[sssd PR#175][opened] Add module for starting services
by lslebodn
URL: https://github.com/SSSD/sssd/pull/175
Author: lslebodn
Title: #175: Add module for starting services
Action: opened
PR body:
"""
This is a WIP version of reducing code duplication in our cwrap integration tests.
I am still not sure whether we should also reuse function `create_sssd_fixture`.
And if yes; then probably in different nodule then `services`
And comments are welcome.
BTW I wrote patches few weeks ago; therefore new tests are not converted.
I am just sending patches to get some feedback.
Site effect of this patches is that tests are cca 20% faster (IIRC)
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/175/head:pr175
git checkout pr175
1 year, 6 months
[sssd PR#132][opened] Add "Wants=" to sssd unit and avoid PAC responder to be always running
by fidencio
URL: https://github.com/SSSD/sssd/pull/132
Author: fidencio
Title: #132: Add "Wants=" to sssd unit and avoid PAC responder to be always running
Action: opened
PR body:
"""
The first patch changes the current logic of having the services' sockets disabled by default as it adds a "Wants=" to the sssd unit file, making all the services' sockets enabled by the moment sssd service is enabled.
The second patch takes advantage of the first patch and avoids running PAC responder in case its socket is active, leaving the service to be socket-activated when needed.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/132/head:pr132
git checkout pr132
3 years, 4 months
[sssd PR#247][opened] Subdomain inherit
by mzidek-rh
URL: https://github.com/SSSD/sssd/pull/247
Author: mzidek-rh
Title: #247: Subdomain inherit
Action: opened
PR body:
"""
I tested if the options that work in subdomain inherit also work in trusted domain section in sssd.conf. Most seem to work without any changes in the code except for two. With these two patches only one that does not work remains (I wanted to send patchset that adds all the options, but I got stuck on the option that sets the ldap principal, so I am sending this in the meantime).
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/247/head:pr247
git checkout pr247
5 years
[sssd PR#128][opened] Fix group renaming issue when "id_provider = ldap" is set
by fidencio
URL: https://github.com/SSSD/sssd/pull/128
Author: fidencio
Title: #128: Fix group renaming issue when "id_provider = ldap" is set
Action: opened
PR body:
"""
Those two patches fix https://bugzilla.redhat.com/show_bug.cgi?id=1401241
The sssd.conf used in order to reproduce this issue looks like:
```
[sssd]
config_file_version = 2
services = nss, pam
domains = ad.fidencio.lan
[nss]
[pam]
[domain/ad.fidencio.lan]
ad_domain = ad.fidencio.lan
krb5_realm = AD.FIDENCIO.LAN
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
ldap_referrals = false
enumerate = false
id_provider = ldap
#id_provider = ad
auth_provider = krb5
chpass_provider = krb5
access_provider = ldap
ldap_sasl_mech = GSSAPI
ldap_schema = ad
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_group_object_class = group
ldap_access_order = expire
ldap_account_expire_policy = ad
ldap_force_upper_case_realm = true
```
The reproducer can be found in the bug report.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/128/head:pr128
git checkout pr128
5 years, 1 month
[sssd PR#237][opened] providers: Move hostid from ipa to sdap
by hvenev
URL: https://github.com/SSSD/sssd/pull/237
Author: hvenev
Title: #237: providers: Move hostid from ipa to sdap
Action: opened
PR body:
"""
This just makes sss_ssh_knownhostsproxy work. There is no support for hostgroups (although hostgroups in `ipa` should continue working).
I've been using this for a few days with the `ldap` and `krb5` providers and I haven't noticed any regressions. I haven't tested `ipa` and `ad` but all tests seem to pass.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/237/head:pr237
git checkout pr237
5 years, 3 months
[sssd PR#50][opened] [RFC] Use GNULIB's compiler warning code
by fidencio
URL: https://github.com/SSSD/sssd/pull/50
Author: fidencio
Title: #50: [RFC] Use GNULIB's compiler warning code
Action: opened
PR body:
"""
This patch series was sent to the sssd-devel and some discussions
already happened there[0]. I've decided to open the PR because there
are some few patches that can be pushed even if we decide to not use
the "many warnings" patches.
Let's keep track of those patches (and discussions related to them) in
the github, in this way we can avoid them to get lost. :-)
[0]: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahoste...
Best Regards,
Changes:
683f72d (Fabiano Fidêncio, 10 weeks ago)
BUILD: Make use of GNULIB's compiler warning code
As GNULIB has the 'manywarnings' module, which basically turns on every GCC
warning, let's make use of it. We can easily blacklist the warnings we
cannot cope with, but the main goal should be to have enabled every
possible GCC warning.
When new GCC warnings are created the 'manywarnings' file can be refreshed
from upstream GNULIB.
Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com>
f59828a (Fabiano Fidêncio, 5 days ago)
NSS: Fix "old-style-definition" warning caught by GCC
Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com>
f22aff7 (Fabiano Fidêncio, 5 days ago)
SIFP: Fix a "jump-misses-init" warning caught by GCC
Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com>
58609d3 (Fabiano Fidêncio, 5 days ago)
RESOLV: Fix a "-Werror=null-dereference" caught by GCC
Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com>
bd1d7fd (Fabiano Fidêncio, 5 days ago)
RESOLV: Simplify reply_weight_rearrange() a little bit
Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/50/head:pr50
git checkout pr50
5 years, 8 months
[sssd PR#225][opened] SECRETS: Apply separate quotas for cn=secrets and cn=kcm
by jhrozek
URL: https://github.com/SSSD/sssd/pull/225
Author: jhrozek
Title: #225: SECRETS: Apply separate quotas for cn=secrets and cn=kcm
Action: opened
PR body:
"""
While testing the KCM responder some more, I realized that we always checked
the (hardcoded, no less) base DN of cn=secrets when checking for
quotas. These patches make the quota check separate for each of the
cn=secrets/cn=kcm hives, add a test and mention in documentation that the
quota from sssd-secrets applies for how many ccaches can be stored.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/225/head:pr225
git checkout pr225
5 years, 9 months
[sssd PR#241][opened] FleetCommander Integration
by fidencio
URL: https://github.com/SSSD/sssd/pull/241
Author: fidencio
Title: #241: FleetCommander Integration
Action: opened
PR body:
"""
This patch series contains:
- some refactoring done on access module (and, consequently, on HBAC) in order to reuse a some code in the session module (an, consequently, on FleetCommander code);
- the new session module that provides the FleetCommander Integration;
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/241/head:pr241
git checkout pr241
5 years, 9 months