[sssd PR#225][opened] SECRETS: Apply separate quotas for cn=secrets and cn=kcm
by jhrozek
URL: https://github.com/SSSD/sssd/pull/225
Author: jhrozek
Title: #225: SECRETS: Apply separate quotas for cn=secrets and cn=kcm
Action: opened
PR body:
"""
While testing the KCM responder some more, I realized that we always checked
the (hardcoded, no less) base DN of cn=secrets when checking for
quotas. These patches make the quota check separate for each of the
cn=secrets/cn=kcm hives, add a test and mention in documentation that the
quota from sssd-secrets applies for how many ccaches can be stored.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/225/head:pr225
git checkout pr225
6 years, 7 months
[sssd PR#241][opened] FleetCommander Integration
by fidencio
URL: https://github.com/SSSD/sssd/pull/241
Author: fidencio
Title: #241: FleetCommander Integration
Action: opened
PR body:
"""
This patch series contains:
- some refactoring done on access module (and, consequently, on HBAC) in order to reuse a some code in the session module (an, consequently, on FleetCommander code);
- the new session module that provides the FleetCommander Integration;
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/241/head:pr241
git checkout pr241
6 years, 7 months
[sssd PR#211][opened] IFP: Fix of limit = 0 (unlimited result)
by celestian
URL: https://github.com/SSSD/sssd/pull/211
Author: celestian
Title: #211: IFP: Fix of limit = 0 (unlimited result)
Action: opened
PR body:
"""
If we set limit to 0 it means that result is unlimited. Internally we
restrict number of result by allocation of result array.
In unlimited case there was a bug and zero array was allocated.
This fix allocates neccessary array when we know real result size.
Resolves:
https://pagure.io/SSSD/sssd/issue/3306
How to test (this reproducer needs #208 "IFP: Filter with * in Users.ListByName method" applied)
```
systemctl daemon-reload
sudo su -c "truncate -s0 /var/log/sssd/*.log"
sudo su -c "rm -f /var/lib/sss/db/*"
sudo su -c "rm -f /var/lib/sss/mc/*"
sudo systemctl restart sssd.service
sudo su -c "truncate -s0 /var/log/sssd/*.log"
dbus-send --system --print-reply --dest=org.freedesktop.sssd.infopipe \
/org/freedesktop/sssd/infopipe/Users \
org.freedesktop.sssd.infopipe.Users.ListByName \
string:"*" uint32:"0"
dbus-send --system --print-reply --dest=org.freedesktop.sssd.infopipe \
/org/freedesktop/sssd/infopipe/Groups \
org.freedesktop.sssd.infopipe.Groups.ListByName \
string:"*" uint32:"100"
dbus-send --system --print-reply --dest=org.freedesktop.sssd.infopipe \
/org/freedesktop/sssd/infopipe/Users \
org.freedesktop.sssd.infopipe.Users.ListByDomainAndName \
string:"domain.cygnus" string:"*" uint32:"100"
```
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/211/head:pr211
git checkout pr211
6 years, 7 months
[sssd PR#202][opened] T3315 infopipe group users master
by celestian
URL: https://github.com/SSSD/sssd/pull/202
Author: celestian
Title: #202: T3315 infopipe group users master
Action: opened
PR body:
"""
Reproducer is:
```
# PREPARING
ipa user-add --first=Test --last=User --email=u1(a)test-domain.sssd test_user
ipa group-add test_group
# REPRODUCER
systemctl daemon-reload
sudo su -c "truncate -s0 /var/log/sssd/*.log"
sudo su -c "rm -f /var/lib/sss/db/*"
sudo su -c "rm -f /var/lib/sss/mc/*"
sudo systemctl restart sssd.service
ipa group-add-member --users=test_user test_group
sss_cache -UG
getent group test_group
# getent show user test_user in test_group, but dbus call doesn't:
dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe \
/org/freedesktop/sssd/infopipe/Groups \
org.freedesktop.sssd.infopipe.Groups.FindByName \
string:test_group
# command above returns <RESULT_OBJECT>
# We need to update group in cache because method "org.freedesktop.DBus.Properties.GetAll"
# doesn't update records (<-- this should be better commented)
dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe \
<RESULT_OBJECT> \
org.freedesktop.sssd.infopipe.Groups.Group.UpdateMemberList
# --> this call doesn't work without patch "IFP: Parse ghost name in Group.UpdateMemberList"
# after this call group is updated in cache and we can call:
dbus-send --system --print-reply --dest=org.freedesktop.sssd.infopipe \
<RESULT_OBJECT> \
org.freedesktop.DBus.Properties.GetAll \
string:"org.freedesktop.sssd.infopipe.Groups.Group"
# We expect test_user in result users array.
# CLEANING
ipa group-del test_group
ipa user-del test_user
```
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/202/head:pr202
git checkout pr202
6 years, 8 months