Learn more about these different git repos.
Other Git URLs
Source host processing is very costly (it requires us to retrieve the complete list of hosts from the FreeIPA server) and it's inherently unreliable (due to the fact that there is no PAM standard for what applications will send us in the {{{srchost}}} field).
We should add a new option, {{{ipa_hbac_support_srchost}}} that will default to {{{False}}}. If this option is false, we will perform a much simpler host lookup (just the current host and its parents). This will significantly improve login performance in environments with large numbers of hosts.
When it's false, we should also modify rules we retrieve to treat srchost as {{{category = ALL}}} (thus meaning it will always match).
Fields changed
patch: 0 => 1 status: new => assigned
Fixed in: 6fb75e2
resolution: => fixed status: assigned => closed
type: defect => enhancement
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=766876 (Red Hat Enterprise Linux 6)
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=766876 766876]
Metadata Update from @sgallagh: - Issue assigned to jzeleny - Issue set to the milestone: SSSD 1.7.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2120
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.