August 2018 - sssd-devel - Fedora Mailing-Lists

[sssd PR#560][opened] NSS: close files after mmap

by ChrisKowalczyk

URL: https://github.com/SSSD/sssd/pull/560 Author: ChrisKowalczyk Title: #560: NSS: close files after mmap Action: opened PR body: """ The files in MC cache folder were initialized by SSSD on startup, and mapped by using mmap function. due to the fact that they weren't closed afterwards, their File descriptors were still marker alive but marked as 'Deleted'. This was noticed by a customer of SUSE, see more details here: https://bugzilla.suse.com/show_bug.cgi?id=1080156 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/560/head:pr560 git checkout pr560

4 years, 7 months

6
12
0 / 0

[sssd PR#636][opened] failover: tune up default timeouts

by pbrezina

URL: https://github.com/SSSD/sssd/pull/636 Author: pbrezina Title: #636: failover: tune up default timeouts Action: opened PR body: """ Resolves: https://pagure.io/SSSD/sssd/issue/3217 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/636/head:pr636 git checkout pr636

4 years, 9 months

3
22
0 / 0

[sssd PR#541][opened] memberof: keep memberOf attribute for nested member

by pbrezina

URL: https://github.com/SSSD/sssd/pull/541 Author: pbrezina Title: #541: memberof: keep memberOf attribute for nested member Action: opened PR body: """ If we have a member that is both direct and nested member, memberOf attribute was removed if the direct membership was deleted. 1) user ----------> groupB -> groupC -> groupA / 2) user -> groupA -> groupB -> groupC If we remove user->groupB from 1), we get 2) but groupB was still removed from user memberOf attribute. Resolves: https://pagure.io/SSSD/sssd/issue/3636 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/541/head:pr541 git checkout pr541

5 years

3
16
0 / 0

[sssd PR#644][opened] When multiple UIDs exist, use the username provided by the user as the first lookup

by joeFischetti

URL: https://github.com/SSSD/sssd/pull/644 Author: joeFischetti Title: #644: When multiple UIDs exist, use the username provided by the user as the first lookup Action: opened PR body: """ The current state of the code has no way of determining the "correct" UID to use when there are multiple values. If there are multiple values, and the RDN doesn't match, this update checks the UID's returned against the username that was provided by the user at the prompt. If that matches, it's used. If that doesn't match, it falls back to the existing code. Example: My ldap record includes multiple uid values, ["genericemployee1", "itstaff1"] I need access to machines as "itstaff1". "genericemployee1" is used as an identifier in other systems/services. If I log in with "itstaff1" at the prompt, and my ldap lookup with filter (uid=itstaff1) is successful, the array of UID's are checked against "itstaff1" and that's what *_primary is set to. With the current code, if I try to log in with "itstaff1" at the prompt, I'm actually logged into the system as "genericemployee1". Based on the order that the values are returned... some other staff are logged into their "genericemployee" or the "itstaff" accounts. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/644/head:pr644 git checkout pr644

5 years, 5 months

4
17
0 / 0

[sssd PR#413][opened] mmap_cache: add SID and type to struct sss_mc_rec

by sumit-bose

URL: https://github.com/SSSD/sssd/pull/413 Author: sumit-bose Title: #413: mmap_cache: add SID and type to struct sss_mc_rec Action: opened PR body: """ This patchset updates the memory cache by adding some new members to struct sss_mc_rec. One is the addition of a hash value for SID based lookup which will be added in later patches. The other is a new record type and a member indicating the type. The new type is a link record which links an alias name, e.g. an UPN, to the original record of the related user or group object. Besides aliases this link record will be used in case in-sensitive setups. E.g. if getpwnam() returns the name of an AD users as Administrator(a)ad.domain bit some applications or users use administrator(a)ad.domain for lookups the memory cache is currently never used because there is no entry with the hash of 'administrator(a)ad.domain'. With this patch the original data record is created as before with the hash for 'Administrator(a)ad.domain' and a link record is create with the hash of 'administrator(a)ad.domain'. Now both lookups can be handled by the memory cache. If now another application uses ADMINISTRATOR(a)AD.DOMAIN for lookups the first request will go to the NSS responder but upcoming requests can use the memory cache as well because a link record for ADMINISTRATOR(a)AD.DOMAIN is created. The last patch in this series adds some additional data to the user and group lookup requests, the short name, the domain name, the short domain name and the SID. Those are needed to be able to support SID based lookups in the memory cache and allow applications to not depend on the name format returned by getpw{nam|uid}. Upcoming patches for libsss_nss_idmap will make those additional values available to applications I added them already here to keep the memory cache related changes in one PR. Application which will benefit here are the interfaces SSSD provides e.g. to Samba related applications like SSSD's version of libwbclient but also IPA plugins like extdom and slapi-nis. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/413/head:pr413 git checkout pr413

5 years, 6 months

3
5
0 / 0

[sssd PR#642][opened] TESTS: Fixes to test library and add new test case for kcm.

by mrniranjan

URL: https://github.com/SSSD/sssd/pull/642 Author: mrniranjan Title: #642: TESTS: Fixes to test library and add new test case for kcm. Action: opened PR body: """ Fixes related to enabling of ssl in Directory Server Minor fixes on KCM, adding new exceptions Adding a new test case to test ssh login with KCM as default Signed-off-by: Niranjan M.R <mrniranjan(a)redhat.com> """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/642/head:pr642 git checkout pr642

5 years, 7 months

3
11
0 / 0

[sssd PR#639][opened] sbus: fix sbus_message_bound_ref and add unit tests for sbus_message public module

by pbrezina

URL: https://github.com/SSSD/sssd/pull/639 Author: pbrezina Title: #639: sbus: fix sbus_message_bound_ref and add unit tests for sbus_message public module Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/639/head:pr639 git checkout pr639

5 years, 8 months

2
6
0 / 0

Add support for hosts and networks to NSS

by Chris Kowalczyk

Hello All, I was wondering if there are any plans of adding more maps -specifically networks or hosts- to NSS in sssd? As far as I know, it supports already the most important ones, like users, groups etc: https://docs.pagure.org/SSSD.sssd/users/ldap_with_ad.html#etc-nsswitch-conf I have also found later commits for adding netgroups: https://github.com/SSSD/sssd/commit/f128b7b865062da662127712935dcc58bd022384 https://github.com/SSSD/sssd/commit/ef39c0adcb61b16f9edc7beb4cdc8f3b0d5a8f15 But as far as I was able to find out, there was no works for networks or hosts. Is this something we would be interested to have in sssd, or for some reasons we wouldn't care about it? Regards, Chris Kowalczyk

5 years, 8 months

2
4
0 / 0

[sssd PR#643][opened] KCM: Don't error out if creating a new ID as the first step

by jhrozek

URL: https://github.com/SSSD/sssd/pull/643 Author: jhrozek Title: #643: KCM: Don't error out if creating a new ID as the first step Action: opened PR body: """ We need to handle the case where the nextID operation is ran, but the secdb is totally empty, otherwise logins with sssd's krb5_child would fail. Resolves: https://pagure.io/SSSD/sssd/issue/3815 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/643/head:pr643 git checkout pr643

5 years, 8 months

2
6
0 / 0

[sssd PR#641][opened] Minor fixes related to converting of ldap attributes to bytes

by mrniranjan

URL: https://github.com/SSSD/sssd/pull/641 Author: mrniranjan Title: #641: Minor fixes related to converting of ldap attributes to bytes Action: opened PR body: """ Minor fixes related to converting attribute values to bytes in function related to adding posix group Signed-off-by: Niranjan M.R <mrniranjan(a)redhat.com> """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/641/head:pr641 git checkout pr641

5 years, 8 months

4
6
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel August 2018