September 2017 - sssd-devel - Fedora Mailing-Lists

[sssd PR#237][opened] providers: Move hostid from ipa to sdap

by hvenev

URL: https://github.com/SSSD/sssd/pull/237 Author: hvenev Title: #237: providers: Move hostid from ipa to sdap Action: opened PR body: """ This just makes sss_ssh_knownhostsproxy work. There is no support for hostgroups (although hostgroups in `ipa` should continue working). I've been using this for a few days with the `ldap` and `krb5` providers and I haven't noticed any regressions. I haven't tested `ipa` and `ad` but all tests seem to pass. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/237/head:pr237 git checkout pr237

6 years, 2 months

6
38
0 / 0

[sssd PR#379][opened] CI: Enable pep8 check

by fidencio

URL: https://github.com/SSSD/sssd/pull/379 Author: fidencio Title: #379: CI: Enable pep8 check Action: opened PR body: """ As said by the commit log, this PR enables pep8 check in our CI. I really would appreciate to hear @lslebodn's feedback on the patch itself, so I can revisit the commit dropped by @jhrozek that fixes all pep8 warnings and have it added to this series. Anyways, the feedback I'm looking for is basically: Is this patch desired? Is this the right approach? If not, what would you suggest? """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/379/head:pr379 git checkout pr379

6 years, 4 months

4
48
0 / 0

[sssd PR#139][opened] Initial revision of sssd pytest framework

by fidencio

URL: https://github.com/SSSD/sssd/pull/139 Author: mrniranjan Title: #139: Initial revision of sssd pytest framework Action: opened PR body: """ sssd-testlib: library containing shared functions to automtate sssd using pytest copr: https://copr.fedorainfracloud.org/coprs/mrniranjan/sssd-testlib/ Signed-off-by: Niranjan M.R <mrniranjan(a)redhat.com> """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/139/head:pr139 git checkout pr139

6 years, 5 months

4
62
0 / 0

[sssd PR#275][opened] Implement access verification by rhost using ldap_access_order rhost option

by akamensky

URL: https://github.com/SSSD/sssd/pull/275 Author: akamensky Title: #275: Implement access verification by rhost using ldap_access_order rhost option Action: opened PR body: """ TL;DR - this is to implement functionality similar to both of `sshd_config:AllowUsers` and of `PAM's own rhost verification`. This was asked in IRC and [mailing list](https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedor... (with little follow up in both). The reasoning behind implementation can be seen in linked mailing list thread. Current PR provides basic functionality of comparing rhost (from pam) with values stored in LDAP. To enable this set `ldap_access_order = rhost` and `ldap_user_authorized_rhost = <ldap_field_name| default: rhost>` in sssd.conf. It _currently*_ provides similar rule evaluation as currently it works for host based authentication. TODO: - [ ] Finalize logic of using DNS/rDNS for rules validation (currently working on basic idea how it should work - any help here?) - [ ] Implement use of DNS/rDNS (with optional switch to enable/disable) - [ ] Documentation - [ ] Test coverage (didn't see test coverage for host auth, so is it needed?) """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/275/head:pr275 git checkout pr275

6 years, 6 months

6
44
0 / 0

[sssd PR#374][opened] IPA: Add threshold for sudo command and command group searches

by justin-stephenson

URL: https://github.com/SSSD/sssd/pull/374 Author: justin-stephenson Title: #374: IPA: Add threshold for sudo command and command group searches Action: opened PR body: """ In large IPA environments where a high number of sudo commands and command groups are used, retrieval of sudo data can lead to SSSD constructing an overly large search filter which is not handled well on the ns-slapd side. This PR implements a threshold by adding the `ipa_sudo_command_threshold` option(defaults to 50) which is used to prevent the large search filter from being created, an idea similar to https://github.com/SSSD/sssd/pull/319 Additionally, a commit was added to rename the **sudo_threshold** option to **sudo_rules_threshold**. This can be dropped if it seems unnecessary but I thought I would add it. This can be reproduced by adding more sudo commands/command groups than the defined `ipa_sudo_command_threshold` in sssd.conf and checking the search filter used in the domain log or dirsrv access logs. If the threshold is not exceeded, the searches will still include the sudo command groups and command groups in the search filter. I tested this on both the IPA server and IPA client by verifying sudo commands work as expected when the threshold is exceeded for IPA and AD trust users, and `sudo -l` command is the same as before the patch. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/374/head:pr374 git checkout pr374

6 years, 6 months

6
25
0 / 0

[sssd PR#373][opened] intg: Add sanity tests for pysss_nss_idmap

by lslebodn

URL: https://github.com/SSSD/sssd/pull/373 Author: lslebodn Title: #373: intg: Add sanity tests for pysss_nss_idmap Action: opened PR body: """ Such simple test takes just 10 seconds and covers following regressions. https://pagure.io/SSSD/sssd/issue/3283 https://pagure.io/SSSD/sssd/issue/3284 https://pagure.io/SSSD/sssd/issue/3485 https://pagure.io/SSSD/sssd/issue/3491 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/373/head:pr373 git checkout pr373

6 years, 6 months

4
43
0 / 0

[sssd PR#375][opened] sssd-1.13 Backported patches for ticket 3505

by lslebodn

URL: https://github.com/SSSD/sssd/pull/375 Author: lslebodn Title: #375: sssd-1.13 Backported patches for ticket 3505 Action: opened PR body: """ I would appreciate testing with latest 1.13 branch because it was already reviewed as part of 1.14.1 release """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/375/head:pr375 git checkout pr375

6 years, 6 months

2
6
0 / 0

[sssd PR#392][opened] GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found

by jhrozek

URL: https://github.com/SSSD/sssd/pull/392 Author: jhrozek Title: #392: GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found Action: opened PR body: """ If a referral returned during AD GPO processing cannot be assigned to a known domain, at the moment SSSD accesses memory that was freed previously with ldap_free_urldesc(). This patch moves the ldap_free_urldesc() call to both the error handler and the success branch after we are done working with the LDAPURLDesc instance. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/392/head:pr392 git checkout pr392

6 years, 6 months

3
20
0 / 0

[sssd PR#260][opened] Update sss_override.c

by amitkumar50

URL: https://github.com/SSSD/sssd/pull/260 Author: amitkumar50 Title: #260: Update sss_override.c Action: opened PR body: """ This is Fix for https://pagure.io/SSSD/sssd/issue/2834 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/260/head:pr260 git checkout pr260

6 years, 6 months

5
19
0 / 0

[sssd PR#218][opened] TEST: Adding paython-requests to dependencies

by celestian

URL: https://github.com/SSSD/sssd/pull/218 Author: celestian Title: #218: TEST: Adding paython-requests to dependencies Action: opened PR body: """ Resolves: https://pagure.io/SSSD/sssd/issue/3353 Note: I am not sure if this is the correct dependency which we were looking for. But it is needed anyway. If we need more don't hesitate to write me. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/218/head:pr218 git checkout pr218

6 years, 6 months

4
25
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel September 2017