August 2014 - sssd-devel - Fedora Mailing-Lists

[PATCH] BE: Handle SIGUSR2

by Jakub Hrozek

Hi, attached is a small patch for an issue I found while working on the non-root SSSD.

9 years, 8 months

3
5
0 / 0

[PATCH] Make the replace-space functionality usable for other responders

by Jakub Hrozek

Hi, the attached patches change the replace-space-in-name functionality after discussion on the list. In short: - only space can be substituted - for only one character, not a string - the option is now set in the [sssd] section because it works for any responder For more details, please see the attached patches.

9 years, 8 months

4
11
0 / 0

[PATCH] AD: support gpo processing in offline mode

by Yassir Elley

Hi, The attached patch adds support for gpo processing in offline mode. While the code for online mode uses LDAP to determine which gpo-guids are applicable (and then uses SMB to retrieve policy files), the code in offline mode simply retrieves all gpo-guids from the cache (and then retrieves locally cached per-gpo-guid policy files). Note that neither version checking nor the ad_gpo_cache_timeout option are relevant when in offline mode. Unresolved issues * if there are no gpo-guids in the cache, the code currently denies access; i suspect we should be allowing access instead; agree? * i don't think offline callbacks are needed, but i'm unclear about whether online callbacks are needed; i suspect they are not needed for the access provider (b/c I don't see them being used by the ad_access_filter code); should we trigger a fresh round of gpo processing when transitioning from offline to online? Regards, Yassir.

9 years, 8 months

2
4
0 / 0

[PATCH] NSS: Ignore default_domain for netgroups

by Jakub Hrozek

Hi, I think we shouldn't honor the default_domain_suffix for netgroup lookups at all. The main use case for the option is to avoid entering the domain for users from AD trusts, where you don't have netgroups on the AD side. Moreover, netgroups don't play well eith fully qualified lookups either way (see commit 1933ff17513da1d979dd22776a03478341ef5e6b). Using default_domain_suffix for netgroups is actually harmful, because hostgroups defined on an IPA server are translated into netgroups, so honoring the suffix breaks sudo rules in the trust case. As a side-effect, this patch should fix https://fedorahosted.org/sssd/ticket/2400

9 years, 8 months

2
2
0 / 0

[PATCH] MAN: offline_timeout

by Michal Židek

https://fedorahosted.org/sssd/ticket/2401 Patch is attached. Added Stephen to CC as this is man page change and requires native speaker's eye. Michal

9 years, 8 months

3
8
0 / 0

[PATCH] TESTS: Check if option maps have the right number of members

by Jakub Hrozek

Hi, in order to prevent mistakes like the sudo options misalignment, I wrote a unit test that fails of the last entry in the list is not a sentinel.

9 years, 8 months

2
2
0 / 0

[PATCH] Two minor patches for tokenGroups nested group processing

by Jakub Hrozek

Hi, the attached two patches are not strictly related to tokenGroups processing, but it's very easy to reproduce the problem that way. The issue is only confusing DEBUG messages, but it has already cost me several hours in processing logs from an SSSD user, so I think a fix is due, at least for master. See the patches and the commit messages for more details.

9 years, 8 months

3
10
0 / 0

[PATCH] ad initgroups: continue if resolved SID is still missing

by Pavel Březina

https://fedorahosted.org/sssd/ticket/2389

9 years, 8 months

2
2
0 / 0

[PATCH] RPM: Restart service in %posttrans, not %post

by Jakub Hrozek

Hi, see the attached patch. To the best of my knowledge, the bug only affects old, sysv-based distributions, not systemd based ones.

9 years, 8 months

2
2
0 / 0

[PATCH] SUDO: LDAP provider doesn't asks for 'EntryUSN' attr

by Michal Šrubař

Hi, ldap provider doesn't asks for EntryUSN attr when it downloads sudo rules. It's because the attribute is missing in sudorule_map. This bug was created when the support of 'sudoRunAs' attr was added.

9 years, 8 months

3
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel August 2014