On Fri, Aug 07, 2015 at 12:22:39PM +0200, Pavel Březina wrote:
On 07/30/2015 09:52 PM, Jakub Hrozek wrote:
>On Thu, Jul 30, 2015 at 09:46:11PM +0200, Jakub Hrozek wrote:
>>Hi,
>>
>>the attached patches implement fetching the keytab for one-way trusts on
>>each sssd restart. This is in order for admin to be able to call service
>>sssd restart and have fresh keytabs in case the trust was re-established
>>in the meantime.
>>
>>Even though retrieving the keytabs is quite expensive operation,
>>restarting the sssd instance on the IPA server should be quite rare.
>
>Sorry, I shouldn't be sending patches before Coverity results arrive.
>Attached version fixes error handling in the first patch and fixes an
>unused variable in the second one.
Hi,
the code looks good. I just have an idea to move the talloc destructor that
ensure the temporary file will get unlinked into sss_unique_file.
We can provide a talloc context there and setup a destructor if requested.
Something like:
sss_unique_file(owner, file)
if owner != NULL
talloc_set_destructor
Hi,
please see the attached patches. Since the unique file code is not
totally trivial (even though tested) I will move using the
sss_unique_file() interface in other sssd code into a different patchset
-- I would like to apply these patches to downstream and changing the
mkstemp() calls might be too risky there.