389-devel October 2016

389-devel@lists.fedoraproject.org

10 participants
46 discussions

Build failed in Jenkins: 389-ds-base #1087
by jenkins＠fedoraproject.org 06 Oct '16

06 Oct '16

See <http://jenkins.fedorainfracloud.org/job/389-ds-base/1087/changes> Changes: [William Brown] Ticket 48996 - update DS for ns 0.2.0 ------------------------------------------ Started by an SCM change Building remotely on F23 (fedora Fedora23 Fedora fedora23) in workspace <http://jenkins.fedorainfracloud.org/job/389-ds-base/ws/> Wiping out workspace first. Cloning the remote Git repository Cloning repository git://git.fedorahosted.org/git/389/ds.git > git init <http://jenkins.fedorainfracloud.org/job/389-ds-base/ws/> # timeout=10 Fetching upstream changes from git://git.fedorahosted.org/git/389/ds.git > git --version # timeout=10 > git -c core.askpass=true fetch --tags --progress git://git.fedorahosted.org/git/389/ds.git +refs/heads/*:refs/remotes/origin/* > git config remote.origin.url git://git.fedorahosted.org/git/389/ds.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url git://git.fedorahosted.org/git/389/ds.git # timeout=10 Fetching upstream changes from git://git.fedorahosted.org/git/389/ds.git > git -c core.askpass=true fetch --tags --progress git://git.fedorahosted.org/git/389/ds.git +refs/heads/*:refs/remotes/origin/* > git rev-parse origin/master^{commit} # timeout=10 Checking out Revision ff9dafa5ca40e225e240597a5d5c52f0e6c7c677 (origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f ff9dafa5ca40e225e240597a5d5c52f0e6c7c677 > git rev-list 617b64faad36e9dedf13a5bef6748e602f82c4c2 # timeout=10 [389-ds-base] $ /bin/sh -e /tmp/hudson3331412956404975727.sh Running configure... CFLAGS= -Wall CXXFLAGS= -Wall ./configure --with-tmpfiles-d=/etc/tmpfiles.d --with-openldap --enable-autobind --enable-gcc-security --with-selinux --with-systemdsystemunitdir=/lib/systemd/system --with-systemdsystemconfdir=/etc/systemd/system --enable-debug Build log is http://jenkins.fedorainfracloud.org/job/389-ds-base/ws/build.1087.txt Running make... Build log is http://jenkins.fedorainfracloud.org/job/389-ds-base/ws/build.1087.txt Checking for warnings... Build http://jenkins.fedorainfracloud.org/job/389-ds-base/1087/ failed There are build warnings Warning log is http://jenkins.fedorainfracloud.org/job/389-ds-base/ws/build-warns.1087.txt Last 100 lines of warning log: ------------------------------------------------------------ ldap/servers/slapd/connection.c:171:6: warning: variable ‘enable_listeners’ set but not used [-Wunused-but-set-variable] ------------------------------------------------------------ Build step 'Execute shell' marked build as failure

2 2

please review: Ticket 48926 - ds-console - fix issues with the save/reset button behavior in the password policy/account lockout panels
by Mark Reynolds 05 Oct '16

05 Oct '16

https://fedorahosted.org/389/ticket/48926 https://fedorahosted.org/389/attachment/ticket/48926/0001-Ticket-48926-Fixe…

1 0

Nunc-stans: Please review docs and patch 65
by William Brown 05 Oct '16

05 Oct '16

https://fedorahosted.org/nunc-stans/ticket/65 https://fedorahosted.org/nunc-stans/attachment/ticket/65/0001-Ticket-65-fix… -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

1 0

Close of 48241, let's not support bad crypto
by William Brown 04 Oct '16

04 Oct '16

Hi, I want to close #48241 [0] as "wontfix". I do not believe that it's appropriate to provide SHA3 as a password hashing algorithm. The SHA3 algorithm is designed to be fast, and cryptographically secure. It's target usage is for signatures and verification of these in a rapid manner. The fact that this algorithm is fast, and could be implemented in hardware is the reason it's not appropriate for password hashing. Passwords should be hashed with a slow algorithm, and in the future, an algorithm that is CPU and memory hard. This means that in the (hopefully unlikely) case of password hash leak or dump from ldap that the attacker must spend a huge amount of resources to brute force or attack any password that we are storing in the system. As a result, I would like to make this ticket "wontfix" with an explanation of why. I think it's better for us to pursue #397 [1]. PBKDF2 is a CPU hard algorithm, and scrypt is both CPU and Memory hard. These are the direction we should be going (asap). Thanks, [0] https://fedorahosted.org/389/ticket/48241 [1] https://fedorahosted.org/389/ticket/397 -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

2 4

Review reminder: various ns / ds tickets
by William Brown 04 Oct '16

04 Oct '16

Hi, Sorry to be a pain about this: I need to commit these tickets "as a batch" to make sure that master of both projects works and builds. Can I please ask for review on: https://fedorahosted.org/nunc-stans/ticket/55 https://fedorahosted.org/nunc-stans/ticket/63 https://fedorahosted.org/nunc-stans/ticket/64 The associated DS component for this is: https://fedorahosted.org/389/ticket/48996 Which Noriko is in the process of reviewing. Thanks! -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

1 0

Please review: Ticket #47911 - Move dirsrv-snmp.service to 389-ds-base-snmp subpackage
by Viktor Ashirov 03 Oct '16

03 Oct '16

https://fedorahosted.org/389/ticket/47911 https://fedorahosted.org/389/attachment/ticket/47911/0001-Ticket-47911-Move… Thanks! -- Viktor

1 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-devel October 2016