sssd-devel May 2017

sssd-devel@lists.fedorahosted.org

9 participants
73 discussions

[sssd PR#136][opened] Tlog integration WIP
by fidencio 27 Jul '17

27 Jul '17

URL: https://github.com/SSSD/sssd/pull/136 Author: spbnick Title: #136: Tlog integration WIP Action: opened PR body: """ @lslebodn, @pbrezina, this is the work-in-progress tlog integration patchset I'd like to work on with you. This is not for merging as it is. We can go over it when we meet :) """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/136/head:pr136 git checkout pr136

5 87

[sssd PR#32][opened] Requesting a pull to SSSD:master from fidencio:wip/#3138
by fidencio 27 Jul '17

27 Jul '17

URL: https://github.com/SSSD/sssd/pull/32 Author: fidencio Title: #32: Requesting a pull to SSSD:master from fidencio:wip/#3138 Action: opened PR body: """ This patch series is intended to solve #3138 by adding a new service that updates the confdb. As part of the series this service is used by secrets service. I only ran CI locally and the two secrets tests have been failing. /o\ Also, I've noticed some weird behavior, where the sssd-update-confdb service starts for apparently no reason, when upgrading fedora packages. Anyways, these pieces of code really need some detailed review as it was the first time I've been "seriously" playing with TEvent requests. So, please, consider it more like an RFC than a well finished and polished code. Best Regards, """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/32/head:pr32 git checkout pr32

3 14

[sssd PR#244][opened] KCM: Modify krb5 snippet file kcm_default_ccache
by lslebodn 25 Jul '17

25 Jul '17

URL: https://github.com/SSSD/sssd/pull/244 Author: lslebodn Title: #244: KCM: Modify krb5 snippet file kcm_default_ccache Action: opened PR body: """ The file kcm_default_ccache must enable KCM ccache by default without any modification of the file. The patch also fixes few issues. * /etc/krb5.conf.d is fedora/el7 specific and therefore should not be created by make. File will be installed to $datadir/sssd-kcm by default * /etc/krb5.conf.d/ should not be owned by sssd-kcm because it is owned by dependency of sssd-kcm (krb5-libs) sh$ rpm -qf /etc/krb5.conf.d/ sssd-kcm-1.15.3-0.20170411.0929.gitdbeae4834.fc26.x86_64 krb5-libs-1.15.1-7.fc26.x86_64 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/244/head:pr244 git checkout pr244

4 27

[sssd PR#181][opened] README.md: Point to our releases on pagure
by jhrozek 19 Jul '17

19 Jul '17

URL: https://github.com/SSSD/sssd/pull/181 Author: jhrozek Title: #181: README.md: Point to our releases on pagure Action: opened PR body: """ Since the README.md is more or less what the wiki front page used to be, it makes sense, especially for Github users, to point to our releases from README.md """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/181/head:pr181 git checkout pr181

3 13

[sssd PR#171][opened] Make our readme.md a bit more user-friendly and add a note about filing bugs
by jhrozek 19 Jul '17

19 Jul '17

URL: https://github.com/SSSD/sssd/pull/171 Author: jhrozek Title: #171: Make our readme.md a bit more user-friendly and add a note about filing bugs Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/171/head:pr171 git checkout pr171

3 14

[sssd PR#265][opened] Test for issue #3391 (sss_override doesn't work with files provider)
by fidencio 18 Jul '17

18 Jul '17

URL: https://github.com/SSSD/sssd/pull/265 Author: fidencio Title: #265: Test for issue #3391 (sss_override doesn't work with files provider) Action: opened PR body: """ This patch includes the test for overriden user using files provider and it's expected to fail till we have a fix for issue #3391. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/265/head:pr265 git checkout pr265

3 11

[sssd PR#289][opened] Check the timestamp cache during the users/groups cleanup
by fidencio 15 Jun '17

15 Jun '17

URL: https://github.com/SSSD/sssd/pull/289 Author: fidencio Title: #289: Check the timestamp cache during the users/groups cleanup Action: opened PR body: """ This patch set basically changes the behaviour of the cleanup_user() and cleanup_groups() functions used by ldap_id_cleanup(). With the current behaviour the searches for the users/groups to be cleaned up are always done in the cache, while the up to date information about their expiration is kept in the timestamp cache. So, in order to fix [3389](https://pagure.io/SSSD/sssd/issue/3369), let's perform the search in the timestamp cache whenever it's possible. I'm really not sure whether the dn_filter I'm building is totally correct, so I'd like to ask whoever review this patchset to take a careful look that the last patch, specially in the cleanup_dn_filter() function. The way I'm testing this issue is: - I have a LDAP server with a few users and have the following options configured on sssd.conf: ``` enumerate = true ldap_enumeration_refresh_timeout = 35 ldap_purge_cache_timeout = 60 entry_cache_timeout = 20 ``` """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/289/head:pr289 git checkout pr289

3 31

[sssd PR#285][opened] SSSCTL: Add primary or subdomain information
by justin-stephenson 08 Jun '17

08 Jun '17

URL: https://github.com/SSSD/sssd/pull/285 Author: justin-stephenson Title: #285: SSSCTL: Add primary or subdomain information Action: opened PR body: """ Add **verbose** option to `sssctl domain-list`, when this option is provided SSSD will print the domain type(primary or subdomain) retrieved from infopipe API, in addition to the domain name. Resolves: https://pagure.io/SSSD/sssd/issue/3065 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/285/head:pr285 git checkout pr285

5 29

[sssd PR#277][opened] CACHE_REQ_SEARCH: Check for filtered users/groups also on cache_req_s…
by fidencio 05 Jun '17

05 Jun '17

URL: https://github.com/SSSD/sssd/pull/277 Author: fidencio Title: #277: CACHE_REQ_SEARCH: Check for filtered users/groups also on cache_req_s… Action: opened PR body: """ …end() cache_req_send() may take some shortcuts in case the object is found in the cache and it's still valid. This behaviour may lead to exposing filtered users and groups when they're searched by their uid/gid. A solution for this issue was proposed on 4ef0b19a but, unfortunately, didn't take into consideration that this shortcut could be taken. There are basically two really easy ways to test this issue: 1) Using enumeration: - Set "enumerate = True" in the domain section - restart SSSD cleaning up the cache; - Wait a little bit till the enumerated users are cached - id <uid of a user who is part of the filter_users> 2) Not using enumeration: - getent passwd <uid of a user who is part of the filter_users> - Wait a little bit till the user is cached - id <same uid used above> Related: https://pagure.io/SSSD/sssd/issue/3362 Signed-off-by: Fabiano Fidêncio <fidencio(a)redhat.com> """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/277/head:pr277 git checkout pr277

3 26

Changes to default ccache in krb5.conf
by Lukas Slebodnik 01 Jun '17

01 Jun '17

ehlo, I had a discussion with QEs and realized that sssd need to be restarted if default_ccache_name is changed in krb5 configuration files. The reason is that we cache the value but do not refresh it. https://pagure.io/SSSD/sssd/blob/master/f/src/providers/krb5/krb5_common.c#… We might changed that using inotify. But we would need to change. I am not sure whether it will be trivail to change because we would need to change cached value in "struct dp_option *opts" for all domains (including subdomains) ATM the safest way is to restart sssd. But do we want to be more flexible here? LS

4 5

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel May 2017