On 08/17/2016 10:40 AM, Lukas Slebodnik wrote:
On (17/08/16 09:54), Lukas Slebodnik wrote:
On (16/08/16 16:29), Petr Cech wrote:
On 08/16/2016 03:58 PM, Stephen Gallagher wrote:
On 08/16/2016 09:26 AM, Jakub Hrozek wrote:
On Tue, Aug 16, 2016 at 03:17:19PM +0200, Petr Cech wrote: >>>>>> From 24d32d0eb12ddc433e64ffd6411e9e13f0067b35 Mon Sep 17 00:00:00 2001 >>>>>> From: Petr Cech pcech@redhat.com >>>>>> Date: Fri, 13 May 2016 05:21:07 -0400 >>>>>> Subject: [PATCH 1/5] AD_PROVIDER: Add ad_enabled_domains option >>>>>> >>>>>> Resolves: >>>>>> https://fedorahosted.org/sssd/ticket/2828 >>>> >>>> Did you already have the manpage hunk checked by some native English >>>> speaker? >> >> No native speaker have seen it.
OK, can you please ask Dan or Stephen to help us word the manpage piece better?
Proposed man page change:
ad_enabled_domains (string) A comma-separated list of enabled Active Directory domains. If provided, SSSD will ignore any domains not listed in this option. If left unset, all domains from the AD forest will be available.
For proper operation, this option must be specified in all lower-case and as the fully qualified domain name of the Active Directory domain. For example:
ad_enabled_domains = sales.example.com, eng.example.com
The short domain name (also known as the NetBIOS or the flat name) will be autodetected by SSSD.
Default: Not set
Thanks Stephen for review. Fixed patch set is attached.
Regards
-- Petr^4 Čech
From b5420a5710d649c2b8324822bbb55ae53eb1e1f2 Mon Sep 17 00:00:00 2001 From: Petr Cech pcech@redhat.com Date: Tue, 21 Jun 2016 08:34:15 +0200 Subject: [PATCH 2/5] AD_PROVIDER: Initializing of ad_enabled_domains
We add ad_enabled_domains into ad_subdomains_ctx.
Resolves: https://fedorahosted.org/sssd/ticket/2828
src/providers/ad/ad_subdomains.c | 82 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+)
src/providers/ad/ad_subdomains.c: In function ‘ad_subdomains_init’: src/providers/ad/ad_subdomains.c:1447:34: error: passing argument 4 of ‘ad_get_enabled_domains’ from incompatible pointer type [-Werror=incompatible-pointer-types] &ad_enabled_domains); ^ src/providers/ad/ad_subdomains.c:60:16: note: expected ‘const char ***’ but argument is of type ‘char ***’ static errno_t ad_get_enabled_domains(TALLOC_CTX *mem_ctx, ^~~~~~~~~~~~~~~~~~~~~~ src/providers/ad/ad_subdomains.c:1460:32: error: assignment from incompatible pointer type [-Werror=incompatible-pointer-types] sd_ctx->ad_enabled_domains = ad_enabled_domains; ^ cc1: all warnings being treated as errors
It's fixed in 4th patch but I would appreciate to fix it in this patch.
Addresed.
From a9f43343ce46bf130ff8bd64d8c4fea207f9ce05 Mon Sep 17 00:00:00 2001 From: Petr Cech pcech@redhat.com Date: Mon, 27 Jun 2016 11:53:19 +0200 Subject: [PATCH 5/5] TESTS: Adding tests for ad_enabled_domains option
There is special logic around ad_enabled_domains option:
- option is disabled by default
- master domain is always added to enabled domains
Resolves: https://fedorahosted.org/sssd/ticket/2828
Makefile.am | 23 +++ src/tests/cmocka/test_ad_subdomains.c | 328 ++++++++++++++++++++++++++++++++++ 2 files changed, 351 insertions(+) create mode 100644 src/tests/cmocka/test_ad_subdomains.c
diff --git a/Makefile.am b/Makefile.am index 5d1d671096f986d9387e6199112c017e9bf30e1b..59f69f8d242dad9268ef3341647c0c20aa5d8cc0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -257,6 +257,7 @@ if HAVE_CMOCKA test_sbus_opath \ test_fo_srv \ pam-srv-tests \
test_ad_subdom \ test_ipa_subdom_util \ test_tools_colondb \ test_krb5_wait_queue \
@@ -2797,6 +2798,28 @@ test_fo_srv_LDADD = \ libsss_test_common.la \ $(NULL)
+test_ad_subdom_SOURCES = \
- src/tests/cmocka/test_ad_subdomains.c \
- $(NULL)
+test_ad_subdom_CFLAGS = \
- $(AM_CFLAGS) \
- $(NDR_NBT_CFLAGS) \
- $(NDR_KRB5PAC_CFLAGS) \
- $(NULL)
+test_ad_subdom_LDADD = \
- $(CMOCKA_LIBS) \
- $(POPT_LIBS) \
- $(TALLOC_LIBS) \
- $(LDB_LIBS) \
- $(NDR_NBT_LIBS) \
- $(NDR_KRB5PAC_LIBS) \
- $(SSSD_INTERNAL_LTLIBS) \
- libsss_ldap_common.la \
- libsss_ad_tests.la \
- libsss_test_common.la \
- libdlopen_test_providers.la \
- $(NULL)
Attached diff fixes build on debian and removes unused parts.
diff --git a/Makefile.am b/Makefile.am index 5a8112d..edab5ac 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2808,19 +2808,15 @@ test_ad_subdom_SOURCES = \ $(NULL) test_ad_subdom_CFLAGS = \ $(AM_CFLAGS) \
- $(NDR_NBT_CFLAGS) \
Actually, NDR_NBT_CFLAGS needs to be there other wise there is an error
Addresed.
CC src/providers/ipa/test_ipa_subdom_util-ipa_subdomains_utils.o In file included from ../sssd/src/tests/cmocka/test_ad_subdomains.c:39:0: ../sssd/src/providers/ad/ad_subdomains.c:35:17: fatal error: ndr.h: No such file or directory #include <ndr.h>
LS
Thanks Jakub, Lukas.
CI tests almost passed, failure is not connected: http://sssd-ci.duckdns.org/logs/job/51/82/summary.html
Fixed patch set attached.
Regards