some discussion and collect ideas
and use-cases about a new concept for sssd, namely sub-domains.
Currently in sssd a domain is like a single namespace which has to be
defined in sssd.conf and only users from explicitly known domains are
supported. E.g.
On Sun, May 22, 2011 at 05:21:23PM -0400, Stephen Gallagher wrote:
On May 22, 2011, at 12:37 PM, Jakub Hrozek jhro...@redhat.com wrote:
On 05/20/2011 09:44 AM, Sumit Bose wrote:
On Fri, May 20, 2011 at 09:34:06AM +0200, Jakub Hrozek wrote:
On 05/19/2011 05:12 PM, Sumit Bose wrote
Hi,
by chance so far string.h was always included before sss_cli.h. But to be
on the safe side we should include string.h in sss_cli.h because
safealign_memcpy() is define here which calls memcpy().
bye,
Sumit
From aa420d04631c5dcb18bed05394490ef6b133eed3 Mon Sep 17 00:00:00 2001
From: Sumit
On Mon, May 23, 2011 at 03:00:47PM -0400, Stephen Gallagher wrote:
On RHEL 5 and other older platforms, failing to set _GNU_SOURCE
early would cause some functions - such as strndup() - to be
unavailable.
This patch fixes the broken RHEL 5 automated build.
ACK
bye,
Sumit
is
#639.
bye,
Sumit
From 16845181d50edf4f63b83ad8df3a9ca8467acdbf Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 25 May 2011 10:54:17 +0200
Subject: [PATCH] Sanitize username during initgroups call
---
src/providers/ldap/sdap_async_accounts.c |8 +++-
1 files changed
88fac9d6e766cf8ee6fba1a83ff775d47acf3acf Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 27 May 2011 12:51:19 +0200
Subject: [PATCH] Add online callback only once for TGT renewal
---
src/providers/krb5/krb5_renew_tgt.c | 69 ++-
1 files changed
On Fri, May 27, 2011 at 10:27:48AM -0400, Stephen Gallagher wrote:
On Fri, 2011-05-27 at 09:58 -0400, Dmitri Pal wrote:
On 05/27/2011 07:02 AM, Sumit Bose wrote:
Hi,
I confused the online callbacks with tevent timers when adding them to
the TGT renewal task with the effect
On Thu, Jun 09, 2011 at 09:20:24AM +0200, Frank Dornheim wrote:
Hi list,
i have a running sssd, ldap, krb5 system.
client [sssd] -- [openLdap] -- KRB5
So everything work expected. My LDAP user use LDAP/ KRB5 if there is a
connect and sssd is offline.
But i dont understand the
On Thu, Jun 09, 2011 at 11:23:14AM +0200, Jan Zelený wrote:
Hi,
this patch should fix https://fedorahosted.org/sssd/ticket/888 which
describes a corner case where an unused ccache file with a random name
is not recreated during the renewal of an expired password via sshd with
On Mon, Jun 13, 2011 at 05:36:07PM -0400, Norman Elton wrote:
Based on IRC conversations with sgallagh, we determined that my
ignorance led to /etc/pam.d/system-auth being correctly configured,
but /etc/pam.d/password-auth left as the defaults. This was causing
issues with sssd renewing the
this with patch 0001.
bye,
Sumit
From f633a1b3da74d8d5f964af79e4ac9fcf317fbb26 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 15 Jun 2011 10:51:37 +0200
Subject: [PATCH 1/2] Add missing libsss_util to proxy provider
---
Makefile.am |1 +
1 files changed, 1 insertions(+), 0
Hi,
by chance I realized that an OpenLDAP server does not list all controls
it can handle in the rootDSE attribute supportedControl.
Especially LDAP_CONTROL_PASSWORDPOLICY is not listed. According to the
OpenLDAP developers this is because the related spec
returns a LDAP_CONTROL_PASSWORDPOLICYRESPONSE.
bye,
Sumit
From 7a5c3fc56ec6149f94aed40438429ab4d3c302c7 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 16 Jun 2011 12:31:09 +0200
Subject: [PATCH] Do not check pwdAttribute
It is not safe to check pwdAttribute to see if server side
On Thu, Jun 16, 2011 at 11:20:06AM -0400, Dmitri Pal wrote:
On 06/16/2011 08:09 AM, Simo Sorce wrote:
On Thu, 2011-06-16 at 11:32 +0200, Sumit Bose wrote:
Hi,
by chance I realized that an OpenLDAP server does not list all controls
it can handle in the rootDSE attribute supportedControl
On Thu, Jun 23, 2011 at 09:53:28AM -0400, Stephen Gallagher wrote:
On Thu, 2011-06-23 at 13:41 +0200, Sumit Bose wrote:
and now with patch ...
On Thu, Jun 23, 2011 at 01:40:51PM +0200, Sumit Bose wrote:
Hi,
We will have some experimental features added in the near future
ticket is
https://fedorahosted.org/sssd/ticket/905 .
bye,
Sumit
From 057f5fe2315b8e17f3bb4ccf760e26c2275afdb1 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 27 Jun 2011 10:03:03 +0200
Subject: [PATCH 1/4] Add sockaddr_storage to sdap_service
---
src/providers/ldap
On Tue, Jun 28, 2011 at 09:24:45AM -0400, Stephen Gallagher wrote:
On Tue, 2011-06-28 at 13:42 +0200, Sumit Bose wrote:
Hi,
currently we have two competing features in the LDAP provider. One the
one hand we want to avoid further DNS lookups by the OpenLDAP client
libraries and want
On Tue, Jun 28, 2011 at 08:14:57AM -0400, Stephen Gallagher wrote:
On Mon, 2011-06-27 at 18:31 -0400, Jakub Hrozek wrote:
0002: ACK
0003: NACK
The defattr in %files -n libipa_hbac-devel is missing a comma before
the last parameter, it says %defattr(-,root,root-).
Whoops, I could
On Fri, Jul 01, 2011 at 07:39:07AM -0400, Stephen Gallagher wrote:
Coverity found this bug in the ldap_init_fd patch I pushed yesterday.
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 1 Jul 2011 13:01:51 +0200
Subject: [PATCH] Do not access state after tevent_req_done() is called.
---
src/util/sss_ldap.c | 26 --
1 files changed, 16 insertions(+), 10 deletions(-)
diff --git a/src/util/sss_ldap.c b
On Mon, Jul 04, 2011 at 08:39:42PM +0200, li...@xs4me.net wrote:
Op 04-07-11 19:35, li...@xs4me.net schreef:
Hi,
I'm using sssd-1.5.10 and noticed today that I was not able to connect to
my ldap server with an ldaps uri.
If I change the uri it ldap://ldap everything works just
Hi,
the ldap_init_fd() patch introduced another regression with ldaps URIs.
This patch should fix it.
bye,
Sumit
From 227a661dc28dafabef6edea61054ddf10986857b Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 5 Jul 2011 11:37:45 +0200
Subject: [PATCH] Call ldap_install_tls
On Mon, Jul 04, 2011 at 07:27:17PM -0400, Jakub Hrozek wrote:
On 07/01/2011 04:44 PM, Stephen Gallagher wrote:
And now with patches attached...
On Fri, 2011-07-01 at 16:42 -0400, Stephen Gallagher wrote:
So many changes have been made since the original pass that I have
revisited the
On Fri, Jul 08, 2011 at 12:34:44PM -0400, Stephen Gallagher wrote:
On Fri, 2011-07-08 at 14:59 +0200, Sumit Bose wrote:
On Mon, Jul 04, 2011 at 07:27:17PM -0400, Jakub Hrozek wrote:
On 07/01/2011 04:44 PM, Stephen Gallagher wrote:
And now with patches attached...
On Fri, 2011-07
89fd87d31b55634f9b989c327f513d93f19bb5ba Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 13 Jul 2011 12:53:10 +0200
Subject: [PATCH] Do not call talloc_free() on uninitialized memory
---
src/providers/ldap/sdap_async_connection.c |1 +
1 files changed, 1 insertions(+), 0
adding sssd-devel
On Thu, Aug 11, 2011 at 10:14:09AM +0200, Tim Niemueller wrote:
Hi all.
We have setup FreeIPA on a F-15 virtual machine. I'm currently
testing with a F-14 client. We would like to keep F-14, as F-15
seems not generally stable enough for wide deployment (graphics
issues
On Thu, Aug 18, 2011 at 04:48:32PM +0200, Jan Zelený wrote:
On Wed, Aug 17, 2011 at 04:58:05PM +0200, Jakub Hrozek wrote:
On Wed, Aug 17, 2011 at 01:15:31PM +0200, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/924 started as a segfault ticket
but we could never reproduce
On Tue, Aug 30, 2011 at 11:23:09AM -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 10:52 -0400, Stephen Gallagher wrote:
Adds a configure option to set the distribution default as well as
an sssd.conf option to override it.
Resolves: https://fedorahosted.org/sssd/ticket/980
On Tue, Aug 30, 2011 at 04:07:22PM -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 13:10 -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 11:23 -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 10:52 -0400, Stephen Gallagher wrote:
Adds a configure option to set the
On Wed, Aug 31, 2011 at 12:04:37PM -0400, Stephen Gallagher wrote:
On Wed, 2011-08-31 at 12:47 +0200, Sumit Bose wrote:
On Tue, Aug 30, 2011 at 04:07:22PM -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 13:10 -0400, Stephen Gallagher wrote:
On Tue, 2011-08-30 at 11:23 -0400
On Thu, Sep 01, 2011 at 11:38:32AM -0400, Stephen Gallagher wrote:
On Wed, 2011-08-31 at 21:32 +0200, Sumit Bose wrote:
Works great. I found two minor issues:
diff --git a/Makefile.am b/Makefile.am
index
4e2e26bae9ba9b388998d3c1af84f8a7aa2e51ed
Hi,
while testing HBAC Shanks found an issue (bz736314) while processing
external hosts. This patch should fix it.
bye,
Sumit
From df7f08d7df67d47c08a43003228e7b472a9cd65e Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 7 Sep 2011 13:15:49 +0200
Subject: [PATCH] Do
On Wed, Oct 05, 2011 at 07:56:09AM -0400, Simo Sorce wrote:
On Wed, 2011-10-05 at 07:30 -0400, Stephen Gallagher wrote:
CCing sssd-devel
On Tue, 2011-10-04 at 22:41 +, JR Aquino wrote:
So I have been looking through the results of ldbsearch and have been
wondering...
Why
On Thu, Oct 20, 2011 at 10:48:08AM +0200, Jan Zelený wrote:
https://fedorahosted.org/sssd/ticket/957
just a comment you might want to consider. You tell the krb5 child about
the canonicalize option with the help of an environment variable like it
is currently done for various other options as
On Tue, Nov 08, 2011 at 07:32:32AM +0100, Thorsten Scherf wrote:
From d25b41541a69058469b396ff575c6bc91c6878ee Mon Sep 17 00:00:00 2001
From: Thorsten Scherf tsch...@redhat.com
Date: Tue, 8 Nov 2011 07:07:08 +0100
Subject: [PATCH] Fixed translation bug
---
po/de.po |2 +-
1 files
On Tue, Nov 08, 2011 at 05:53:03PM +0200, Marko Myllynen wrote:
Hi,
On 2011-11-08 15:53, Pavel Zuna wrote:
SSSD configuration option for the Winbind provider can be found in
/etc/sssd/sssd.api.d/sssd-winbind.conf. The correspond pretty much to
Winbind options normally found in smb.conf.
On Mon, Dec 05, 2011 at 03:01:29PM +0100, Jakub Hrozek wrote:
The attached patch syncs up with Samba commit
50e30afa608dfdeae8a260730ead9761ed424dad
I haven't tested the patch, but the change looks as expected.
ACK (without testing)
bye,
Sumit
___
did some tests with the attached patch and didn't found any issues. If
you do not have any concerns and think this is a good idea I can provide
a more complete patch.
bye,
Sumit
From 0ef843e31df394caab89ac1029113f302072467d Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 12 Jan
On Wed, Jan 18, 2012 at 10:19:52AM +0100, Jakub Hrozek wrote:
Unbreaks the LDAP provider.
I hope the following haven't been discussed before for sudo.
Just a general comment and maybe this is already planned for the sudo
integration. We tried to avoid ifdef's in the main part of the code and
will make the handling of sub-domains much easier, because
now only the domain info struct for the sub-domains needs to be
up-to-date.
bye,
Sumit
From e540f31d1d513ba0765310df37fdf04d4917a6dd Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 23 Jan 2012 12:57:33 +0100
Subject
On Mon, Jan 30, 2012 at 09:31:14PM -0500, Stephen Gallagher wrote:
On Wed, 2012-01-25 at 18:12 +0100, Sumit Bose wrote:
Hi,
a few days ago I send a draft patch where the sysdb context is stored
in the domain info struct. I created a patch which is a bot more
conservative than the last
Hi,
the patches apply and compile cleanly. I haven't tested them only looked
at the code. I'm sorry but there is only #92 which I ACK additionally to
the already ACKed ones. Please so comments below.
bye,
Sumit
On Thu, Feb 02, 2012 at 06:02:37PM +0100, Jan Zelený wrote:
#084:
Original #0001,
On Tue, Jan 31, 2012 at 07:18:10AM -0500, Stephen Gallagher wrote:
On Tue, 2012-01-31 at 09:36 +0100, Sumit Bose wrote:
On Mon, Jan 30, 2012 at 09:31:14PM -0500, Stephen Gallagher wrote:
On Wed, 2012-01-25 at 18:12 +0100, Sumit Bose wrote:
Hi,
a few days ago I send a draft patch
On Wed, Mar 07, 2012 at 10:08:29AM -0500, Stephen Gallagher wrote:
This patch makes several changes.
1) Change the behavior of path_concat so that it will always return an
empty string if it hits ENOBUFS.
2) Clean up the code, adding more comments.
3) Modify the unit tests to check for
On Fri, Mar 16, 2012 at 01:15:51PM +0100, Jakub Hrozek wrote:
On Fri, Mar 16, 2012 at 09:08:48AM +0100, Jakub Hrozek wrote:
On Thu, Mar 15, 2012 at 10:57:04PM +0100, Sumit Bose wrote:
using free() is safe here, but you have to initialize data, or at least
data.dptr at the beginning
One more minor thing when building docs:
warning: ignoring unsupported tag `HTML_FOOTER_DESCRIPTION=' at line 788,
file
src/providers/ipa/ipa_idmap.doxy
HTML_FOOTER_DESCRIPTION is in all out doxy files. Apparently it is not
supported by current versions of doxygen, but maybe it is useful
On Tue, Apr 03, 2012 at 06:43:47AM -0700, Stephen Gallagher wrote:
On Tue, 2012-04-03 at 16:36 +0300, Marko Myllynen wrote:
Hi,
Ok, I think I understand now, but the manpages need to be MUCH more
clear. It sounds like you're adding this option to always override
subdomain home
On Thu, Apr 05, 2012 at 10:46:55AM +0200, Jan Zelený wrote:
On Mon, Apr 02, 2012 at 10:23:37AM +0200, Jan Zeleny wrote:
Once more, this time rebased on top of current master.
Thanks
Jan
Patch 0001: Sysdb routines for subdomains
Ack, can you just add a DEBUG message in case
On Fri, Apr 06, 2012 at 09:38:55AM +0200, Jan Zelený wrote:
Patch 0006: Retrieve subdomains if there is a request for fully
qualified user
Looks OK, will just need amendment when sss_dp_get_domains_recv() is
implemented. Currently the patch supports users and netgroups, are
On Fri, Apr 13, 2012 at 08:24:18AM +0200, Jan Zelený wrote:
On Thu, Apr 12, 2012 at 09:52:14PM +0200, Jan Zeleny wrote:
Jakub Hrozek jhro...@redhat.com wrote:
On Tue, Apr 10, 2012 at 12:38:31AM -0400, Jakub Hrozek wrote:
This works fine, but the new option should be added to the
On Thu, Apr 19, 2012 at 08:05:16PM -0400, Stephen Gallagher wrote:
On Thu, 2012-04-19 at 19:48 -0400, Dmitri Pal wrote:
The question is about the ALLOW and DETECT options. As a result of the
merge operation using those options one can end up with more than one
section with the same name
On Sun, Apr 22, 2012 at 08:07:56PM -0400, Stephen Gallagher wrote:
On Sun, 2012-04-22 at 17:27 -0400, Simo Sorce wrote:
On Sun, 2012-04-22 at 15:10 -0400, Stephen Gallagher wrote:
Ok, I just hit a snag and I'm not sure how best to proceed. All users on
a POSIX system need to have a
On Fri, Apr 20, 2012 at 03:01:17PM -0400, Stephen Gallagher wrote:
On Fri, 2012-04-13 at 12:34 +0200, Jan Zelený wrote:
Hi Stephen,
I went through all patches and I have couple things which I'd like to ask
you
about. First of all I'm not that familiar with ID mapping in winbind so my
On Mon, Apr 23, 2012 at 07:27:55AM -0400, Stephen Gallagher wrote:
On Mon, 2012-04-23 at 10:56 +0200, Sumit Bose wrote:
On Fri, Apr 20, 2012 at 03:01:17PM -0400, Stephen Gallagher wrote:
On Fri, 2012-04-13 at 12:34 +0200, Jan Zelený wrote:
Hi Stephen,
I went through all patches
On Tue, Apr 24, 2012 at 12:07:09PM +0200, Stef Walter wrote:
execv, excvp and exec_child never return 0 or EOK. So we don't need to
handle that case. Patch clears out a bit of code.
Chances are that some static code analysis tools or -D_FORTIFY_SOURCE=2
might complain about an unchecked return
On Wed, Apr 25, 2012 at 03:28:20PM +0200, Stef Walter wrote:
On 04/24/2012 12:42 PM, Sumit Bose wrote:
Chances are that some static code analysis tools or -D_FORTIFY_SOURCE=2
might complain about an unchecked return value. Currently we mostly try
to make those tools happy, even if the code
inputs. Fell
free to add more :-)
bye,
Sumit
From 1a396db5661f1eeafddcde1ab303f730ecf807cd Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 25 Apr 2012 09:16:41 +0200
Subject: [PATCH] Allow different SID representations in libidmap
Besides as strings it is now possible to use
Hi,
I just came across a pair of wrong braces in the spec file.
bye,
Sumit
From 1b27d6bc37afb217a7d65f7ac15e16b83af62f18 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 3 May 2012 10:15:47 +0200
Subject: [PATCH] Fix typo in spec file
---
contrib/sssd.spec.in |2 +-
1
Hi,
I run some tests on PPC and found an issue in the SID conversion
functions of libidmap with respect to the byte-order. With the attached
patch make test passed on big- and little-endian platforms.
bye,
Sumit
From c445ba99ee01053edaf02ca8d3b034cdb3e6488c Mon Sep 17 00:00:00 2001
From: Sumit
On Mon, May 14, 2012 at 08:52:16AM -0400, Simo Sorce wrote:
On Mon, 2012-05-14 at 08:33 -0400, Stephen Gallagher wrote:
On Mon, 2012-05-14 at 14:08 +0200, Sumit Bose wrote:
Hi,
although we currently use the same internal representation for struct
dom_sid as samba does this might
and I need them for the PAC responder as well. So I thought
it might be useful to put it in a library.
bye,
Sumit
From b33d2e0e6cb18a3c90a9b4fda0d4ae7e60136f97 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 24 May 2012 12:39:56 +0200
Subject: [PATCH] sss_idmap: add support
501 - 600 of 3319 matches
Mail list logo