[Freeipa-users] Propose FreeIPA theses: IPA support for sites
Dmitri Pal
dpal at redhat.com
Fri Mar 7 16:04:45 UTC 2014
On 03/07/2014 10:59 AM, Jakub Hrozek wrote:
> On Fri, Mar 07, 2014 at 10:12:43AM -0500, Dmitri Pal wrote:
>> We need to check if those are still relevant
>> * https://thesis-managementsystem.rhcloud.com/topic/show/179/java-loginmodule-using-gssapi
>> <- I heard JBoss guys are fixing it
>> * We are talking to Mongo about this: https://thesis-managementsystem.rhcloud.com/topic/show/95/gssapi-auth-plugin-for-mongodb-
>> I would consider pushing it lower in priority
>> * Is this still not implemented: https://thesis-managementsystem.rhcloud.com/topic/show/14/support-the-native-ipa-sudo-schema-
>> ?
> This topic is being worked on actively. Me and Pavel have been mentoring
> the student.
>
>> * Is this really needed any more? https://thesis-managementsystem.rhcloud.com/topic/show/13/document-the-internals-of-libldb-and-create-an-example-module-and-example-back-end
>> It looks like Yassir's document covers a lot.
> This topic is about ldb, not SSSD, but I agree it's not terribly important.
>
>> * This https://thesis-managementsystem.rhcloud.com/topic/show/12/implement-support-for-additional-maps-for-the-sssd-fast-cache
>> is still relevant but not a super high priority.
>> * It is unclear whether this is needed any more: https://thesis-managementsystem.rhcloud.com/topic/show/11/implement-3rd-party-id-mapper-in-sssd-
>> seems like people can either use existing mapper (green field case)
>> or already have UID/GID that they need to put into the central
>> server.
> I agree.
>
>> * This one is taken: https://thesis-managementsystem.rhcloud.com/topic/show/10/create-openlmi-provider-for-management-of-the-client-components
>> right?
> This is being worked on by Pavel.
>
>> On SSSD side I used a keyword to try to group all the tickets
>> related to the state/status/health of SSSD.
>> Here is what I got: https://fedorahosted.org/sssd/query?status=assigned&status=new&status=reopened&keywords=~Status&col=id&col=summary&col=keywords&col=status&col=owner&col=type&col=priority&col=milestone&order=priority
>> most in 1.13 so too soon but still there may be some work we can
>> offer.
>>
>>
>> GNOME Keyring work
>> https://fedorahosted.org/sssd/ticket/2221
>> https://fedorahosted.org/sssd/ticket/2222
> These two sounds OK to me, altough they'd require quite a bit of
> mentoring.
>
>> UID/GID solution
>> https://fedorahosted.org/sssd/ticket/1715
>>
>> Chaining access providers:
>> https://fedorahosted.org/sssd/ticket/1326
> I'm not sure these two are enough for a thesis..
I think at least the first one is.
You change UID and/or GID on the server. And then you need a mechanism
to signal to the clients that they need to do cleanup. I was thinking
about OpenLMI integration in this case and this sounds like a research
topic to me.
>
>> One can dig more into 14-15 releases to see if there is anything
>> else worth looking into.
> What about the validator in ding-libs?
I am planning to do some prototyping and publish a design, would it rain
the parade?
>
> What about developing a set of tests using cwrap?
+1
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list