[Freeipa-users] Propose FreeIPA theses: IPA support for sites
Jakub Hrozek
jhrozek at redhat.com
Fri Mar 7 16:24:19 UTC 2014
On Fri, Mar 07, 2014 at 11:04:45AM -0500, Dmitri Pal wrote:
> On 03/07/2014 10:59 AM, Jakub Hrozek wrote:
> >On Fri, Mar 07, 2014 at 10:12:43AM -0500, Dmitri Pal wrote:
> >>We need to check if those are still relevant
> >>* https://thesis-managementsystem.rhcloud.com/topic/show/179/java-loginmodule-using-gssapi
> >><- I heard JBoss guys are fixing it
> >>* We are talking to Mongo about this: https://thesis-managementsystem.rhcloud.com/topic/show/95/gssapi-auth-plugin-for-mongodb-
> >>I would consider pushing it lower in priority
> >>* Is this still not implemented: https://thesis-managementsystem.rhcloud.com/topic/show/14/support-the-native-ipa-sudo-schema-
> >>?
> >This topic is being worked on actively. Me and Pavel have been mentoring
> >the student.
> >
> >>* Is this really needed any more? https://thesis-managementsystem.rhcloud.com/topic/show/13/document-the-internals-of-libldb-and-create-an-example-module-and-example-back-end
> >>It looks like Yassir's document covers a lot.
> >This topic is about ldb, not SSSD, but I agree it's not terribly important.
> >
> >>* This https://thesis-managementsystem.rhcloud.com/topic/show/12/implement-support-for-additional-maps-for-the-sssd-fast-cache
> >>is still relevant but not a super high priority.
> >>* It is unclear whether this is needed any more: https://thesis-managementsystem.rhcloud.com/topic/show/11/implement-3rd-party-id-mapper-in-sssd-
> >>seems like people can either use existing mapper (green field case)
> >>or already have UID/GID that they need to put into the central
> >>server.
> >I agree.
> >
> >>* This one is taken: https://thesis-managementsystem.rhcloud.com/topic/show/10/create-openlmi-provider-for-management-of-the-client-components
> >>right?
> >This is being worked on by Pavel.
> >
> >>On SSSD side I used a keyword to try to group all the tickets
> >>related to the state/status/health of SSSD.
> >>Here is what I got: https://fedorahosted.org/sssd/query?status=assigned&status=new&status=reopened&keywords=~Status&col=id&col=summary&col=keywords&col=status&col=owner&col=type&col=priority&col=milestone&order=priority
> >>most in 1.13 so too soon but still there may be some work we can
> >>offer.
> >>
> >>
> >>GNOME Keyring work
> >>https://fedorahosted.org/sssd/ticket/2221
> >>https://fedorahosted.org/sssd/ticket/2222
> >These two sounds OK to me, altough they'd require quite a bit of
> >mentoring.
> >
> >>UID/GID solution
> >>https://fedorahosted.org/sssd/ticket/1715
> >>
> >>Chaining access providers:
> >>https://fedorahosted.org/sssd/ticket/1326
> >I'm not sure these two are enough for a thesis..
>
> I think at least the first one is.
> You change UID and/or GID on the server. And then you need a
> mechanism to signal to the clients that they need to do cleanup. I
> was thinking about OpenLMI integration in this case and this sounds
> like a research topic to me.
I see, this might be an interesting topic. I was initiall only thinking
about the change of the ID itself.
>
> >
> >>One can dig more into 14-15 releases to see if there is anything
> >>else worth looking into.
> >What about the validator in ding-libs?
>
> I am planning to do some prototyping and publish a design, would it
> rain the parade?
Ah, I remember you said something along these lines yesterday on our
meeting. In that case it makes little sense to add the validation as a
topic.
>
> >
> >What about developing a set of tests using cwrap?
>
> +1
I filed https://fedorahosted.org/sssd/ticket/2277
More information about the Freeipa-users
mailing list