URL: https://github.com/SSSD/sssd/pull/5299
Author: pbrezina
Title: #5299: dp: fix potential race condition in provider's sbus server
Action: opened
PR body:
"""
We can hit a segfault if provider start is somehow delayed.
- dp_init_send
- sbus_server_create_and_connect_send
- sbus_server_create (*)
- dp_init_done (callback for sbus_server_create_and_connect_send)
- sbus_server_create_and_connect_recv
- sbus_server_set_on_connection (sets clients data and creates dp_cli)
At (*) sbus server is already created and accepts new connections once
we get into tevent loop. So it is possible that the client connects to
server before sbus_server_set_on_connection is called and thus the client
is not properly initialized. However it should not happen in normal start
because providers are started before responders and it can happen only if
data provider startup is somehow delay.
You can use this diff to reproduce the crash:
```diff
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -702,6 +702,8 @@ int main(int argc, const char *argv[])
uid_t uid;
gid_t gid;
+ sleep(5);
+
struct poptOption long_options[] = {
POPT_AUTOHELP
SSSD_MAIN_OPTS
```
Resolves:
https://github.com/SSSD/sssd/issues/5298
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5299/head:pr5299
git checkout pr5299
URL: https://github.com/SSSD/sssd/pull/5270
Author: alexey-tikhonov
Title: #5270: CONFDB: fixed compilation warning
Action: opened
PR body:
"""
Fixed following compilation warning:
```
../src/confdb/confdb.c: In function ‘confdb_get_domains’:
../src/confdb/confdb.c:2499:12: warning: ‘enabled’ may be used uninitialized in this function [-Wmaybe-uninitialized]
```
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5270/head:pr5270
git checkout pr5270
URL: https://github.com/SSSD/sssd/pull/5294
Author: sumit-bose
Title: #5294: krb5: only try pkinit with Smartcard credentials
Action: opened
PR body:
"""
Currently pkinit is tried if a Smartcard is present. But depending on
the used PAM service and other configurations it might happen that the
user didn't provide the Smartcard PIN but e.g. the password. Hence,
before trying pkinit we should check if the right credentials are
available.
Resolves:
https://github.com/SSSD/sssd/issues/5290
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5294/head:pr5294
git checkout pr5294
URL: https://github.com/SSSD/sssd/pull/269
Author: NWilson
Title: #269: Add support for ActiveDirectory's logonHours restrictions
Action: opened
PR body:
"""
This is a straightforward patch for denying access to a user when the user is not permitted to access their account due to logonHours restrictions.
This matches the default behaviour for domain-joined Windows machines. When outside the logonHours, all types of authentication are denied (password/Kerberos/certificate) - so it is appropriate to put this check inside the PAM "account" rules.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/269/head:pr269
git checkout pr269
URL: https://github.com/SSSD/sssd/pull/5253
Author: aborah-sudo
Title: #5253: libdirsrv should be modified to be compatible with new DS
Action: opened
PR body:
"""
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5253/head:pr5253
git checkout pr5253
URL: https://github.com/SSSD/sssd/pull/5301
Author: sgoveas
Title: #5301: use prerealease option in make srpm script
Action: opened
PR body:
"""
With --prereleasae option enabled, make_srpm.sh script can set different
version each time copr build is created. It adds date time and git
commit hash in the build version.
eg.
2.3.2-0.20200826.1356.gitdb1049057.fc31
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5301/head:pr5301
git checkout pr5301
URL: https://github.com/SSSD/sssd/pull/5246
Author: alexey-tikhonov
Title: #5246: Drop support of libnss as a crypto backend
Action: closed
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5246/head:pr5246
git checkout pr5246