sssd-devel March 2017

sssd-devel@lists.fedorahosted.org

13 participants
134 discussions

[sssd PR#146][opened] Avoid running two instances of the same service
by fidencio 02 Mar '17

02 Mar '17

URL: https://github.com/SSSD/sssd/pull/146 Author: fidencio Title: #146: Avoid running two instances of the same service Action: opened PR body: """ Those two patches together are responsible for avoiding running two "instances" of the same service. The commit message of each patch has quite a lot of explanation. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/146/head:pr146 git checkout pr146

4 34

[sssd PR#159][opened] pam: use authtok from PAM stack if available
by sumit-bose 02 Mar '17

02 Mar '17

URL: https://github.com/SSSD/sssd/pull/159 Author: sumit-bose Title: #159: pam: use authtok from PAM stack if available Action: opened PR body: """ With this patch the behavior of pam_sss is slightly changed to be more similar to the behavior of other PAM modules. Currently pam_sss expects that there is a authtok (password) on the PAM stack if the 'use_first_pass' option was used. Without the option pam_sss unconditionally prompts for credentials. With this patch pam_sss will use an authtok from the PAM stack even if 'use_first_pass' is not set but it will assume that it is a password. To return to the previous behavior the new 'prompt_always' can be used. Resolves https://fedorahosted.org/sssd/ticket/2984 Besides the use-case mentioned in the ticket with this change it should be possible to change the default PAM configuration in Fedora and RHEL to allow a fallback to pam_sss if pam_unix fails, so auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass can be changed to auth [sufficient] pam_unix.so nullok try_first_pass 'sufficient' is equivalent to '[success=done new_authtok_reqd=done default=ignore]' so the 'default=die' is remove here and the next PAM modules is called. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/159/head:pr159 git checkout pr159

3 8

[sssd PR#162][opened] cache_req: use own namespace for UPNs
by sumit-bose 02 Mar '17

02 Mar '17

URL: https://github.com/SSSD/sssd/pull/162 Author: sumit-bose Title: #162: cache_req: use own namespace for UPNs Action: opened PR body: """ If the UPN use the same domain name as the configured domain an unsuccessful lookup by name will already create an entry in the negative cache. If the lookup by UPN would use the same namespace the lookup will immediately be finished because there would already be an entry in the negative cache. Resolves https://fedorahosted.org/sssd/ticket/3313 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/162/head:pr162 git checkout pr162

4 10

[sssd PR#143][opened] Explicitly add ordering dependency for the responders' sockets
by fidencio 01 Mar '17

01 Mar '17

URL: https://github.com/SSSD/sssd/pull/143 Author: fidencio Title: #143: Explicitly add ordering dependency for the responders' sockets Action: opened PR body: """ This patch set is intended to solve https://fedorahosted.org/sssd/ticket/3298 and more details can be find in the commit messages. **SYSTEMD: Add "After=sssd.service" to the responders' sockets units** is the patch that actually solves the problem. **SYSTEMD: Add "WantedBy=sockets.target" to the responders' sockets units** is a desirable patch that slipped off during the development of the series and would be nice to have merged as well. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/143/head:pr143 git checkout pr143

3 24

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel March 2017