[Freeipa-devel] [PATCH] 0156 extdom: add certificate request
Martin Basti
mbasti at redhat.com
Thu Jun 9 19:02:39 UTC 2016
On 09.06.2016 14:45, Martin Basti wrote:
>
>
> On 09.06.2016 14:42, Martin Basti wrote:
>>
>>
>> On 09.06.2016 14:38, Lukas Slebodnik wrote:
>>> On (09/06/16 14:29), Martin Basti wrote:
>>>> On 09.06.2016 14:22, Alexander Bokovoy wrote:
>>>>> On Thu, 09 Jun 2016, Jakub Hrozek wrote:
>>>>>> On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> this patch allows the extom plugin to lookup users by
>>>>>>> certificate which
>>>>>>> is needed in the case where a IPA client wants to lookup an AD
>>>>>>> user who
>>>>>>> has the certificate stored in AD. To make this work the related
>>>>>>> patches
>>>>>>> I just send to sssd-devel are needed as well.
>>>>>>>
>>>>>>> Currently the patches miss the change in the required version of
>>>>>>> SSSD.
>>>>>>> since the SSSD patches are not committed. But the patches are
>>>>>>> needed to
>>>>>>> fully test the SSSD patches. I will send a new version with the
>>>>>>> needed
>>>>>>> changes to the minimal SSSD version when the SSSD patches are
>>>>>>> committed.
>>>>>>>
>>>>>>> bye,
>>>>>>> Sumit
>>>>>> The patch works fine (tested together with the corresponding SSSD
>>>>>> patches), so ACK from me. The code also looks good to me, but I'm
>>>>>> not
>>>>>> sure if reviewing an IPA patch requires something more (CI?
>>>>>> Coverity?)
>>>>> ACK from me as well, I forgot to send email about it, though I
>>>>> reviewed
>>>>> this patch a week ago.
>>>>>
>>>> Pushed to master: aa734da49440c5d12c0f8d4566505adaeef254e8
>>>>
>>> It's very likey that this commit will break build of
>>> freeipa-master. I didn't try.
>>>
>>> Because it uses new function sss_nss_getnamebycert
>>> from the library libsss_nss_idmap which is not in fedora.
>>> It was pushed to sssd master just today.
>>>
>>> LS
>>
>> If this is true, can you/somebody provide the SRPM of SSSD with the
>> required functionality please? We may need to add it to
>> @freeipa/freeipa-master copr and bump required version of SSSD.
>>
>> Martin^2
>>
>
> Yes, you were right, master build is broken.
> Martin^2
>
SSSD master build has been added to @freeipa/freeipa-master copr as a
workaround (to unblock automatic testing an developers)
Please bump version in specfile accordingly (I don't know in which
version of SSSD will be required function)
Martin^2
More information about the Freeipa-devel
mailing list