On (10/11/15 16:23), Jakub Hrozek wrote:
>On Tue, Nov 10, 2015 at 09:43:55AM +0100, Lukas Slebodnik wrote:
>> ehlo,
>>
>> debian has pach which removes syslog.target from service.file
>> http://anonscm.debian.org/cgit/pkg-sssd/sssd.git/tree/debian/patches/fix-obsolete-target.diff
>> and this
On Tue, Nov 10, 2015 at 02:50:57PM +0100, Lukas Slebodnik wrote:
> On (10/11/15 12:10), Pavel Březina wrote:
> >This gets rid of confusing debug message:
> >[be_client_destructor] (0x0020): Unknown client removed ...
>
> >From 17b1d8216bab3770c58c79cf51c571cb184e8ab4 Mon Sep 17 00:00:00 2001
>
On Tue, Nov 10, 2015 at 09:43:55AM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> debian has pach which removes syslog.target from service.file
> http://anonscm.debian.org/cgit/pkg-sssd/sssd.git/tree/debian/patches/fix-obsolete-target.diff
> and this target is not available on el7.1with quite old
On Tue, Nov 10, 2015 at 01:22:54PM +0100, Lukas Slebodnik wrote:
> On (10/11/15 13:15), Jakub Hrozek wrote:
> >On Mon, Nov 09, 2015 at 11:32:30AM +0100, Petr Cech wrote:
> >> On 11/04/2015 11:24 AM, Jakub Hrozek wrote:
> >> >Hi,
> >> >
> >> >I created this patch to try to diagnose an issue where
On (05/11/15 17:01), Pavel Reichl wrote:
>On 11/05/2015 09:17 AM, Lukas Slebodnik wrote:
>>Let's image following use case:
>>* cached authentication is enabled.
>>* user "pamuser" has never authenticated to the machine and thus
>> password is not cached
>>* for the first time the the data
On 11/10/2015 08:29 AM, Pavel Reichl wrote:
On 11/05/2015 05:29 PM, Petr Cech wrote:
+void test_groups_by_recent_filter_valid(void **state)
+{
+struct cache_req_test_ctx *test_ctx = NULL;
+TALLOC_CTX *req_mem_ctx = NULL;
+struct tevent_req *req = NULL;
+const char
On 11/10/2015 08:37 AM, Lukas Slebodnik wrote:
On (10/11/15 08:29), Pavel Reichl wrote:
On 11/05/2015 05:29 PM, Petr Cech wrote:
+void test_groups_by_recent_filter_valid(void **state)
+{
+struct cache_req_test_ctx *test_ctx = NULL;
+TALLOC_CTX *req_mem_ctx = NULL;
+struct
On 11/09/2015 04:28 PM, Jakub Hrozek wrote:
On Thu, Nov 05, 2015 at 05:29:25PM +0100, Petr Cech wrote:
>On 11/04/2015 11:11 AM, Jakub Hrozek wrote:
> >Hi,
> >
> >Sorry it took so long to get back to the review. I only have some minor
> >comments, see inline..
> >
> >Because the group patches
On (10/11/15 08:59), Lukas Slebodnik wrote:
>On (09/11/15 15:33), Jakub Hrozek wrote:
>>On Mon, Nov 09, 2015 at 10:44:49AM +0100, Lukas Slebodnik wrote:
>>> Obvious ACK
>>
>>While reviewing your patches, I found one more place I forgot to fix,
>>see the attached patch.
>
>>From
ehlo,
debian has pach which removes syslog.target from service.file
http://anonscm.debian.org/cgit/pkg-sssd/sssd.git/tree/debian/patches/fix-obsolete-target.diff
and this target is not available on el7.1with quite old systemd.
I had a small discussion with systemd guys and we can drop
it without
On (09/11/15 20:53), Jakub Hrozek wrote:
>On Mon, Nov 09, 2015 at 06:35:05PM +0100, Lukas Slebodnik wrote:
>> BTW which version do you prefer?
>> a) signl
>> b) sig
>> c) a_signal
>
>I don't care :) Feel free to use a_signal since it came first.
Updated patches are attached.
LS
>From
ehlo,
another warning on rhel6.
BTW different solution would be to cast to void.
LS
>From 2516dadde6940fe8cd7bf0ad769f81bbf2c23b7e Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik
Date: Tue, 10 Nov 2015 07:41:10 +
Subject: [PATCH 1/2] FAIL_OVER: Fix warning value
On 11/09/2015 07:17 PM, Stephen Gallagher wrote:
There are problems inherent with passing the PID to the child process.
There's no guarantee that the process still exists. In the worst-case,
the PID could actually be reassigned to a new process and the output
you got back from something like
ehlo,
and the last one patch to fix warnings on el6
LS
>From 84e149ddba1cebfbc37bf7b6d3769f9851bce446 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik
Date: Tue, 10 Nov 2015 07:42:59 +
Subject: [PATCH 2/2] DP_PTASK: Fix warning may be used uninitialized
MIME-Version: 1.0
ehlo,
The function gettext was not detected properly with strict
cflags even thought it was part of glibc.
sh$ CFLAGS="-Werror" ./configure
sh$ grep gt_cv_func_gnugettext config.log
gt_cv_func_gnugettext1_libc=no
gt_cv_func_gnugettext1_libintl=no
sh$ objdump -T /lib64/libc.so.6 | grep gettext
Hi,
this patch switches on the Online Certificate Status Protocol (OCSP)
checks while validation the certificate. This is done by calling
CERT_EnableOCSPChecking() before doing the validation. The main part of
the patch makes this configurable.
Since I expect that certificate validation will
Hi,
currently the p11_child does not continue to search for more
certificates if the first suitable certificate cannot be verified. With
this patch p11_child will continue until a valid certificate is found
(or all are checked).
As said before I'm working on improving the handling of the
Hi,
this patch is the equivalent of 374268c5eda35e8bbc2fef30752299199439cffe
"fix upn cache_req for sub-domain users" for lookups by certificates.
bye,
Sumit
From 78ac47bfdbb9c91dddefb4de06dcdf41e7035c6a Mon Sep 17 00:00:00 2001
From: Sumit Bose
Date: Mon, 12 Oct 2015 13:00:28
On Mon, Nov 09, 2015 at 11:32:30AM +0100, Petr Cech wrote:
> On 11/04/2015 11:24 AM, Jakub Hrozek wrote:
> >Hi,
> >
> >I created this patch to try to diagnose an issue where sssd would
> >randomly restart on any of machines in a VM cluster without giving too
> >much advise why. I think it might be
On (10/11/15 11:36), Sumit Bose wrote:
>Hi,
>
>this patch switches on the Online Certificate Status Protocol (OCSP)
>checks while validation the certificate. This is done by calling
>CERT_EnableOCSPChecking() before doing the validation. The main part of
>the patch makes this configurable.
>
Hi,
this patch removes the requirement to install p11_child with SETUID or
SETGID bit set. The needed privileges can be tuned with the help of
policy-kit so p11_child can either run as root or as SSSD user depending
on the SSSD configuration without the need to gain extra user or group
This gets rid of confusing debug message:
[be_client_destructor] (0x0020): Unknown client removed ...
From 17b1d8216bab3770c58c79cf51c571cb184e8ab4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?=
Date: Tue, 10 Nov 2015 11:47:30 +0100
Subject: [PATCH] BE: Add
On (11/11/15 07:58), Petr Cech wrote:
>On 11/09/2015 08:06 AM, Lukas Slebodnik wrote:
>>ehlo,
>>
>>You can see a leak in talloc report.
>>But it was ignored. So we didn't notice it for long time.
>>http://sssd-ci.duckdns.org/logs/job/29/90/rhel7/ci-build-debug/src/tests/cwrap/become_user-tests.log
On 11/11/2015 08:04 AM, Lukas Slebodnik wrote:
On (11/11/15 07:58), Petr Cech wrote:
>On 11/09/2015 08:06 AM, Lukas Slebodnik wrote:
>>ehlo,
>>
>>You can see a leak in talloc report.
>>But it was ignored. So we didn't notice it for long time.
On (11/11/15 07:37), Petr Cech wrote:
>On 11/09/2015 07:44 AM, Lukas Slebodnik wrote:
>>ehlo,
>>
>>simple patch is attached.
>>
>>LS
>>
>>
>>0001-AD-Remove-unused-memory-context-from-ad_user_conn_li.patch
>>
>>
>> From cec2a8d6e72324d6a80a1df832230567f8b4c819 Mon Sep 17 00:00:00 2001
>>From: Lukas
On (10/11/15 09:00), Lukas Slebodnik wrote:
>On (10/11/15 08:59), Lukas Slebodnik wrote:
>>On (09/11/15 15:33), Jakub Hrozek wrote:
>>>On Mon, Nov 09, 2015 at 10:44:49AM +0100, Lukas Slebodnik wrote:
Obvious ACK
>>>
>>>While reviewing your patches, I found one more place I forgot to fix,
On 11/09/2015 08:06 AM, Lukas Slebodnik wrote:
ehlo,
You can see a leak in talloc report.
But it was ignored. So we didn't notice it for long time.
http://sssd-ci.duckdns.org/logs/job/29/90/rhel7/ci-build-debug/src/tests/cwrap/become_user-tests.log
The first patch fixes the leak and the last
On Tue, Nov 10, 2015 at 02:39:03PM +0100, Jakub Hrozek wrote:
> On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
> > ehlo,
> >
> > another warning on rhel6.
>
> ACK
* master: acd615cffd144b69e2558a0fc45c6966423f2d02
___
sssd-devel
On Tue, Nov 10, 2015 at 03:06:22PM +0100, Jakub Hrozek wrote:
> On Tue, Nov 10, 2015 at 09:03:55AM +0100, Lukas Slebodnik wrote:
> > On (09/11/15 20:53), Jakub Hrozek wrote:
> > >On Mon, Nov 09, 2015 at 06:35:05PM +0100, Lukas Slebodnik wrote:
> > >> BTW which version do you prefer?
> > >> a)
On (10/11/15 14:55), Pavel Reichl wrote:
>
>
>On 11/10/2015 02:39 PM, Jakub Hrozek wrote:
>>On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
>>>ehlo,
>>>
>>>another warning on rhel6.
>>
>>ACK
>>
>>>
>>>BTW different solution would be to cast to void.
>>
>>I prefer this solution
>
On Tue, Nov 10, 2015 at 02:55:43PM +0100, Pavel Reichl wrote:
>
>
> On 11/10/2015 02:39 PM, Jakub Hrozek wrote:
> >On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
> >>ehlo,
> >>
> >>another warning on rhel6.
> >
> >ACK
> >
> >>
> >>BTW different solution would be to cast to
On Tue, Nov 10, 2015 at 09:03:55AM +0100, Lukas Slebodnik wrote:
> On (09/11/15 20:53), Jakub Hrozek wrote:
> >On Mon, Nov 09, 2015 at 06:35:05PM +0100, Lukas Slebodnik wrote:
> >> BTW which version do you prefer?
> >> a) signl
> >> b) sig
> >> c) a_signal
> >
> >I don't care :) Feel free to use
On 11/10/2015 03:05 PM, Jakub Hrozek wrote:
On Tue, Nov 10, 2015 at 02:55:43PM +0100, Pavel Reichl wrote:
On 11/10/2015 02:39 PM, Jakub Hrozek wrote:
On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
ehlo,
another warning on rhel6.
ACK
BTW different solution would be
On 11/10/2015 02:39 PM, Jakub Hrozek wrote:
On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
ehlo,
another warning on rhel6.
ACK
BTW different solution would be to cast to void.
I prefer this solution
Why? I think that changing value of input parameter is generally a
On Tue, Nov 10, 2015 at 09:11:25AM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> another warning on rhel6.
ACK
>
> BTW different solution would be to cast to void.
I prefer this solution
CI: http://sssd-ci.duckdns.org/logs/job/32/38/summary.html
(Fedora-20 failure is unrelated)
On (10/11/15 12:10), Pavel Březina wrote:
>This gets rid of confusing debug message:
>[be_client_destructor] (0x0020): Unknown client removed ...
>From 17b1d8216bab3770c58c79cf51c571cb184e8ab4 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?Pavel=20B=C5=99ezina?=
>Date: Tue, 10
36 matches
Mail list logo