Timeline


and

01/27/11:

18:43 Milestone SSSD 1.5.1 completed
18:14 Ticket #784 (Fix the error code with the range retrieval) closed by sgallagh
fixed: Fixed by aa89df2040593f9120196ec440d2dc6d9f860d55
17:43 WikiStart edited by sgallagh
(diff)
17:43 Releases/Notes-1.5.1 edited by sgallagh
(diff)
17:42 Releases/Notes-1.5.1 created by sgallagh
17:35 Releases edited by sgallagh
(diff)
17:34 Releases edited by sgallagh
(diff)
17:24 Changeset [aa89df2] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Do not fail if attributes are empty Currently we fail if attributes are empty. But there are some use cases where requested attributes are empty. E.g Active Directory uses an empty member attribute to indicate that a subset of the members are in a range sub-attribute.
17:24 Changeset [a1af9be] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add option to disable TLS for LDAP auth Option is named to discourage use in production environments and is intentionally not listed in the SSSDConfig API.
14:50 sssd slides v3.pdf attached to Contribute by sgallagh
An overview of the SSSD features (v3 updated for 1.5.x)
14:18 Ticket #784 (Fix the error code with the range retrieval) created by dpal
13:18 Changeset [85b588e] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Updating uk translation Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>

01/26/11:

16:12 Ticket #783 (Support range retrievals) created by sbose
Similar to paging Active Directory use the range sub-attribute to split …

01/25/11:

20:48 Changeset [3aadf09] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Update man.stamp when the potfile or po4a.cfg is updated
14:20 Changeset [9dc0e2f7] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add missing gettext BuildRequires

01/24/11:

20:52 Changeset [b51cc4a] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add uk translation to specfile
18:44 Changeset [9ce4330] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Update translation files for string freeze Earlier patch for strings was incomplete
18:44 Changeset [57cfff4] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Updating uk translation Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
18:44 Changeset [dc57c53] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Updating pl translation Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
18:37 ReleaseProcess edited by sgallagh
(diff)

01/21/11:

22:27 Ticket #778 (Missing primary group with simple access provider) closed by sgallagh
fixed: Fixed by: * 3ad662a4d26c0d6ee4e382758ca7b3f0c2880d20 * …
22:26 Ticket #754 (DNS discovery should fall back to SSSD domain name in 1.5) closed by sgallagh
fixed: Fixed by 9917b96e31df3fa992d235a050ed1dc0e9939b3d
22:25 Ticket #779 (Nested groups are not unrolled during the first enumeration) closed by sgallagh
fixed: Fixed by c3a2e4aae7198a5ec2ac8ff028d2379668dc8aa1
22:24 Ticket #750 (attributes aren't being deleted from cache) closed by sgallagh
fixed: Fixed by c6257286e9a31dfd42d28c99a22a69e2c4717a61
21:57 Changeset [f9fdc87] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Updating uk manpage translation Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
21:57 Changeset [c938f4b] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Updating translation files for string freeze
21:34 Changeset [c3a2e4aa] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix nested group handling during enumeration Nested groups where not unrolled completely during the first enumeration run because not all where present in the cache.
21:34 Changeset [c625728] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Delete attributes that are removed from LDAP Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
21:20 Changeset [911c75f] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix uninitialized value error
21:20 Changeset [9917b96e] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Allow fallback to SSSD domain For backwards-compatibility with older versions of the SSSD (such as 1.2.x), we need to be able to have our DNS SRV record lookup be capable of falling back to using the SSSD domain name as the DNS discovery domain. This patch modifies our DNS lookups so that they behave as follows: If dns_discovery_domain is specified, it is considered authoritative. No other discovery domains will be attempted. If dns_discovery_domain is not specified, we first attempt to look up the SRV records using the domain portion of the machine's hostname. If this returns "NOTFOUND", we will try performing an SRV record query using the SSSD domain name as the DNS discovery domain. https://fedorahosted.org/sssd/ticket/754
21:20 Changeset [eaee7fa] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Rename dns_domain to discovery domain for fo_add_srv_server()
20:38 Ticket #782 (Fatal errors updating the cache should delete the entry) created by sgallagh
Currently, if SSSD experiences a fatal error while trying to save an entry …
19:59 Changeset [ca2bc5f] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add missing include file to sdap_async_accounts.c
16:01 Ticket #781 (List the keytab to pick the princiapl to use instead of guessing) created by simo
Apparently, at the moment, we try to construct the principal name for the …
14:24 Changeset [3ad662a] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add the user's primary group to the initgroups lookup The user may not be a direct member of their primary group, but we still want to make sure that group is cached on the system.
14:24 Changeset [aab0099] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Perform initgroups lookup for PAM Previously we were only looking up the user, but we need to make sure that all groups are available for use by access providers.

01/20/11:

17:26 Ticket #752 (Conduct security audit of the password obfuscation code) closed by sgallagh
fixed: Fixed by fd72f761edb0b11265ce3293b56a4a4fa0d1a317
17:22 Ticket #780 (Add support for client side ldap certificates, keys and cipher suite ...) closed by sgallagh
fixed
17:20 Changeset [fd72f76] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9NSS obfuscation code cleanup https://fedorahosted.org/sssd/ticket/752
17:20 Changeset [3c13b61] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add ldap_tls_{cert,key,cipher_suite} config options Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
16:05 Ticket #780 (Add support for client side ldap certificates, keys and cipher suite ...) created by twhitehead
Currently the configuration process has no way to pass along the client …
11:57 Ticket #777 (Make IPA paths configurable or use base searches for HBAC related data) closed by sbose
fixed: fixed by 56789cfa13f85071f5fb37575fa1f1071f587efc
11:56 Ticket #690 ([enh] honor Red Hat Directory Server account lockout) closed by sbose
fixed: fixed by d73fcc5183a676aed4fd040714b87274248b784c
11:54 Ticket #679 (SSSD should respect IPA account policies) closed by sbose
fixed: fixed by d73fcc5183a676aed4fd040714b87274248b784c
11:54 Ticket #674 ([enh] honor ActiveDirectory account lockout) closed by sbose
fixed: fixed by 22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18
11:53 Ticket #771 (Configurable Password Expiration Notification Period) closed by sbose
fixed: fixed by 67aa400d9ce91705225e51010e832877511cb7d4
11:51 Ticket #707 (Startup after resume takes too long) closed by sbose
fixed: I could reproduce this issue and it was fixed by …

01/19/11:

14:53 Changeset [e9691a8] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Use DEFAULT_PAM_VERBOSITY if config value cannot be retrieved
14:53 Changeset [0c3bf8c] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Don't double-sanitize member DNs After asking the cache for the list of member DNs for groups during an initgroups request, we were passing it through the sanitization function. Since this had already been done before they were saved to the cache, this meant that it was corrupting the results. It is safe to pass the returned DN directly into the sysdb_group_dn_name() function.
14:53 Changeset [80842de] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix incorrect example file The example sssd.conf still had entry_cache_timeout listed in the [nss] section, and did not have correct values for entry_cache_nowait_percentage (it was listed as entry_cache_nowait_timeout and gave a value in seconds)
14:53 Changeset [2fac679] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix return value check
14:53 Changeset [22f4c1b8] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add LDAP expire policy based on AD attributes The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
14:53 Changeset [d73fcc5] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add LDAP expire policy base RHDS/IPA attribute The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
14:53 Changeset [56789cf] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add ipa_hbac_search_base config option
14:53 Changeset [67aa400] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add pam_pwd_expiration_warning config option
13:59 Ticket #779 (Nested groups are not unrolled during the first enumeration) created by sgallagh
== Description of problem == Nested groups are not unrolled during the …
12:49 Contribute edited by sgallagh
(diff)
08:52 Ticket #778 (Missing primary group with simple access provider) created by sbose
When starting with an empty cache, without enumeration, rfc2307 LDAP …

01/17/11:

20:21 Ticket #774 (Remove warning about nscd/SSSD conflict) closed by sgallagh
fixed: Fixed by 50b2904bc09dee04fbc5b13246a33f5d3b257d2e
20:21 Ticket #768 (sss_obfuscate interactive mode is not acceptable) closed by sgallagh
fixed: Fixed by 8d00718b943ab8b326320feb50820f0663031817
20:21 Ticket #755 (Remove support for libnl < 1.1) closed by sgallagh
fixed: Fixed by 5352c9b3609bca63814f9f6f03dbbbadf6c6333a
19:50 Changeset [5352c9b] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Remove support for pre-1.1 netlink Netlink 1.0 and older is buggy and unreliable, occasionally causing tight-loops. We're no longer going to try to support it. https://fedorahosted.org/sssd/ticket/755
17:19 Changeset [50b2904b] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Clarify nscd warning Removes the level-zero DEBUG message and modifies the syslog message to explain that NSCD is safe for maps that SSSD does not (yet) support.
17:19 Changeset [8d00718b] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix usability of sss_obfuscate command
17:19 Changeset [2be33d8e] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Do not force a default for debug_level
13:16 Changeset [c99f4a33] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Update manpage translations for ldap_enumeration_search_timeout
13:05 Ticket #775 (SSSD returns error on nonexistent netgroup) closed by sgallagh
fixed: Fixed by 6a03b2a9c967d250825d614607d0bb7b901e8696
13:03 Ticket #705 (Saving the results of an enumeration takes far too much time) closed by sgallagh
fixed: Fixed by * 337d3d9ba9e271272046feac0d17911d024eb43f * …
13:02 Ticket #772 (Add ldap_enumeration_search_timeout) closed by sgallagh
fixed: Fixed by 29993ce4fbdf08f28077f4b6824c8b6b8d616cb8
12:59 Changeset [29993ce] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add ldap_search_enumeration_timeout config option
12:59 Changeset [a530a967] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add timeout parameter to sdap_get_generic_send()

01/14/11:

20:23 Ticket #770 (Typos in SSSD manual) closed by sgallagh
fixed: Fixed by 055701c59d684fbb3c8be4a129bb8fd4cfb4ffe8
20:16 Changeset [bde6942] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add uk translation for manpages
20:16 Changeset [055701c] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix manpage typos
20:16 Changeset [cbe7c54c] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Regenerate manpage po[t] files Fixed several typos
18:29 Changeset [6a03b2a] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Do not throw a DP error when a netgroup is not found https://fedorahosted.org/sssd/ticket/775
18:29 Changeset [cfc59f8] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix missing hash table bug When the automatic cleanup happened, if the netgroup had been created with no contents (to indicate an unknown netgroup), we weren't saving the hash table address and the talloc_free() was failing.
16:53 Ticket #777 (Make IPA paths configurable or use base searches for HBAC related data) created by sbose
Currently the search paths for HBAC data are hardcoded. Chances are that …
13:58 Changeset [337d3d9] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Work around libldb bug Libldb performs non-indexed searches for ONELEVEL requests. We'll use SUBTREE instead to reduce the performance hit substantially
13:58 Changeset [09c0743] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add missing sysdb transaction to group enumerations We were not enclosing group processing in a transaction, which was resulting in extremely high numbers of disk-writes. This patch adds a transaction around the sdap_process_group code to ensure that these actions take place within a transaction. This patch also adds a check around the missing member code for RFC2307bis so we don't go back to the LDAP server to look up entries that don't exist (since the enumeration first pass would already have guaranteed that we have all real users cached)
12:20 Ticket #699 (cannot authenticate: "Could not start TLS encryption. (null)") closed by sgallagh
wontfix: I filed a bug upstream with openldap: …

01/13/11:

23:49 Ticket #776 (Support automatic convertion of names to lower case) created by dpal
Regarding user logins AD is case insensitive and UNIX/Linux is sensitive. …
21:06 Ticket #775 (SSSD returns error on nonexistent netgroup) created by sgallagh
If a netgroup doesn't exist in LDAP, we're returning an error instead of …
12:54 Ticket #774 (Remove warning about nscd/SSSD conflict) created by sgallagh
This is causing a lot of confusion in the field. Running nscd with SSSD …

01/12/11:

20:34 Ticket #773 (Investigate one-level indexing in ldb) created by sbose
There are a couple of places when accessing sysdb where, in theory, a …

01/11/11:

18:56 Ticket #699 (cannot authenticate: "Could not start TLS encryption. (null)") reopened by amcnabb
I think I have identified how our setups differ. To reproduce, try making …
17:25 Changeset [9c0dba9] by Stephen Gallagher <sgallagh@…>
sssd-1-4Validate user supplied size of data items Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
17:25 Changeset [004ce53] by Stephen Gallagher <sgallagh@…>
sssd-1-4Add overflow check to SAFEALIGN_COPY_*_CHECK macros
17:21 Changeset [82e5f65] by Stephen Gallagher <sgallagh@…>
sssd-1-3Validate user supplied size of data items Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
17:21 Changeset [c66343e] by Stephen Gallagher <sgallagh@…>
sssd-1-3Add overflow check to SAFEALIGN_COPY_*_CHECK macros
17:20 Changeset [2385387] by Stephen Gallagher <sgallagh@…>
sssd-1-2Validate user supplied size of data items Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
17:20 Changeset [7fba783] by Stephen Gallagher <sgallagh@…>
sssd-1-2Add overflow check to SAFEALIGN_COPY_*_CHECK macros
17:17 Changeset [f15683b] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Validate user supplied size of data items Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
17:17 Changeset [86aa3e4] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add overflow check to SAFEALIGN_COPY_*_CHECK macros
17:06 Ticket #772 (Add ldap_enumeration_search_timeout) created by sbose
For the 1.2 we had db534f6eb40f083860756afe3b2d0589f271dec0 to handle …
14:24 Ticket #765 (Drop -s option from sss_obfuscate) closed by dpal
duplicate: This will be addressed as part of #768. Closing.

01/10/11:

21:12 WikiStart edited by sgallagh
(diff)
21:11 Releases edited by sgallagh
(diff)
14:58 Ticket #771 (Configurable Password Expiration Notification Period) created by myllynen
When authenticating against AD using SSSD 1.5 / MIT Krb 1.9 one gets …

01/08/11:

16:17 Ticket #770 (Typos in SSSD manual) created by dpal
https://bugzilla.redhat.com/show_bug.cgi?id=668144

01/07/11:

15:08 Ticket #769 (LDAP provider and dynlist overlay) created by dserre
When using openldap with dynlist overlay, the results of getent group …
08:49 Ticket #756 (Service discovery fails when going back online) closed by sbose
fixed: Fixed by 7daf6c9f7a0e583a1ba033bb858208b51358bf2f and …
08:47 Ticket #758 (Enumeration does not work with multiple domains) closed by sbose
fixed: Fixed by 138aea921316c32d18820c782e923b87d826c849
08:46 Ticket #757 (nss client blocks when enumerating local domain after restart) closed by sbose
fixed: Fixed by 5ea3cfbb8272f5e02f8e9683c0028b3e1a3c9045
08:45 Ticket #761 (Obfuscated password should be check during startup) closed by sbose
fixed: Fixed by 52b703a4c7cc43ae908300795569e27b64186ec8
08:45 Ticket #762 (Obfuscated passwords can kill LDAP provider if OpenLDAP uses NSS) closed by sbose
fixed: Fixed by 52b703a4c7cc43ae908300795569e27b64186ec8 This fix does not …
08:41 Ticket #751 (better default logging of access denials) closed by sbose
fixed: Fixed by 6742203fd84e97822cdddc4065402c15f3c5703f and …

01/06/11:

20:15 Changeset [e1522a5] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add syslog messages to authorized service access check
20:15 Changeset [138aea9] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Return groups and users from all domains during enumeration
20:15 Changeset [5ea3cfb] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Post enumeration tevent request if needed
20:15 Changeset [c5f66b8] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Remove unused enumeration cache timeout checks The existence of the getent_ctx is used to track the enumeration cache timeout.
20:15 Changeset [52b703a] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Convert obfuscated password once at startup
20:15 Changeset [6742203f] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Add syslog message to shadow access check
19:32 Ticket #768 (sss_obfuscate interactive mode is not acceptable) created by sgallagh
If just entering sss_obfuscate (no options), there is no prompt for …

01/05/11:

21:00 Ticket #767 (Consider using enums or union to pass merge flags) created by dpal
Merge flags are a combination of 3 mutually exclusive sets. There is no …
19:02 Ticket #766 (Consider using enum intead of #define for errors) created by dpal
In the INI header there is a set of error codes that are currently defined …
13:06 Changeset [04f0cf2c] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Fix boolean comparison against string Coverity 10082 and 100083
13:06 Changeset [7daf6c9f] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Use the right status when resetting service discovery
13:06 Changeset [0b58631] by Stephen Gallagher <sgallagh@…>
mastersssd-1-10sssd-1-11sssd-1-12sssd-1-13sssd-1-14sssd-1-5sssd-1-6sssd-1-7sssd-1-8sssd-1-9Rename SRV_NOT_RESOLVED to SRV_RESOLVE_ERROR
12:03 Ticket #765 (Drop -s option from sss_obfuscate) created by sgallagh
Originally reported as https://bugzilla.redhat.com/show_bug.cgi?id=667326
11:46 Ticket #764 (debug_level in sssd.conf overrides command-line) created by sgallagh
This behavior is backwards. A debug level specified on the command-line …
11:43 Ticket #763 (sss_obfuscate/python config parser modifies config file too much) created by sbose
When calling sss_obfuscate with the following simplified config file: …
10:45 Ticket #762 (Obfuscated passwords can kill LDAP provider if OpenLDAP uses NSS) created by sbose
If the obfuscated password cannot be decrypted, e.g. because by accident …
10:23 Ticket #761 (Obfuscated password should be check during startup) created by sbose
To avoid runtime errors it should be checked during startup if the …

01/04/11:

15:47 Ticket #760 (Add libkrb5 version to spec file) created by sbose
If sssd is build with MIT Kerberos 1.9 and the current spec file the …
14:30 Ticket #708 (Netlink 1.0.x ends up in an infinite EAGAIN loop on suspend/resume) closed by sgallagh
duplicate
13:17 Ticket #759 (Create a package for SSSD python code) created by jzeleny
Currently some (maybe all) python files of SSSD are directly in …
08:17 Ticket #758 (Enumeration does not work with multiple domains) created by sbose
If multiple domains are configured and enumeration is allowed only the …
08:16 Ticket #757 (nss client blocks when enumerating local domain after restart) created by sbose
If only the local domain is configured the first enumeration request, …

01/03/11:

17:24 Ticket #756 (Service discovery fails when going back online) created by sbose
If sssd goes from offline to online service discovery fails with "The …
14:54 Ticket #755 (Remove support for libnl < 1.1) created by sgallagh
Libnl older than 1.1 has a very serious tight-loop issue that causes SSSD …
13:46 Ticket #754 (DNS discovery should fall back to SSSD domain name in 1.5) created by myllynen
With SSSD 1.2 (which is part of, e.g., RHEL 6.0) DNS discovery uses SSSD …
13:08 Ticket #297 (man pages should be translatable) closed by sgallagh
fixed: Fixed by: * 6f51c802311fd81a409a26763ed45b28a3234d0d * …
13:07 Ticket #749 (account checks should be done with fresh data) closed by sgallagh
fixed: Fixed by c71ff1e4615ec8560b90ca7d4827d99424ad0355
Note: See TracTimeline for information about the timeline view.