October 2021 - sssd-devel - Fedora Mailing-Lists

[sssd PR#5674][opened] [WIP] This is just a test

by ikerexxe

URL: https://github.com/SSSD/sssd/pull/5674 Author: ikerexxe Title: #5674: [WIP] This is just a test Action: opened PR body: """ This is just a test for Deepak's latest PR, which fails in CI. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5674/head:pr5674 git checkout pr5674

1 year, 4 months

2
4
0 / 0

[sssd PR#5830][opened] Tests: Port the old ns_account_lock.sh script to pytest

by aborah-sudo

URL: https://github.com/SSSD/sssd/pull/5830 Author: aborah-sudo Title: #5830: Tests: Port the old ns_account_lock.sh script to pytest Action: opened PR body: """ Port the old ns_account_lock.sh script to pytest """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5830/head:pr5830 git checkout pr5830

1 year, 4 months

3
9
0 / 0

[sssd PR#5786][opened] Tests: [SSSD-3579]: Skip test test_0018_bz1734040.

by jakub-vavra-cz

URL: https://github.com/SSSD/sssd/pull/5786 Author: jakub-vavra-cz Title: #5786: Tests: [SSSD-3579]: Skip test test_0018_bz1734040. Action: opened PR body: """ The test does not work even with fixes for RHEL-9, skipping for now so it is not blocking RHEL-9 gating, until proper fix is found. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5786/head:pr5786 git checkout pr5786

1 year, 4 months

2
13
0 / 0

[sssd PR#5845][opened] sss-analyze: Fix self imports

by stanislavlevin

URL: https://github.com/SSSD/sssd/pull/5845 Author: stanislavlevin Title: #5845: sss-analyze: Fix self imports Action: opened PR body: """ - fixed self imports to allow any other Python stuff use `sssd` Python package - `sssd` Python package tranformed from namespace to regular one - moved the executable out to sbin directory to split the library and actual executable (sbin because of only root can read sssd logs) Resolves: https://github.com/SSSD/sssd/issues/5842 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5845/head:pr5845 git checkout pr5845

1 year, 5 months

5
60
0 / 0

[sssd PR#5835][opened] Tests: Add test for bz1636002.

by jakub-vavra-cz

URL: https://github.com/SSSD/sssd/pull/5835 Author: jakub-vavra-cz Title: #5835: Tests: Add test for bz1636002. Action: opened PR body: """ Verifies: SSSD-3347 Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1636002 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5835/head:pr5835 git checkout pr5835

1 year, 5 months

3
30
0 / 0

[sssd PR#5762][opened] krb5: add support for oauth2 challenge (wip)

by pbrezina

URL: https://github.com/SSSD/sssd/pull/5762 Author: pbrezina Title: #5762: krb5: add support for oauth2 challenge (wip) Action: opened PR body: """ This depends on changes in multiple components that are not yet merged, therefore testing is little bit difficult. There will be some final touch in `otp_parse_oauth2_challenge` when we decide on the challenge format but the patches are ready to be reviewed. ## How to test 1. Install IPA server 2. On IPA server: install patched ipa, patched krb5, pyrad and mock-radius: ```console $ dnf copr enable pbrezina/otp $ dnf copr enable abbra/oauth2-support $ dnf upgrade krb5-devel freeipa-server $ kinit admin $ echo Secret123 | ipa radiusproxy-add localhost --server=127.0.0.1 --secret $ ipa user-add tuser --user-auth-type=radius --radius=localhost --first Test --last User $ git clone ttps://github.com/pbrezina/mock-radius.git $ cd mock-radius $ sudo pip3 install pyrad $ sudo ./server.py ``` 3. On client: ``` $ su tuser Authenticate with PIN 381924 at https://visit.me/oauth2 and press ENTER. $ klist Ticket cache: KEYRING:persistent:830600005:krb_ccache_1mToqfe Default principal: tuser(a)IPA.VM Valid starting Expires Service principal 08/26/2021 14:15:11 08/27/2021 14:15:10 krbtgt/IPA.VM(a)IPA.VM renew until 09/02/2021 14:15:10 ``` """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5762/head:pr5762 git checkout pr5762

1 year, 6 months

3
45
0 / 0

[sssd PR#5812][opened] Tests: Modify ported AD tests marker to tier1_2 and fix a restore error

by sgoveas

URL: https://github.com/SSSD/sssd/pull/5812 Author: sgoveas Title: #5812: Tests: Modify ported AD tests marker to tier1_2 and fix a restore error Action: opened PR body: """ Use tier1_2 marker for newly ported ad parameters tests to reduce runtime to 1 hour and fix and ldap.conf backup restore """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5812/head:pr5812 git checkout pr5812

1 year, 6 months

2
8
0 / 0

[sssd PR#175][opened] Add module for starting services

by lslebodn

URL: https://github.com/SSSD/sssd/pull/175 Author: lslebodn Title: #175: Add module for starting services Action: opened PR body: """ This is a WIP version of reducing code duplication in our cwrap integration tests. I am still not sure whether we should also reuse function `create_sssd_fixture`. And if yes; then probably in different nodule then `services` And comments are welcome. BTW I wrote patches few weeks ago; therefore new tests are not converted. I am just sending patches to get some feedback. Site effect of this patches is that tests are cca 20% faster (IIRC) """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/175/head:pr175 git checkout pr175

1 year, 6 months

5
5
0 / 0

[sssd PR#5847][opened] pam_sss: Allow offline authentication against non-ipa-desktopprofiles aware DC

by stanislavlevin

URL: https://github.com/SSSD/sssd/pull/5847 Author: stanislavlevin Title: #5847: pam_sss: Allow offline authentication against non-ipa-desktopprofiles aware DC Action: opened PR body: """ IPA domain controller may not support desktop profiles since this functionality is optional and distributed as the IPA plugin: - in case of online authentication ipa_session detects such DC properly and returns PAM_SUCCESS for ENOENT, nothing is cached on sysdb (see ipa_deskprofile_get_config_send/ipa_deskprofile_get_config_done and ipa_pam_session_handler_done for details). - in case of offline authentication ipa_session falls back to cache and receives ENOENT (since nothing was cached previously). But *any* error is treated as actual error and overall result is PAM_SESSION_ERR (see ipa_pam_session_handler_save_deskprofile_rules and ipa_pam_session_handler_done for details). Note: actually, only deskprofile_get_cached_priority breaks PAM session since ipa_common_get_cached_rules successfully handles ENOENT. - in either case sssd tries to send dbus notification to fleet commander even if there are no desktop profile rules to apply. With this change ENOENT result of cache query is treated similarly to ENOENT result of actual backend query (PAM_SUCCESS). Resolves: https://github.com/SSSD/sssd/issues/5846 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5847/head:pr5847 git checkout pr5847

1 year, 6 months

4
14
0 / 0

[sssd PR#5829][opened] DP: Resolve intermediate groups prior to SR overlay

by justin-stephenson

URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: opened PR body: """ SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829

1 year, 6 months

3
27
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel October 2021