Am Tue, Feb 27, 2024 at 05:47:50PM +0200 schrieb Alexander Bokovoy:
> On Аўт, 27 лют 2024, David L wrote:
> > I'm looking for clarity about SSSD's *client-side* support for trusts.
> > 1. Does SSSD support login for cross-domain (e.g., parent/child) trusts?
> > 2. Does SSSD support login for
Am Thu, Feb 08, 2024 at 11:08:52PM - schrieb David L:
> I have a couple basic questions about using OpenLDAP with SSSD in a
> C/C++ program. Since I think SSSD uses OpenLDAP to do this already
> within it's service, I thought y'all would be the ones to task.
> Pardon my ignorance. If you
Am Fri, Aug 19, 2022 at 02:02:00PM +0200 schrieb Erik de Waard:
> When openldap is configured to make use of the dynlist module it can update
> the member and memberOf population recursively for nested groups by just
> quering with a searchfilter memberOf for it.
>
> This should eliminates the
URL: https://github.com/SSSD/sssd/pull/5955
Author: sumit-bose
Title: #5955: man: clarify ldap_idmap_range_max
Action: opened
PR body:
"""
ldap_idmap_range_max is the first ID which cannot be used for mapping
anymore.
Resolves: https://github.com/SSSD/sssd/issues/5938
&quo
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
sumit-bose commented:
"""
Hi,
thank you. ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pul
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
sumit-bose commented:
"""
Hi,
thanks, I'm still fine with the patches. I'd just like to ask to split out the
change to `pamsrv_p11.c` into an extra patch? The change is n
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5945
Title: #5945: INTG: Restrict smartcard in sc auth tests
sumit-bose commented:
"""
Hi,
thanks for the patch, it should make the Smartcard auth unit tests more
resilient. ACK
bye,
Sumit
"""
See the full comment at
htt
URL: https://github.com/SSSD/sssd/pull/5928
Title: #5928: IPA: Add password expire warning
sumit-bose commented:
"""
> @sumit-bose if there is a chance you can take a look at the code of this PR
> and tell me if approach with hard coded options is OK in this case?
H
URL: https://github.com/SSSD/sssd/pull/5941
Title: #5941: Minor updates in `IPA: get_object_from_cache()`
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5941
Title: #5941: Minor updates in `IPA: get_object_from_cache()`
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5940
Author: sumit-bose
Title: #5940: ipa: fix reply socket of selinux_child
Action: opened
PR body:
"""
Commit c92d39a30fa0162d4efdfbe5883c8ea9911a2249 accidentally switched
the reply socket of selinux_child from stdout to stderr while
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
Hi,
I agree with @alexey-tikhonov, it is better to just fail hard if chain ID
support is missing.
bye,
Sumit
"""
URL: https://github.com/SSSD/sssd/pull/5927
Author: sumit-bose
Title: #5927: ad: add required 'cn' attribute to subdomain object
Action: opened
PR body:
"""
If the forest root is not part of the return trusted domain objects
from the local domain controller we generate an obj
URL: https://github.com/SSSD/sssd/pull/5918
Title: #5918: Client ca validation error
sumit-bose commented:
"""
Hi,
I'm fine with the patches, I would only recommend to use a higher value then
`2` for the exit code since e.g. the monitor is already using `2` for other
purpo
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
Hi,
thanks for the patch, it is working well in my (quite basic) tests for PAM and
NSS.
I'm afraid I can't remember what we planne
URL: https://github.com/SSSD/sssd/pull/5918
Title: #5918: Client ca validation error
Label: +Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5918
Title: #5918: Client ca validation error
sumit-bose commented:
"""
Hi,
there is a pep8 issue:
```
Start: Wed Dec 15 08:53:56 UTC 2021
+ find . -path ./src/config -prune -o -name '*.py' -exec pycodestyle
--ignore=E121,E123,E126,E22
URL: https://github.com/SSSD/sssd/pull/5910
Title: #5910: SPEC: avoid weak dependencies
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora
URL: https://github.com/SSSD/sssd/pull/5910
Title: #5910: SPEC: avoid weak dependencies
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5910
Title: #5910: SPEC: avoid weak dependencies
sumit-bose commented:
"""
Hi,
sure, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5910#issuecomment-992421744
URL: https://github.com/SSSD/sssd/pull/5910
Title: #5910: SPEC: avoid weak dependencies
sumit-bose commented:
"""
> > Please see my in-line comments.
>
> Thank you. I updated the patch.
>
> But what do you think about:
>
> > I'm not sure what to d
URL: https://github.com/SSSD/sssd/pull/5910
Title: #5910: SPEC: avoid weak dependencies
sumit-bose commented:
"""
Hi,
thanks for the patch. The boolean dependencies seem to work as expected, at
least on RHEL-8 where I tested them. Please see my in-line comments.
bye,
Sumit
&q
URL: https://github.com/SSSD/sssd/pull/5902
Title: #5902: SSS_CLIENT: fixed few covscan issues
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5902
Title: #5902: SSS_CLIENT: fixed few covscan issues
sumit-bose commented:
"""
Hi,
thanks, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5902#issuecomment-987616210
__
URL: https://github.com/SSSD/sssd/pull/5901
Title: #5901: utils: ignore systemd and sd-pam process in get_active_uid_linux()
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5901
Title: #5901: utils: ignore systemd and sd-pam process in get_active_uid_linux()
sumit-bose commented:
"""
Hi,
thanks, I'm fine with the code. Since @alexey-tikhonov approved the patch as
well and it was tested internally by @sgo
URL: https://github.com/SSSD/sssd/pull/5909
Author: sumit-bose
Title: #5909: Various fixes related forest and site name discovery - 1-16
Action: opened
PR body:
"""
Resolves: https://github.com/SSSD/sssd/issues/5875
https://github.com/SSSD/sssd/issues/5822
URL: https://github.com/SSSD/sssd/pull/5883
Title: #5883: Various fixes related forest and site name discovery
sumit-bose commented:
"""
Hi,
sure, I can include one of the patches in the backport.
I think the issue in #5645 is related to github. I checked the copies in the
URL: https://github.com/SSSD/sssd/pull/5883
Title: #5883: Various fixes related forest and site name discovery
sumit-bose commented:
"""
> Since this claims to fix https://bugzilla.redhat.com/show_bug.cgi?id=2006866
> , this also need to be backported to 1-16 branch.
&
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
Hi,
thanks, remaining CI issues are not related, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SS
URL: https://github.com/SSSD/sssd/pull/5881
Title: #5881: SDAP: Do not fail ASQ search when parsing a referenced entry fails
sumit-bose commented:
"""
Hi,
thanks, so the behavior is insistent, depending on the value of
`ldap_deref_threshold`. I guess the reason is
https://
URL: https://github.com/SSSD/sssd/pull/5881
Title: #5881: SDAP: Do not fail ASQ search when parsing a referenced entry fails
sumit-bose commented:
"""
Hi,
I think `ldap_ignore_unreadable_references` would be sufficient. Btw, what
happens if the members are looked up in
URL: https://github.com/SSSD/sssd/pull/5885
Title: #5885: LDAP: expire accounts when today >= shadowExpire
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5885
Title: #5885: LDAP: expire accounts when today >= shadowExpire
sumit-bose commented:
"""
Hi,
thank you for the patch, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
Hi,
I'm sorry I didn't pull the latest version when running the tests. Since the
chain_id option is now added unconditionally `test
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
Hi,
I'm fine with the patches and test are working locally for me. I restarted the
CI task to hopefully get some CI results as we
URL: https://github.com/SSSD/sssd/pull/5872
Title: #5872: p11_child: Fixes for authentication
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5872
Title: #5872: p11_child: Fixes for authentication
sumit-bose commented:
"""
Hi,
thanks a lot for the patches. I agree with all the changes and have no further
comments. I was thinking about how to add tests for the `--wait_fo
URL: https://github.com/SSSD/sssd/pull/5881
Title: #5881: SDAP: Do not fail ASQ search when parsing a referenced entry fails
sumit-bose commented:
"""
Hi,
thanks for the patch. I think an option is needed to control this behavior
because SSSD does not know if the den
URL: https://github.com/SSSD/sssd/pull/5762
Title: #5762: krb5: add support for idp:oauth2 challenge
sumit-bose commented:
"""
Hi,
thanks for the update, if updates my
[oidc_child](https://github.com/sumit-bose/sssd/tree/oidc_child) tree
accordingly and all is still working fi
URL: https://github.com/SSSD/sssd/pull/5863
Title: #5863: Responder and Child process tevent chain id improvements
sumit-bose commented:
"""
> Now that the RID # is passed to the child log files, `sssctl analyze request
> show #` will check these child logs and print tho
URL: https://github.com/SSSD/sssd/pull/5855
Title: #5855: CKM_RSA_PKCS support.
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora
URL: https://github.com/SSSD/sssd/pull/5855
Title: #5855: CKM_RSA_PKCS support.
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of
URL: https://github.com/SSSD/sssd/pull/5855
Title: #5855: CKM_RSA_PKCS support.
sumit-bose commented:
"""
Hi,
thanks, ACK. Looks like the tests were not run, not sure why?
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5847
Title: #5847: pam_sss: Allow offline authentication against
non-ipa-desktopprofiles aware DC
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5847
Title: #5847: pam_sss: Allow offline authentication against
non-ipa-desktopprofiles aware DC
sumit-bose commented:
"""
Hi,
thanks for the swift reply, then I'm fine with the patch, ACK.
bye,
Sumit
"""
See the full
URL: https://github.com/SSSD/sssd/pull/5847
Title: #5847: pam_sss: Allow offline authentication against
non-ipa-desktopprofiles aware DC
sumit-bose commented:
"""
Hi,
thank you for the analysis and the patch. There is a slight difference between
the online and the offline ca
URL: https://github.com/SSSD/sssd/pull/5855
Title: #5855: CKM_RSA_PKCS support.
sumit-bose commented:
"""
Hi,
thank you for the patch. Code-wise I'm fine and my test were successful as well.
While talking about test, I think it would be good to have tests as well.
SoftHSM2 a
URL: https://github.com/SSSD/sssd/pull/5860
Title: #5860: [monitor] Fix untranslated string
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5860
Title: #5860: [monitor] Fix untranslated string
sumit-bose commented:
"""
Hi,
thanks you for the new version, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5850
Author: sumit-bose
Title: #5850: ad: filter trusted domains
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5850/head:pr5850
git checkout pr5850
From
URL: https://github.com/SSSD/sssd/pull/5850
Title: #5850: ad: filter trusted domains
sumit-bose commented:
"""
> Hi @sumit-bose,
>
> does it apply to 1.16 branch or do we need a separate PR?
Hi,
yes, currently it applies cleanly to the 1.16 branch.
bye,
Sumit
&
URL: https://github.com/SSSD/sssd/pull/5850
Author: sumit-bose
Title: #5850: ad: filter trusted domains
Action: opened
PR body:
"""
The fix for https://github.com/SSSD/sssd/issues/5528 might discover
domains which are not trusted (one-way trust) or are from a different
fores
URL: https://github.com/SSSD/sssd/pull/5826
Title: #5826: DEBUG: fix missing "va_end"
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
URL: https://github.com/SSSD/sssd/pull/5826
Title: #5826: DEBUG: fix missing "va_end"
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code
URL: https://github.com/SSSD/sssd/pull/5826
Title: #5826: DEBUG: fix missing "va_end"
sumit-bose commented:
"""
Hi,
thanks, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5826#issuecomment-944022983
__
URL: https://github.com/SSSD/sssd/pull/5825
Title: #5825: krb5: use hidden file when creating config snippets
sumit-bose commented:
"""
> There is `ding-libs/path_utils` that has relevant functions but I think it
> doesn't make sense to pull it in...
Hi,
yes, there ar
URL: https://github.com/SSSD/sssd/pull/5825
Author: sumit-bose
Title: #5825: krb5: use hidden file when creating config snippets
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5825/head:pr5825
git checkout pr5825
URL: https://github.com/SSSD/sssd/pull/5825
Author: sumit-bose
Title: #5825: krb5: use hidden file when creating config snippets
Action: opened
PR body:
"""
When creating config snippets fir libkrb5 SSSD first creates a temporary
file with a random suffix and renames this
URL: https://github.com/SSSD/sssd/pull/5823
Title: #5823: krb5_child: fixed incorrect checks on length value
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5823
Title: #5823: krb5_child: fixed incorrect checks on length value
sumit-bose commented:
"""
Hi,
thanks for spotting this, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5802
Title: #5802: MONITOR: reduce logs severity around signalling
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5802
Title: #5802: MONITOR: reduce logs severity around signalling
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5802
Title: #5802: MONITOR: reduce logs severity around signalling
sumit-bose commented:
"""
Hi,
thanks for the patch, I'm fine with the changes. ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5784
Title: #5784: proxy: allow removing group members
sumit-bose commented:
"""
> @sumit-bose , can it happen (is it supported) two groups in different domains
> have the same GID?
Hi,
if the two domains are managed separately it
URL: https://github.com/SSSD/sssd/pull/5722
Title: #5722: NSS client: avoid using NETDB_INTERNAL if daemon is not available
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5722
Title: #5722: NSS client: avoid using NETDB_INTERNAL if daemon is not available
sumit-bose commented:
"""
> Hi @sumit-bose , did you have a chance to take a look at this?
Hi,
thanks for the reminder. I'm fine with the p
URL: https://github.com/SSSD/sssd/pull/5771
Title: #5771: sdap: always create sdap object for a forest root
sumit-bose commented:
"""
> There is a typo in the commit message: `:fixes: Even is the forest` ->
> `:fixes: Even IF the forest`
sorry, fixed in latest v
URL: https://github.com/SSSD/sssd/pull/5771
Author: sumit-bose
Title: #5771: sdap: always create sdap object for a forest root
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5771/head:pr5771
git checkout pr5771
From
URL: https://github.com/SSSD/sssd/pull/5788
Title: #5788: debug: suppress backtrace if GetAccountDomain() is not supported
sumit-bose commented:
"""
> Patches look good to me.
> But strictly speaking commit message of a first patch isn't correct anymore:
> backtra
URL: https://github.com/SSSD/sssd/pull/5788
Author: sumit-bose
Title: #5788: debug: suppress backtrace if GetAccountDomain() is not supported
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5788/head:pr5788
git
URL: https://github.com/SSSD/sssd/pull/5788
Author: sumit-bose
Title: #5788: debug: suppress backtrace if GetAccountDomain() is not supported
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5788/head:pr5788
git
URL: https://github.com/SSSD/sssd/pull/5771
Title: #5771: sdap: always create sdap object for a forest root
sumit-bose commented:
"""
Hi Pavel,
thanks for the review, I added a `:fixes:`.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pu
URL: https://github.com/SSSD/sssd/pull/5771
Author: sumit-bose
Title: #5771: sdap: always create sdap object for a forest root
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5771/head:pr5771
git checkout pr5771
From
URL: https://github.com/SSSD/sssd/pull/5791
Title: #5791: sysdb: more specific mpg search filter
sumit-bose commented:
"""
Hi Pavel,
thanks for the review, I've fixed the typo and added a `:fixes:`.
bye,
Sumit
"""
See the full comment at
https://github.com/SS
URL: https://github.com/SSSD/sssd/pull/5791
Author: sumit-bose
Title: #5791: sysdb: more specific mpg search filter
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5791/head:pr5791
git checkout pr5791
From
URL: https://github.com/SSSD/sssd/pull/5791
Author: sumit-bose
Title: #5791: sysdb: more specific mpg search filter
Action: opened
PR body:
"""
Originally all user of an mpg domain had an automatically created
user-private group and as a result the ID space was unifi
URL: https://github.com/SSSD/sssd/pull/5788
Author: sumit-bose
Title: #5788: debug: suppress backtrace if GetAccountDomain() is not supported
Action: opened
PR body:
"""
The return code ERR_GET_ACCT_DOM_NOT_SUPPORTED is an expected return code
if the backend d
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
sumit-bose commented:
"""
Hi,
thanks for checking the help message, as long as this is the default behavior
of argparse I'm fine. I build and installed the
URL: https://github.com/SSSD/sssd/pull/5787
Author: sumit-bose
Title: #5787: krb5: fix ccache ownership for offline Smartcard authentication
Action: opened
PR body:
"""
During Smartcard authentication/PKINIT the krb5_child process is running
as privileged user for some time to
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
sumit-bose commented:
"""
Hi,
thanks for the updates. I think from now on every enhancement should be done
not in this PR but in a new one.
What I still
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
Label: +Accepted
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
Label: -Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
sumit-bose commented:
"""
Hi,
thanks for the update, the CI failures are not related, ACK.
bye,
Sumit
"""
See the full comment at
https://github.com/SS
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
sumit-bose commented:
"""
> > > As before p11_child can only wait on a single reader, in the old version
> > > it was the first, now it is the l
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
sumit-bose commented:
"""
Hi,
my testing went well. Now wait_for_card is working with multiple empty readers
again. As before p11_child can only wait on a single rea
URL: https://github.com/SSSD/sssd/pull/5771
Author: sumit-bose
Title: #5771: sdap: always create sdap object for a forest root
Action: opened
PR body:
"""
Even if the forest root is disabled for user and group lookups a sdap
object is needed to lookup trusted domains.
Thi
URL: https://github.com/SSSD/sssd/pull/5760
Title: #5760: p11_child: Fixes for init_p11_ctx() and do_card()
sumit-bose commented:
"""
Hi,
thank you for the update, code-wise I'm fine with the patches, I'd like to run
some tests during the weekend and will give my final ACK
URL: https://github.com/SSSD/sssd/pull/5746
Title: #5746: p11_child: do_card partially fix loop exit condition (redo of
#5705)
sumit-bose commented:
"""
Hi,
thanks for the hint, I have to admit that I didn't test the patch with
`wait_for_card`.
@assafmo, would you like
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
sumit-bose commented:
"""
Hi Justin,
thanks for the latest updates.
I think the log lines from `accept_fd_handler` e.g.
2021-08-18 10:36:3
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
sumit-bose commented:
"""
Hi Scott,
thanks for the latest updates.
I think the log lines from `accept_fd_handler` e.g.
2021-08-18 10:36:3
1 - 100 of 3319 matches
Mail list logo