sssd-devel August 2021

sssd-devel@lists.fedorahosted.org

1 participants
85 discussions

[sssd PR#5750][opened] fix compilation warnings
by pbrezina 25 Aug '21

25 Aug '21

URL: https://github.com/SSSD/sssd/pull/5750 Author: pbrezina Title: #5750: fix compilation warnings Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5750/head:pr5750 git checkout pr5750

3 23

[sssd PR#5758][opened] file utils: reduce log level in remove_tree_with_ctx()
by alexey-tikhonov 25 Aug '21

25 Aug '21

URL: https://github.com/SSSD/sssd/pull/5758 Author: alexey-tikhonov Title: #5758: file utils: reduce log level in remove_tree_with_ctx() Action: opened PR body: """ Users of this function are responsible to decide if fail is critical. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5758/head:pr5758 git checkout pr5758

3 13

[sssd PR#5734][opened] MONITOR: Return success from genconf with no config
by justin-stephenson 23 Aug '21

23 Aug '21

URL: https://github.com/SSSD/sssd/pull/5734 Author: justin-stephenson Title: #5734: MONITOR: Return success from genconf with no config Action: opened PR body: """ Resolves: https://github.com/SSSD/sssd/issues/5729 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5734/head:pr5734 git checkout pr5734

5 14

[sssd PR#5733][opened] Work around issue #5729
by joakim-tjernlund 19 Aug '21

19 Aug '21

URL: https://github.com/SSSD/sssd/pull/5733 Author: joakim-tjernlund Title: #5733: Work around issue #5729 Action: opened PR body: """ Handles unexpected errors by sssd --genconf """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5733/head:pr5733 git checkout pr5733

2 11

[sssd PR#5745][opened] cache_req: cache_first fix for fully-qualified names
by sumit-bose 16 Aug '21

16 Aug '21

URL: https://github.com/SSSD/sssd/pull/5745 Author: sumit-bose Title: #5745: cache_req: cache_first fix for fully-qualified names Action: opened PR body: """ With commit b572871236a7f9059d375a5ab1bff8cbfd519956 "cache_req: introduce cache_behavior enumeration" the processing of cache and backend lookups was refactored. Unfortunately this introduce an issue when looking up users or groups with a fully-qualified name and the 'cache_first = True' option is set. In the old code the case when a domain name is available was handle before the cache_first first option was evaluated and cache_req was instructed to first look in the cache and then call the backend if the object is not available or expired, i.e. the default behavior. Since only a single domain is involved this is in agreement with 'cache_first = True' and only a single iteration is needed. In the new code the cache_first option is evaluated before the presence of a domain name is checked and as a result even for single domain searches the first cache_req iteration is only looking at the cache and will not call the backend. This means the now for searches with a fully-qualified name a second iteration is needed if the object was not found in the cache. Unfortunately the old exit condition that if a domain name is present only a single iteration is needed is still present in the new code which effectively makes requests with fully-qualified named only search the cache and never call the backends. This patch removes the exit condition and does a second iteration for fully-qualified names as well if 'cache_first = True' is set. Resolves: https://github.com/SSSD/sssd/issues/5744 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5745/head:pr5745 git checkout pr5745

2 8

[sssd PR#5748][opened] TOOLS: replace system() with execvp()
by alexey-tikhonov 16 Aug '21

16 Aug '21

URL: https://github.com/SSSD/sssd/pull/5748 Author: alexey-tikhonov Title: #5748: TOOLS: replace system() with execvp() Action: opened PR body: """ to avoid execution of user supplied command A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. :fixes: CVE-2021-3621 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5748/head:pr5748 git checkout pr5748

2 10

[sssd PR#5747][opened] general: Fix compilation warnings
by elkoniu 16 Aug '21

16 Aug '21

URL: https://github.com/SSSD/sssd/pull/5747 Author: elkoniu Title: #5747: general: Fix compilation warnings Action: opened PR body: """ Commit 44525a9995c775ac284a6203d0e505dc4bf0d459 introduced compilation warnings related to type casting. This commit fixes this by align types of pointer used in code. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5747/head:pr5747 git checkout pr5747

3 15

[sssd PR#5749][opened] 1.16: TOOLS: replace system() with execvp()
by alexey-tikhonov 16 Aug '21

16 Aug '21

URL: https://github.com/SSSD/sssd/pull/5749 Author: alexey-tikhonov Title: #5749: 1.16: TOOLS: replace system() with execvp() Action: opened PR body: """ to avoid execution of user supplied command A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. :fixes: CVE-2021-3621 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5749/head:pr5749 git checkout pr5749

2 10

[sssd PR#5705][opened] p11_child: do_card fix loop exit condition
by assafmo 15 Aug '21

15 Aug '21

URL: https://github.com/SSSD/sssd/pull/5705 Author: assafmo Title: #5705: p11_child: do_card fix loop exit condition Action: opened PR body: """ This commit fixes the exit condition when searching for a token in p11_child/do_card, specifically in case a token is present in a slot, but there are empty slots before it. This commit fixes issue #5025, thanks to this comment by @sumit-bose: https://github.com/SSSD/sssd/issues/5025#issuecomment-801842175 Closes #5025 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5705/head:pr5705 git checkout pr5705

4 13

[sssd PR#5735][opened] util: Avoid an extern variable by using sss_chain_id_get()
by cryptomilk 11 Aug '21

11 Aug '21

URL: https://github.com/SSSD/sssd/pull/5735 Author: cryptomilk Title: #5735: util: Avoid an extern variable by using sss_chain_id_get() Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5735/head:pr5735 git checkout pr5735

3 12

← Newer
1
2
3
4
5
6
7
8
9
Older →

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel August 2021