[PATCH] BUILD: Link libsss_krb5_common.so to libkeyutils.so
by Benjamin Franzke
Hi List,
The symbol add_key is used by
src/providers/krb5/krb5_delayed_online_authentication.c
which is part of libsss_krb5_common.so
Fixes following error:
[sssd[be[default]]] [load_backend_module]
(0x0010): Unable to load ad module with path
(/usr/lib64/sssd/libsss_ad.so), error:
/usr/lib64/sssd/libsss_krb5_common.so: undefined symbol: add_key
-lkeyutils was passed to the libraries libsss_{krb5,ipa,ad}.so,
but when compiling with -Wl,--as-needed this flag will be ignored,
since it is not used directly. So it was unavailable to
libsss_krb5_common.so which actually needs it.
This patch removes $(KEYUTILS_LIBS) from those libraries and adds it to
libsss_krb5_common.so
Maybe libsss_krb5_common.so should be added to dlopen-tests?
But then other libraries and functions are needed as well,
which it currently inherits from libsss_{krb5,ipa,ad}.so.
BTW: are these common libraries (i mean ldap too) convenience build
libraries, or to save disk space?
If they're just for convencience maybe they should not be installed?
Regards, Ben
10 years
Design Discussion: D-Bus responder
by Pavel Březina
https://fedorahosted.org/sssd/wiki/DesignDocs/DBusResponder
Hi,
I couldn't find the original thread so I'm starting a new one. I would
like us to agree on best practice of naming methods. The current design
is somewhat inconsistent, since it uses e.g. FindUserByName(name) and
GetDomain(name) for obtaining one object path by name.
I'm proposing the following convention:
* List<class>() returning array of object paths, no arguments
- ListUsers
- ListDomains
* Find<class><condition>(arg1, ...) returning array of object paths
- FindUsersByName(filter)
- FindGroupsByName(filter)
* Get<class><condition>(arg1, ...) returning single object path
- GetUserById(id)
- GetDomainByName(name)
10 years
NSS: disable midpoint refresh for netgroups if ptask refresh is enabled
by Pavel Reichl
Hello,
please see attached patches.
patch #1 - disable midpoint refresh for netgroups if ptask refresh is
enabled
The rest of patches solves some minor problems that occurred while I
was working on 1st patch:
patch #2 - fixes sysdb_getnetgr to return ENOENT as is as is expected in
code
patch #3 - first check return value then access output parameter
patch #4 - some minor code style improvements, some lines over 80
columns, IMO strange indentation of string constants - feel free to
NACK.
Bye,
Pavel Reichl
10 years
[PATCH] DBus: Refactor how requests are handled
by Stef Walter
Here's the next patchset for refactoring the DBus support in sssd.
This patch set reorganizes how handlers handle requests. At center stage
is 'struct sbus_request' which is a talloc context valid for the
duration of the DBus requests.
There are also various sbus_request_xxx_finish() methods which reply to
the caller and cleanup the request.
The next set of patches (after this one) have the support for
automatically invoking type-safe handlers and build off of this
patchset. That said, even on this own, these changes result in lots of
cleanup and some code savings.
Patch 0001 fixes portability bugs.
I've added some test cases for the sbus code that has changed.
However since there are no automatic tests for much of the monitor and
data provider methods, I would recommend lots of smoke testing for these
patches.
If you prefer to access this as a branch, see:
https://github.com/stefwalter/sssd/tree/dbus-request
To see the later work that builds off of this:
https://github.com/stefwalter/sssd/tree/dbus-invoke
Cheers,
Stef
10 years
[PATCH][ding_libs] Add version symbol files
by Lukas Slebodnik
ehlo,
attached patch addresses ticket #2193
I have just a question about refarray/libref_array.sym
There is extern function ref_array_debug, which is not defined
in public header file (not exposed in public API), but it is used in ref_array
unit tests. It needs to be in global section because linker with fail to find
symbol. Should I add any comment to the file libref_array.sym or does anyone
better solution?
LS
10 years
Use a shorter retry timeout for failed SRV
by Pavel Reichl
Hello,
please see attached patch.
While testing this patch I have noticed a little asymmetry:
While SSSD being offline I added SRV record so resolving could success:
Call of 'getent passwd user@ad-domain ' results in 'Cannot proceed,
provider is offline'.
but calling 'getent passwd user' will try to resolve services and ends
up online (then previous call will obviously succeed too).
Pavel Reichl
10 years
[PATCH] LDAP: Setup periodic task only once.
by Lukas Slebodnik
ehlo,
If id provider is {ipa, ad} periodic task will be stared in sssm_{ipa,ad}_init
If you enable enumeration and use different providers for id and sudo(autofs)
then another periodic task will be scheduled.
This can cause weird behaviour (e.g. missing members of group)
I provided test package to reporter of bug #2153 with attached patch
(actually it was patch for 1.9 branch). I was not able to reproduce problem
with missing groups. Thus I was wainting for response from customer.
But it will be better to do a (pre-)review of patch.
I am also attaching part of log file. You can notice Two enumerations are
started. There is difference only few milliseconds.
LS
10 years
handling NULL params in sss_parse_name
by Pavel Reichl
Hello,
sss_parse_name currently SIGSEGVs if any of output parameters (domain,
name) is a NULL. I think it may be useful to support passing NULL
arguments as not always both pieces of information are needed.
Please see attached patch.
PR
10 years, 1 month
Cmocka-unit-test-for-functions-getpwuid-added
by Pallavi Jha
Hi,
Attached is a patch with the additional test functions for getpwuid*
functions. I think I did not get the flow of the data in program properly.
That is why getting similar errors.
Please have a look into the patch and let me know how to improve upon it.
Thanks!
Pallavi
10 years, 1 month