July 2020 - sssd-devel - Fedora Mailing-Lists

[sssd PR#5248][opened] Enable exclude functionality in sssd session recording configuration

by justin-stephenson

URL: https://github.com/SSSD/sssd/pull/5248 Author: justin-stephenson Title: #5248: Enable exclude functionality in sssd session recording configuration Action: opened PR body: """ This is a fix for https://github.com/SSSD/sssd/issues/5089 This PR adds support for two new options in the sssd session recording configuration, to be applied only when `scope=all` is set: * **exclude_users** * **exclude_groups** I separated out each commit logically, to hopefully make the review easier but I am happy to squash any commits together as needed. I updated the relevant codepaths based on my review of https://github.com/SSSD/sssd/pull/136 so please let me know if I missed anything. With this PR, responders will read the sessionRecording attribute when `scope=all` or `scope-some` to determine if recording should be enabled. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5248/head:pr5248 git checkout pr5248

3 years, 8 months

2
12
0 / 0

[sssd PR#837][opened] p11_child: make OCSP digest configurable

by sumit-bose

URL: https://github.com/SSSD/sssd/pull/837 Author: sumit-bose Title: #837: p11_child: make OCSP digest configurable Action: opened PR body: """ Currently sha1 is used to create the certid for an OCSP request. Since sha1 is not recommend for new applications anymore and not FIPS compliant this patch changes the default to sha256 and makes the digest function configurable as well. Related to https://pagure.io/SSSD/sssd/issue/4032 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/837/head:pr837 git checkout pr837

3 years, 8 months

6
36
0 / 0

[PATCHES] Fix compilation with check 0.15.1

by Lukas Slebodnik

ehlo, new version introduced checking format string and thus it is not possible to use fail_if/fail_unless without msg parameter. PTAL LS

3 years, 8 months

3
3
0 / 0

[sssd PR#578][opened] proxy: proxy_child hardening

by amitkumar50

URL: https://github.com/SSSD/sssd/pull/578 Author: amitkumar50 Title: #578: proxy: proxy_child hardening Action: opened PR body: """ proxy_child will call chdir("/"), umask(022) and reset the environment with clearenv(). The --domain argument to be sanitized. Resolves: https://pagure.io/SSSD/sssd/issue/2689 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/578/head:pr578 git checkout pr578

3 years, 8 months

5
14
0 / 0

[PATCH] DEBUG-TESTS: Fix warnings format not a string literal and no format arguments

by Lukas Slebodnik

ehlo, it's related to new version of lib check and format string checking PTAL LS

3 years, 9 months

2
1
0 / 0

[SSSD-users] Announcing SSSD 2.3.1

by Pavel Březina

# SSSD 2.3.1 The SSSD team is proud to announce the release of version 2.3.1 of the System Security Services Daemon. The tarball can be downloaded from: https://github.com/SSSD/sssd/releases/tag/sssd-2_3_1 See the full release notes at: https://sssd.io/docs/users/relnotes/notes_2_3_1 RPM packages will be made available for Fedora shortly. ## Feedback Please provide comments, bugs and other feedback via the sssd-devel or sssd-users mailing lists: https://lists.fedorahosted.org/mailman/listinfo/sssd-devel https://lists.fedorahosted.org/mailman/listinfo/sssd-users ## Highlights ### New features - Domains can be now explicitly enabled or disabled using `enable` option in domain section. This can be especially used in configuration snippets. - New configuration options `memcache_size_passwd`, `memcache_size_group`, `memcache_size_initgroups` that can be used to control memory cache size. ### Notable bug fixes - Fixed several regressions in GPO processing introduced in sssd-2.3.0 - Fixed regression in PAM responder: failures in cache only lookups are no longer considered fatal - Fixed regression in proxy provider: `pwfield=x` is now default value only for `sssd-shadowutils` target ### Packaging changes - `libwbclient` is now deprecated and is not being built by default (use `--with-libwibclient` to build it) ### Documentation Changes - Added option `memcache_size_passwd` - Added option `memcache_size_group` - Added option `memcache_size_initgroups` - Added option `enable` in domain sections - Minor text improvements

3 years, 9 months

1
0
0 / 0

[sssd PR#5255][opened] Updated translation files: Japanese, Chinese (China), French

by alexey-tikhonov

URL: https://github.com/SSSD/sssd/pull/5255 Author: alexey-tikhonov Title: #5255: Updated translation files: Japanese, Chinese (China), French Action: opened PR body: """ """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5255/head:pr5255 git checkout pr5255

3 years, 9 months

2
4
0 / 0

[sssd PR#1036][+Pushed] certmap: sanitize LDAP search filter

by pbrezina

URL: https://github.com/SSSD/sssd/pull/1036 Title: #1036: certmap: sanitize LDAP search filter Label: +Pushed

3 years, 9 months

1
0
0 / 0

[sssd PR#1036][-Ready to push] certmap: sanitize LDAP search filter

by pbrezina

URL: https://github.com/SSSD/sssd/pull/1036 Title: #1036: certmap: sanitize LDAP search filter Label: -Ready to push

3 years, 9 months

1
0
0 / 0

[sssd PR#1036][-Accepted] certmap: sanitize LDAP search filter

by pbrezina

URL: https://github.com/SSSD/sssd/pull/1036 Title: #1036: certmap: sanitize LDAP search filter Label: -Accepted

3 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel July 2020