On 21 Sep 2017, at 23:23, Fabiano Fidêncio
<fidencio(a)redhat.com> wrote:
People,
We have 27 PRs opened by the moment I'm writing this email and I'd
like to have a clear idea which ones are the *must* have for our next
release.
I think it should be notes that we’re trying to get the next release (1.15.4) out of the
door mostly to make it in time for the Fedora-27 freeze, which, according to the
schedule:
https://fedoraproject.org/wiki/Releases/27/Schedule
is 2017-10-27
The release after that (1.16.0) is driven by RHEL deadlines, which is also important to
note because most SSSD core developers also work on RHEL and a RHEL deadline means the
1.16.0 is mostly time-driven, not “when we feel like releasing, we release the tarball”
kind of release.
- Fix group renaming issue when "id_provider = ldap" is set
(
https://github.com/SSSD/sssd/pull/128)
We have a bugzilla for this one. Code has been reviewed and last
comments addressed.
I can ack the PR because I like the code, but I’m not sure the PR would be pushed w/o an
integration test. Let’s see during this week, I started working on the test but had no
time to finish it..
- Add "Wants=" to sssd unit
(
https://github.com/SSSD/sssd/pull/132)
We don't have a bugzilla for this one. IMO, this can be postponed
for the next release
Yes, in general I’m not totally sure we discussed if the behaviour is what we want
either.
- Initial revision of sssd pytest framework
(
https://github.com/SSSD/sssd/pull/139)
This PR will be reviewed on a phone session. IMO, this can be
postponed for the next release.
- Add module for starting services (
https://github.com/SSSD/sssd/pull/175)
This PR has been stalled for a quite long time. Although the
idea/work seems quite nice, I don't see this one as something that we
should prioritize. So, IMO, this can the postponed for the next
release.
+1
- TEST: Adding krb5-libs to dependencies
(
https://github.com/SSSD/sssd/pull/218)
This PR has been stalled since celestian left the project. It's
something good to have but far from having high priority. IMO, this
can be postponed to the next release.
I think it can be pushed since you made the PR pass the CI tests which was the only
blocker earlier.
- changing all talloc_get_type() with talloc_get_type_abort()
(
https://github.com/SSSD/sssd/pull/231)
This PR has been stalled for a quite long time. Can easily be
postponed to the next release.
+1
- provider: Move hostid from ipa to sdap
(
https://github.com/SSSD/sssd/pull/237)
This PR comes from an external contributor and as far as I
understood they changed whatever has been requested. IMO this should
be part of this release.
Yes, but it would be really good to have tests..but writing the tests might not be
trivial.
- Subdomain inherit (
https://github.com/SSSD/sssd/pull/247):
This PR has been stalled for a long time and according to the
dicussion in our phone meeting Today, it can be postponed to the next
release.
+1
- Update sss_override.c (
https://github.com/SSSD/sssd/pull/260)
This PR has been stalled for some time and, IMO, can be postponed to
the next release.
+1
- Add support for ActiveDirectory's logonHorous restrictions
(
https://github.com/SSSD/sssd/pull/269)
This PR comes from an external contributor and as far as I
understood there's still some work to be done. So, should be postponed
to the next release
I’ll reply to Sumit separately.
- Merge sss_cache and sss_debuglevel into sssctl
(
https://github.com/SSSD/sssd/pull/274)
This PR seems to be in a good shape and justin addressed the last
comments. IMO, should be part of this release.
This was pushed.
- Implement access verification by rhost using ldap_access_order
rhost
option (
https://github.com/SSSD/sssd/pull/275)
By the comments I'm not sure whether we may or may not should have
it in the next release. In any case, we must provide a feedback to the
external contributor.
As with other PRs, I think the issue might be in test coverage, so I’m not sure we can
merge this PR before we have authentication and authorization tests.
I agree about giving feedback.
- Print a warning when enumeration is requested but disabled
(
https://github.com/SSSD/sssd/pull/334)
Already acked.
Doesn’t really matter which release this ends up at, it’s a convenience patch.
- Fix for few el6 gcc warnings
(
https://github.com/SSSD/sssd/pull/371)
- This patch set fixes a bunch warnings (
https://github.com/SSSD/sssd/pull/377)
PR 377 has all the patches contained in PR 371. Any of those have
high priority IMO and both could just be postponed to the next
release.
+1
- ldap: Change ldap_user_certificate to userCertificate;binary
(
https://github.com/SSSD/sssd/pull/372)
Already reviewed. Whoever pushes the patches could squash the
patches instead of keep waiting for the contributor. In any case,
should be part of this release.
+1
- intg: Add sanity tests for pysss_nss_idmap
(
https://github.com/SSSD/sssd/pull/373)
Already acked.
+1
- IPA: Add threshold for sudo command and command group searches
(
https://github.com/SSSD/sssd/pull/374)
Does it have some bugzilla linked? I guess it would be nice to be
reviewed and pushed for this release.
Since the “only” entity who requested this PR is RHEL and RHEL backports patches to stable
releases anyway, it’s not critical to the upstream release.
- sssd-1.13 Backported patches for ticket 3505
(
https://github.com/SSSD/sssd/pull/375)
Doesn't affect our release at all
+1
- [RFC] Use GNULIB's compiler warning code
(
https://github.com/SSSD/sssd/pull/378)
IMO this one can be postponed to the next release
+1
- CI: Enable pep8 check (
https://github.com/SSSD/sssd/pull/379)
IMO this one can be postponed to the next release
+1
- intg: prevent "TypeError: mustbe type, not classobj"
(
https://github.com/SSSD/sssd/pull/386)
There's a small change requested that can be done by whoever pushes
the patches instead of keep waiting for the contributor
And it’s not critical for the upstream release either.
- Setting ldap_sudo_include_regexp to false
(
https://github.com/SSSD/sssd/pull/387)
Should be part of 2.0 relase in the future
Yes.
- sssd_client: add mutex protected call to the PAC responder
(
https://github.com/SSSD/sssd/pull/389)
Should be part of this release
Pushed as of today.
- NSS: Add option to disabled memcache
(
https://github.com/SSSD/sssd/pull/390)
IMO this one be postponed to the next release
+1
- Use dbus-daemon in cwrap environment for test
(
https://github.com/SSSD/sssd/pull/391)
IMO this one can be postponed to the next release
+1
- GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be
found
IMO this one should be part of this release
Not critical as the problem is only in the DEBUG message which is not printed by default
becase we default to debug_level=0.
So, can we have an agreement that we're going to focus on
reviewing:
- Fix group renaming issue when "id_provider = ldap" is set
(
https://github.com/SSSD/sssd/pull/128)
Yes, I’ll work on the test this week.
- provider: Move hostid from ipa to sdap
(
https://github.com/SSSD/sssd/pull/237)
OK, maybe a middle ground could be to test with the help of downstream tests that the IPA
code still works. An integration test for the LDAP provider could then be written for the
next release.
- Add support for ActiveDirectory's logonHorous restrictions
(
https://github.com/SSSD/sssd/pull/269)
Yes, let’s push this.
- Merge sss_cache and sss_debuglevel into sssctl
(
https://github.com/SSSD/sssd/pull/274)
Pushed.
- Implement access verification by rhost using ldap_access_order
rhost
option (
https://github.com/SSSD/sssd/pull/275)
I really don’t know if we can push this without tests. But we should absolutely review the
code and provide feedback.
- IPA: Add threshold for sudo command and command group searches
(
https://github.com/SSSD/sssd/pull/374)
Nice, but IMO not critical.
- sssd_client: add mutex protected call to the PAC responder
(
https://github.com/SSSD/sssd/pull/389)
Pushed
- GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be
found
IMO not critical
And also, do we agree that the bugs mentioned above are the material
for this release and pretty much anything else that is already opened?
Best Regards,
--
Fabiano Fidêncio
_______________________________________________
sssd-devel mailing list -- sssd-devel(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-leave(a)lists.fedorahosted.org