[PATCH] Refactor the SELinux processing in the PAM responder a little
by Jakub Hrozek
I tried to move the whole PAM processing from the provider into the
responder but stumbled upon several things that had to be refactored in
order to make the code right. These two patches are a start, the next
phase should be getting rid of the per-request score.
So far these patches are intended for master only and their review has
lower priority than reviewing any of the patches targeted for 1.9 as
well.
[PATCH 1/2] PAM: Split SELinux processing into a separate module
No functional change, the SELinux processing just began to occupy a
substantial part of the PAM code, so it had to be split into its own
file.
[PATCH 2/2] PAM: reuse existing code for reading selinux config
The PAM processing reimplemented splitting on separator for no good
reason. This patch utilizes the existing code to reduce code
duplication.
11 years, 1 month
sysdb mishandles LDAP attrs with binary blob data
by Jan Engelhardt
The problem exists since at least sssd-1.8.5. The patch is against
HEAD and applies there likewise.
===
The following changes since commit ad65d4ef017e87c1be4b1054e1276f5256a77bfc:
subdomains: replace invalid characters with underscore in krb5 mapping file name (2013-02-14 19:33:23 +0100)
are available in the git repository at:
git://git.inai.de/sssd master
for you to fetch changes up to cb4d628317afffdabf6c1cf9a71ef574f6a60896:
sysdb: try dealing with binary-content attributes (2013-02-21 13:12:43 +0100)
----------------------------------------------------------------
Jan Engelhardt (1):
sysdb: try dealing with binary-content attributes
src/db/sysdb.c | 10 ++++++++++
src/db/sysdb.h | 2 ++
src/providers/ldap/sdap_async.c | 4 ++--
3 files changed, 14 insertions(+), 2 deletions(-)
11 years, 1 month
F19 test day
by Jakub Hrozek
Hi,
Here is the schedule of the F19 test days:
https://fedoraproject.org/wiki/QA/Fedora_19_test_days
I wanted to book one after mid-April but seems like the desktop team has
booked the whole April..
Then I'm going to propose we take 2013-04-11. I think we should rather
pick one before the Beta and if some features are not 100% there, then
test them out-of-band. The next vacant one is 2013-05-23 which I think
is too late.
Comments?
11 years, 2 months
Patch for issue 1756
by Milan Cejnar
Dear SSSD Developers,
please review attached patch for issue 1756
Description:
[PATCH] Patch for bug #1756, Append new line to string from poptStrerror()
This patch changes function usage() in tools_util.c which is used by
BAD_POPT_PARAMS macro.
Since BAD_POPT_PARAMS macro is called by multiple functions in multiple
files with both custom messages termited with \n as well as popt messages
which are not terminated by default, this patch offers a correction by
checking the string just after printing out to console and printing out
additional \n if new line wasn't present.
Best wishes
Milan Cejnar
11 years, 2 months
First contribution, bug #1756
by Milan Cejnar
Dear sssd developers,
as part of my university course on open-source I am to try to contribute by
some trivial or minor change to selected open-source project.
I've never done this before but I would like to make some contribution to
sssd project starting with, as I see it, quite trivial bug #1756.
Would it be ok, if I tried to correct this bug? And if I could, how can I
accept the ticket (how can I get assigned to the bug)?
Best Regards,
Milan Cejnar
11 years, 2 months
[PATCH] [RFC] refactor nested group processing
by Pavel Březina
Hi,
I started working on https://fedorahosted.org/sssd/ticket/1784 and I'd
like to get some comments so I know I'm heading the right direction.
*Current state:*
There is one tevent request per a nesting level. The request continues
with many "step" and other-named functions. The path is different for
deref and noderef processing, but the two branches intersect many
times. It uses a lot of recursion. It often translates return codes.
All of this make it hard to understand the process, hard to maintain
and especially it is hard to step out of the process at chosen point.
*New approach:*
There will be several tevent request per nesting level:
main-req (from sdap_nested_group_send)
|
nesting-level-req
/ \
noderef-req deref-req
|
possible-noderef-req
I believe this will give us clean tevent solution.
It is closed API with the following interface:
- sdap_nested_group_send()
- sdap_nested_group_recv()
The code is far from complete, I have finished only the main interface
so far. Otherwise it is just a skeleton. Especially
sdap_nested_group_(deref|single)* functions are just a generated code
so you don't have to bother reading them.
11 years, 2 months
[PATCH] Fix uninitialized time_t var in responder
by Ondrej Kos
Hi,
I noticed this warning while working on an unrelated issue. Patch is
attached.
Ondra
--
Ondrej Kos
Associate Software Engineer
Identity Management
Red Hat Czech
phone: +420-532-294-558
cell: +420-736-417-909
ext: 82-62558
loc: 1013 Brno 1 office
irc: okos @ #brno
11 years, 2 months
