[SSSD] Re: [Freeipa-devel] [RFC] Matching and Mapping Certificates

On 17.10.2016 16:50, Rob Crittenden wrote: Jan Cholasta wrote: Hi, On 13.10.2016 18:52, Sumit Bose wrote: = Issuer specific matching = Although the MIT Kerberos rules allow to select the issuer of a certificate there are use cases where a more specific selection is needed. E.g. if

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist fidencio commented: """ On Mon, Oct 17, 2016 at 11:51 PM, lslebodn wrote: > On (17/10/16 14:43), fidencio wrote: > >On Mon, Oct 17, 2016 at 11:37 PM, lslebodn

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist lslebodn commented: """ On (17/10/16 14:43), fidencio wrote: >On Mon, Oct 17, 2016 at 11:37 PM, lslebodn wrote: > >> On (17/10/16 14:26), fidencio wrote: >> >On Mon,

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist fidencio commented: """ On Mon, Oct 17, 2016 at 11:37 PM, lslebodn wrote: > On (17/10/16 14:26), fidencio wrote: > >On Mon, Oct 17, 2016 at 10:52 PM, lslebodn

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist lslebodn commented: """ On (17/10/16 14:26), fidencio wrote: >On Mon, Oct 17, 2016 at 10:52 PM, lslebodn wrote: > >> On (17/10/16 12:34), fidencio wrote: >> >Please,

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist fidencio commented: """ On Mon, Oct 17, 2016 at 10:52 PM, lslebodn wrote: > On (17/10/16 12:34), fidencio wrote: > >Please, refer to e1a58f3d in the commit message. >

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist lslebodn commented: """ On (17/10/16 12:34), fidencio wrote: >Please, refer to e1a58f3d in the commit message. > Why? The text is more important. Rest is useless. >This is a genuine question

[SSSD] [sssd PR#52][comment] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Title: #52: CI: Remove dlopen-test from valgrind blacklist fidencio commented: """ Please, refer to e1a58f3d in the commit message. This is a genuine question (even in case it's a dumb one), but do we really need to call dlclose() in our tests? Can't

[SSSD] [sssd PR#53][comment] Fixes in the config API related to secrets responder

URL: https://github.com/SSSD/sssd/pull/53 Title: #53: Fixes in the config API related to secrets responder fidencio commented: """ And CI has passed: http://sssd-ci.duckdns.org/logs/job/55/24/summary.html """ See the full comment at https://github.com/SSSD/sssd/pull/53#issuecomment-254306475

[SSSD] [sssd PR#55][comment] TESTS: Fix check for py bindings in dlopen tests

URL: https://github.com/SSSD/sssd/pull/55 Title: #55: TESTS: Fix check for py bindings in dlopen tests lslebodn commented: """ master: * 8a681cc41672afd1532b4a0c7e9da3a4eb2014a7 sssd-1-13: * 977e53a67cab7937f16f393b85e4d1afd478b9f4 LS """ See the full comment at

[SSSD] [sssd PR#55][comment] TESTS: Fix check for py bindings in dlopen tests

URL: https://github.com/SSSD/sssd/pull/55 Title: #55: TESTS: Fix check for py bindings in dlopen tests lslebodn commented: """ ACK http://sssd-ci.duckdns.org/logs/job/55/22/summary.html """ See the full comment at https://github.com/SSSD/sssd/pull/55#issuecomment-254298050

[SSSD] [sssd PR#53][synchronized] Fixes in the config API related to secrets responder

URL: https://github.com/SSSD/sssd/pull/53 Author: fidencio Title: #53: Fixes in the config API related to secrets responder Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/53/head:pr53 git checkout pr53 From

[SSSD] [sssd PR#55][opened] TESTS: Fix check for py bindings in dlopen tests

URL: https://github.com/SSSD/sssd/pull/55 Author: fidencio Title: #55: TESTS: Fix check for py bindings in dlopen tests Action: opened PR body: """ The current code checks only for "HAVE_PYTHON_BINDINGS", which is not even a valid check. Let's do the proper check according to the python

[SSSD] [sssd PR#54][opened] crypto: Port libcrypto code to openssl-1.1

URL: https://github.com/SSSD/sssd/pull/54 Author: lslebodn Title: #54: crypto: Port libcrypto code to openssl-1.1 Action: opened PR body: """ I am not sure whether using EVP_.*_init() is required after calling "constructor" """ To pull the PR as Git branch: git remote add ghsssd

[SSSD] [sssd PR#53][opened] Fixes in the config API related to secrets responder

URL: https://github.com/SSSD/sssd/pull/53 Author: fidencio Title: #53: Fixes in the config API related to secrets responder Action: opened PR body: """ Those fixes were suggested by Lukaš in the following thread:

[SSSD] [sssd PR#52][opened] CI: Remove dlopen-test from valgrind blacklist

URL: https://github.com/SSSD/sssd/pull/52 Author: lslebodn Title: #52: CI: Remove dlopen-test from valgrind blacklist Action: opened PR body: """ Dlopen test was added to blacklist due to following reason: > Disable running dlopen-tests under Valgrind as their use of dlclose > makes Valgrind

[SSSD] [sssd PR#48][comment] sssctl: Flags for commadn initialization

URL: https://github.com/SSSD/sssd/pull/48 Title: #48: sssctl: Flags for commadn initialization jhrozek commented: """ I don't know how to unstuck this PR except providing some ideas * SSS_TOOL_FLAG_NOCONF * SSS_TOOL_FLAG_STATIC * SSS_TOOL_FLAG_CONFPARSE_FALSE """ See the full comment at

[SSSD] Re: [Freeipa-devel] [RFC] Matching and Mapping Certificates

On Thu, 2016-10-13 at 18:52 +0200, Sumit Bose wrote: > Compatibility with Active Directory > Active Directory uses a per-user LDAP attribute > [https://msdn.microsoft.com/en-us/library/cc220106.aspx > altSecurityIdentities] to allow arbitrary user-certificate mappings is there > is no

[SSSD] [sssd PR#51][comment] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning lslebodn commented: """ On (17/10/16 08:20), celestian wrote: >Hi @lslebodn, >I know about another three issues which we should backport to 1.13. >I could prepare patches with ```git cherry-pick -x ```

[SSSD] [sssd PR#51][comment] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning celestian commented: """ Hi @lslebodn, I know about another three issues which we should backport to 1.13. I could prepare patches with ```git cherry-pick -x ``` and create PRs. Is this the right way?

[SSSD] [sssd PR#51][comment] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning celestian commented: """ Hi @lslebodn, I know about another three issues which we should backport to 1.13. I could prepare patches with ```git cherry-pick -x ``` and create PRs. Is this the right way?

[SSSD] Re: [sssd PR#33][synchronized] SECRETS: Some small misc fixes + fixing #3168

On (17/10/16 14:35), Fabiano Fidêncio wrote: >On Mon, Oct 17, 2016 at 11:46 AM, Lukas Slebodnik wrote: >> On (30/09/16 16:55), fidencio wrote: >>> URL: https://github.com/SSSD/sssd/pull/33 >>>Author: fidencio >>> Title: #33: SECRETS: Some small misc fixes + fixing #3168

[SSSD] Re: [sssd PR#33][synchronized] SECRETS: Some small misc fixes + fixing #3168

Lukaš, On Mon, Oct 17, 2016 at 4:59 PM, Lukas Slebodnik wrote: > On (17/10/16 14:35), Fabiano Fidêncio wrote: >>On Mon, Oct 17, 2016 at 11:46 AM, Lukas Slebodnik wrote: >>> On (30/09/16 16:55), fidencio wrote: URL:

[SSSD] Re: [Freeipa-devel] [RFC] Matching and Mapping Certificates

Jan Cholasta wrote: Hi, On 13.10.2016 18:52, Sumit Bose wrote: = Issuer specific matching = Although the MIT Kerberos rules allow to select the issuer of a certificate there are use cases where a more specific selection is needed. E.g. if there are some default matching rules for all

[SSSD] [sssd PR#51][comment] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning lslebodn commented: """ I hit enter too fast. We backport patches in different way. ``` git checkout sssd-1-13 git cherry-pick -x d3f14ed93ef61268d0a68898ed9c44b4f773081c ``` The important the argument

[SSSD] Re: [PATCHES] Fix warnings Wsign-compare

On (29/01/16 09:33), Lukas Slebodnik wrote: >On (28/01/16 21:54), Jakub Hrozek wrote: >>On Tue, Jan 12, 2016 at 03:21:30PM +0100, Lukas Slebodnik wrote: >>> python-3.5 is also in debian-sid and migh be in debian-testing >>> within 10 days. First 3 patches can be reviwed and meanwhile >>> I will

[SSSD] [sssd PR#51][+Rejected] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning Label: +Rejected ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

[SSSD] [sssd PR#51][closed] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Author: celestian Title: #51: TOOL: Fixing of sign-compare warning Action: closed To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/51/head:pr51 git checkout pr51

[SSSD] [sssd PR#51][comment] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Title: #51: TOOL: Fixing of sign-compare warning lslebodn commented: """ I can see that's already fixed in master https://git.fedorahosted.org/cgit/sssd.git/commit/?id=d3f14ed93ef61268d0a68898ed9c44b4f773081c LS """ See the full comment at

[SSSD] [sssd PR#51][opened] TOOL: Fixing of sign-compare warning

URL: https://github.com/SSSD/sssd/pull/51 Author: celestian Title: #51: TOOL: Fixing of sign-compare warning Action: opened PR body: """ Warning was on src/tools/tools_util.c:116. (We have fixed this issue at master.) """ To pull the PR as Git branch: git remote add ghsssd

[SSSD] Re: [sssd PR#33][synchronized] SECRETS: Some small misc fixes + fixing #3168

On Mon, Oct 17, 2016 at 11:46 AM, Lukas Slebodnik wrote: > On (30/09/16 16:55), fidencio wrote: >> URL: https://github.com/SSSD/sssd/pull/33 >>Author: fidencio >> Title: #33: SECRETS: Some small misc fixes + fixing #3168 >>Action: synchronized >> >>To pull the PR as Git

[SSSD] [sssd PR#43][-Changes requested] RESPONDER: Enable sudoRule in case insen. domains​ (1.14)

URL: https://github.com/SSSD/sssd/pull/43 Title: #43: RESPONDER: Enable sudoRule in case insen. domains​ (1.14) Label: -Changes requested ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to

[SSSD] Re: [sssd PR#33][synchronized] SECRETS: Some small misc fixes + fixing #3168

On (30/09/16 16:55), fidencio wrote: > URL: https://github.com/SSSD/sssd/pull/33 >Author: fidencio > Title: #33: SECRETS: Some small misc fixes + fixing #3168 >Action: synchronized > >To pull the PR as Git branch: >git remote add ghsssd https://github.com/SSSD/sssd >git fetch ghsssd

[SSSD] [sssd PR#50][opened] [RFC] Use GNULIB's compiler warning code

URL: https://github.com/SSSD/sssd/pull/50 Author: fidencio Title: #50: [RFC] Use GNULIB's compiler warning code Action: opened PR body: """ This patch series was sent to the sssd-devel and some discussions already happened there[0]. I've decided to open the PR because there are some few

[SSSD] [sssd PR#34][comment] cache_req: move from switch to plugins

URL: https://github.com/SSSD/sssd/pull/34 Title: #34: cache_req: move from switch to plugins pbrezina commented: """ Updated patch pushed. Diff: ```c diff --git a/src/responder/common/cache_req/cache_req_search.c b/src/responder/common/cache_req/cache_req_search.c index 3c11efd..a36a900

[SSSD] Re: [Freeipa-devel] [RFC] Matching and Mapping Certificates

Hi, On 13.10.2016 18:52, Sumit Bose wrote: On Tue, Oct 11, 2016 at 01:37:09PM +0200, Sumit Bose wrote: On Thu, Oct 06, 2016 at 12:49:30PM +0200, Sumit Bose wrote: Hi, I've started to write a SSSD design page about enhancing the current mapping of certificates to users and how to select/match