summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-08-14s3:idmap_tdb: remove unused idmap_tdb_load_ranges()Michael Adam1-35/+0
The idmap_tdb_state (which should actually be called idmap_tdb_alloc_context) is being removed since the alloc part is combined with the id mapping part.
2010-08-14s3:idmap_tdb: have idmap_tdb_open_db take an idmap_domain struct as argumentMichael Adam1-18/+11
the other arguments are not needed any more and are removed.
2010-08-14s3:idmap_tdb: rename idmap_tdb_alloc_init->idmap_tdb_init_hwm and use db ↵Michael Adam1-24/+13
from idmap_tdb_context instead of the special idmap_alloc_db
2010-08-14s3:idmap_tdb: move definition of struct idmap_tdb_context up.Michael Adam1-4/+4
2010-08-14s3:idmap_tdb: remove filter_low_id,filter_high_id from idmap_tdb_contextMichael Adam1-57/+3
These are now taken from the idmap_domain struct.
2010-08-14s3:idmap_tdb: add idmap domain arg to idmap_tdb_upgrade and use domain rangeMichael Adam1-4/+4
2010-08-14s3:idmap_tdb: use filter from idmap_domain rather than from idmap_tdb_contextMichael Adam1-6/+4
2010-08-14s3:idmap_tdb: give idmap domain argument to idmap_tdb_sid_to_idMichael Adam1-2/+5
instead of idmap_tdb_context. This is in preparation of using the filter from the idmap_domain struct.
2010-08-14s3:idmap_tdb: give idmap domain argument to idmap_tdb_id_to_sidMichael Adam1-3/+6
instead of idmap_tdb_context. This is in preparation of using the filter from the idmap_domain struct.
2010-08-14s3:idmap_tdb: implement allocate_id in idmap methods for tdb backendMichael Adam1-0/+1
2010-08-14s3:idmap_tdb: add idmap_tdb_get_new_id() to allocate a new id given a domainMichael Adam1-0/+24
Currently this only works with the default domain, calling out to idmap_tdb_allocate_id(). In the future this will be extended to also work for non-default domains.
2010-08-14s3:idmap_tdb: convert idmap_tdb_allocate_id() to use transaction wrappersMichael Adam1-45/+68
2010-08-14s3:idmap_tdb: remove an extra blank lineMichael Adam1-1/+0
2010-08-14s3:idmap_tdb2: add my (C)Michael Adam1-0/+1
2010-08-14s3:idmap_tdb2: move idmap_tdb2_new_mapping() up. spare a prototype.Michael Adam1-55/+51
2010-08-14s3:idmap_tdb2: get rid of an extra variable in idmap_tdb2_db_init().Michael Adam1-1/+0
2010-08-14s3:idmap_tdb2: move idmap_tdb2_set_mapping() up to its _action callback.Michael Adam1-61/+62
2010-08-14s3:idmap_tdb2: use the right talloc context for db_open in idmap_tdb2_open_db()Michael Adam1-1/+1
2010-08-14s3:idmap_tdb2: don't check whether sid is already mapped in ↵Michael Adam1-22/+0
idmap_tdb2_new_mapping(). idmap_tdb2_new_mapping() is called from inside a transaction only with sids, that have been verified not to be mapped directly before that in the same transaction.
2010-08-14s3:idmap_tdb2: add the db_context to the idmap_tdb2_contextMichael Adam1-19/+32
this removes the idmap_tdb2 global variable
2010-08-14s3:idmap_tdb2: talloc_zero (instead of talloc) the idmap_tdb2_contextMichael Adam1-1/+1
2010-08-14s3:idmap_tdb2: rename idmap_tdb2_alloc_load -> idmap_tdb2_init_hwmMichael Adam1-5/+4
2010-08-14s3:idmap_tdb2: move idmap_tdb2_alloc_load() up to reduce need for prototypeMichael Adam1-36/+35
2010-08-14s3:idmap_tdb2: remove unused idmap_tdb2_state and idmap_tdb2_load_rangesMichael Adam1-51/+0
2010-08-14s3:idmap_tdb2: give idmap_tdb2_alloc_load() and idmap domain arguemntMichael Adam1-7/+7
and use the ranges from the idmap domain for checking the HWM values
2010-08-14s3:idmap_tdb2: add an idmap_domain struct argument to idmap_tdb2_open_db()Michael Adam1-9/+9
2010-08-14s3:idmap_tdb2: remove filter_low_id and filter_high_id from idmap_tdb2_contextMichael Adam1-2/+0
Now these are taken from the idmap_domain struct.
2010-08-14s3:idmap_tdb2: don't parse config and fill filter_low_id and filter_high_idMichael Adam1-43/+1
into idmap_tdb2_context in idmap_tdb2_db_init(). Now these are taken from the idmap_domain struct instead.
2010-08-14s3:idmap_tdb2: honour the "idmap read only" flag in the tdb2 module.Michael Adam1-1/+1
Note that this will not prevent the idmap script from writing its mappings to the database, but no new unix ids will be allocated via the allocator and hence no new mappings will be autogenerated.
2010-08-14s3:idmap_tdb2: use range from idmap_domain in idmap_tdb2_allocate_idMichael Adam1-4/+1
2010-08-14s3:idmap_tdb2: use filter from idmap_domain rather than from idmap_tdb2_contextMichael Adam1-12/+6
2010-08-14s3:idmap_tdb2: pass idmap_domain (not idmap_tdb2_context) to ↵Michael Adam1-7/+5
idmap_tdb2_sid_to_id
2010-08-14s3:idmap_tdb2: pass idmap_domain instead of idmap_tdb2_context to ↵Michael Adam1-6/+7
idmap_tdb2_unixids_to_sids The reason for this will become apparent later: The ranges are being moved to the idmap_domain: They are universal.
2010-08-14s3:idmap_tdb2: also support idmap script for named domainsMichael Adam1-0/+5
this can be configured via "idmap config DOMAIN : script = foobar"
2010-08-14s3:idmap_tdb2: move the idmap script from idmap_tdb2_state to idmap_tdb2_contextMichael Adam1-15/+11
The state (aka idmap_tdb2_alloc_context) is being removed. The (global) idmap script was wrong there anyways. It belongs to the per-domain context.
2010-08-14s3:idmap_tdb2: remove use of idmap_tdb2_state from idmap_tdb2_allocate_idMichael Adam1-4/+8
idmap_tdb2_state should actually be called idmap_tdb2_alloc_context. This is being removed as the idmap and allocation is moved together. We use the idmap_tdb2_context * that is sitting in dom->private_data. This contains the same ranges as those in the state anyways. Later, when we can also allocate for named domains, this will become necessary anyways.
2010-08-14s3:idmap_tdb2: move definition of struct idmap_tdb2_context up.Michael Adam1-4/+5
2010-08-14s3:idmap_tdb2: open the db after loading the ranges in idmap_tdb2_db_init().Michael Adam1-3/+5
2010-08-14s3:idmap_tdb2: add allocation of new mappings to idmap_tdb2_sids_to_unixidsMichael Adam1-22/+173
This moves the new_mapping feature inside the tdb2 backend to make creations of mappings atomic. Note: The new internal function idmap_tdb2_get_new_id() that is used to allocate a new unix id is prepared to function for multiple explicitly configured idmap domains, but currently it does only work for the default domain. The extended allocation support requires extension of the data base format to store multiple counters (per domain). This will be added in a later step (TODO!).
2010-08-14s3:idmap_tdb2: re-implement allocated_id in idmap methods.Michael Adam1-0/+1
2010-08-14s3:idmap: add idmap_unix_id_is_in_range() for checking an id against an ↵Michael Adam2-0/+20
idmap range
2010-08-14s3:idmap: don't check range for passdb idmap domainMichael Adam1-21/+30
2010-08-14s3:idmap: parse ranges and "read only" in idmap_init_domain().Michael Adam1-0/+78
2010-08-14s3:idmap: add a read_only flag to the idmap_domain struct.Michael Adam1-0/+1
This will be used to mark "allocating backends" (tdb, tdb2, ldap) read-only.
2010-08-14s3:idmap: add low_id and high_id to the idmap_domain structMichael Adam1-0/+2
This global data will replace the backend-specific filter_low_id and filter_high_id. The presence of a range is generic to all idmap configs.
2010-08-14s3:docs: fix net manpage to reflect removal of net "idmap secret alloc" featureMichael Adam1-1/+1
2010-08-14s3:net: remove the "net idmap secret alloc" functionality.Michael Adam1-39/+18
This is now not available any more, since allocation is moved below the id mapping layer. The functionality could be reintroduced on a per domain basis as an e.g "net idmap secret <domain> alloc" command.
2010-08-14s3:docs: add documentation for new "idmap read only" parameterMichael Adam1-0/+21
2010-08-14s3:loadparm: add new boolean parameter "idmap read only"Michael Adam2-0/+13
This will be used to be able to put the default idmap config read only. This can make sense for instance with the tdb2 idmap backend and using the idmap script feature.
2010-08-14s3:docs: remove documentation of removed parameter "idmap alloc backend"Michael Adam1-33/+0