[SSSD] Re: Design document - sssctl

2016-04-18 Thread Jakub Hrozek
On Wed, Apr 06, 2016 at 10:52:24AM +0200, Jakub Hrozek wrote: > On Tue, Mar 22, 2016 at 04:23:26PM -0400, Justin Stephenson wrote: > > This is great and will make our lives much easier in support! Currently we > > have autokeyed commands like 'service sssd stop; rm -f /var/lib/sss/db/*; > >

[SSSD] Re: [PATCH] IPA_SUDO: Prevent dereference of NULL pointer

2016-04-18 Thread Lukas Slebodnik
On (14/04/16 15:28), Pavel Březina wrote: >On 04/14/2016 02:36 PM, Lukas Slebodnik wrote: >>On (14/04/16 14:07), Pavel Březina wrote: >>>Hi, >>>good catch. >>> >>>On 04/14/2016 10:27 AM, Luka DLIST_FOR_EACH(listitem, list) { cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups,

[SSSD] Re: [PATCH] SYSDB_SUDO: Remove useless test

2016-04-18 Thread Lukas Slebodnik
On (14/04/16 14:11), Pavel Březina wrote: >On 04/14/2016 10:29 AM, Lukas Slebodnik wrote: >>ehlo, >> >>Pavel B. recently added this code. >>I'm not sure why. >> >>LS >> > >Because we are inconsistent, in some functions it is possible to end up with >EOK and count = 0 and in some we interpret it as

[SSSD] Re: Q: Rewriting negcache to save expiration time instead of saving time

2016-04-18 Thread Petr Cech
On 04/18/2016 12:50 PM, Petr Cech wrote: Hi, recently, negcache saves time of saving. If you check negcache, you need to provide appropriate timeout. I am working on [1] (NSS responder should negatively cache local users for a longer time) and I need to have two different timeouts. You can see

[SSSD] Re: [PATCH SET] TOOL: Invalidation of sudo rules at sss_cache

2016-04-18 Thread Petr Cech
On 04/15/2016 09:54 AM, Pavel Březina wrote: Hi, CI fails on debian: http://sssd-ci.duckdns.org/logs/job/41/53/debian_testing/ci.html Hi, CI tests passed locally. Moderate CI tests passed too: http://sssd-ci.duckdns.org/logs/job/41/87/summary.html And I have started rigorous CI tests

[SSSD] Re: [PATCHES] PAC: only save PAC blob into the cache

2016-04-18 Thread Sumit Bose
On Mon, Apr 18, 2016 at 03:06:05PM +0200, Lukas Slebodnik wrote: > On (15/04/16 16:39), Sumit Bose wrote: > >On Thu, Apr 14, 2016 at 04:30:24PM +0200, Lukas Slebodnik wrote: > > > >... > > > >> > >> >From 62a3c79d7923dceb2c92c1b2d31388afd744a8ac Mon Sep 17 00:00:00 2001 > >> >From: Sumit Bose

[SSSD] Re: [PATCHES] PAC: only save PAC blob into the cache

2016-04-18 Thread Lukas Slebodnik
On (15/04/16 16:39), Sumit Bose wrote: >On Thu, Apr 14, 2016 at 04:30:24PM +0200, Lukas Slebodnik wrote: > >... > >> >> >From 62a3c79d7923dceb2c92c1b2d31388afd744a8ac Mon Sep 17 00:00:00 2001 >> >From: Sumit Bose >> >Date: Wed, 10 Feb 2016 14:59:06 +0100 >> >Subject: [PATCH

[SSSD] Q: Rewriting negcache to save expiration time instead of saving time

2016-04-18 Thread Petr Cech
Hi, recently, negcache saves time of saving. If you check negcache, you need to provide appropriate timeout. I am working on [1] (NSS responder should negatively cache local users for a longer time) and I need to have two different timeouts. You can see new layer between negcache and

[SSSD] Re: [PATCH] ldap_test.py: Modify enum cache timeouts

2016-04-18 Thread Michal Židek
On 04/18/2016 12:22 PM, Lukas Slebodnik wrote: On (18/04/16 11:14), Michal Židek wrote: On 04/18/2016 10:39 AM, Lukas Slebodnik wrote: On (02/12/15 17:10), Michal Židek wrote: Hi! I saw some integration tests failures recently, and I think there is a race condition between the enumeration

[SSSD] Re: [PATCH] ldap_test.py: Modify enum cache timeouts

2016-04-18 Thread Lukas Slebodnik
On (18/04/16 11:14), Michal Židek wrote: >On 04/18/2016 10:39 AM, Lukas Slebodnik wrote: >>On (02/12/15 17:10), Michal Židek wrote: >>>Hi! >>> >>>I saw some integration tests failures recently, >>>and I think there is a race condition between the >>>enumeration refresh timeout and the sleeps

[SSSD] Re: [PATCH] ldap_test.py: Modify enum cache timeouts

2016-04-18 Thread Michal Židek
On 04/18/2016 10:39 AM, Lukas Slebodnik wrote: On (02/12/15 17:10), Michal Židek wrote: Hi! I saw some integration tests failures recently, and I think there is a race condition between the enumeration refresh timeout and the sleeps after some operations that wait for this timeout. SSSD fails

[SSSD] Re: [PATCH] ldap_test.py: Modify enum cache timeouts

2016-04-18 Thread Lukas Slebodnik
On (02/12/15 17:10), Michal Židek wrote: >Hi! > >I saw some integration tests failures recently, >and I think there is a race condition between the >enumeration refresh timeout and the sleeps >after some operations that wait for this timeout. >SSSD fails to populate changes from LDAP in time >and

[SSSD] [PATCH] intg: Use different uid range for add_remove tests

2016-04-18 Thread Lukas Slebodnik
ehlo, I use special local user for building srpms in mock and it caused failures for me with running integration tests. Attached patch is a workaround. The proper solution would be to wrap detection of active users in CWRAP enviroment. LS >From 80bd9cde79d871b39e4c944c24b71f1a246311ae Mon Sep