summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-09-24AD: Optimize initgroups lookups with tokenGroupsStephen Gallagher3-4/+313
https://fedorahosted.org/sssd/ticket/1355
2012-09-24AD: Detect domain controller compatibility versionStephen Gallagher3-0/+44
2012-09-24sss_cache tool invalidates records in memory cache.Michal Zidek7-3/+166
2012-09-24tools_util.h provides signal_sssd function.Michal Zidek3-99/+99
2012-09-24Mark the fastcache files in the spec file as %ghostJakub Hrozek1-0/+2
https://fedorahosted.org/sssd/ticket/1487
2012-09-24AD: autorid compatibility should recommend the use of default domainStephen Gallagher1-4/+4
Previously, we were failing to start if ldap_idmap_autorid_compat was True but the default domain SID was unspecified. This is the recommended configuration, but it is functional without it. There is just a slight risk that the IDs will be inconsistent between machines if the first user requested is not from the default domain. https://fedorahosted.org/sssd/ticket/1530
2012-09-20SSSD fails to store users if any of the requested attribute is empty.Michal Zidek1-0/+6
https://fedorahosted.org/sssd/ticket/1440
2012-09-20Add more debuginfo into ldap_childOndrej Kos1-23/+36
https://fedorahosted.org/sssd/ticket/1225 krb5_child already updated before. Adding more debuginfo into ldap_child. Also old debug levels rewritten into new macros.
2012-09-20Add provider specific default regular expressionsSumit Bose1-0/+62
Fixes https://fedorahosted.org/sssd/ticket/1524
2012-09-20DB: Cancel transaction in sysdb_store_user if sysdb_add_user failsJakub Hrozek1-1/+8
2012-09-20SSH: Fix possible infinite loop when updating known_hostsJan Cholasta1-3/+1
2012-09-20Missing resolv.conf should be non-fatalAriel Barria1-17/+43
https://fedorahosted.org/sssd/ticket/1371
2012-09-20LDB_ERR_INVALID_ATTRIBUTE_SYNTAX added to sysdb_error_to_errno.Michal Zidek1-0/+2
2012-09-20KRB5 child: handle more error codes gracefullyJakub Hrozek1-31/+26
This patch changes handling of krb5 child error codes so that it's on par with the 1.8 branch after Joschi Brauchle reviewed the 1.8 backport.
2012-09-20KRB5 child: Don't return System Error on empty passwordJakub Hrozek1-0/+4
https://fedorahosted.org/sssd/ticket/1310
2012-09-17rpm: put localized sssd_krb5_locator_plugin manpages into clientPavel Březina1-1/+5
Localized sssd_krb5_locator_plugin manpages were added into main sssd package instead of client. https://fedorahosted.org/sssd/ticket/1394
2012-09-17Failover: use _srv_ when no primary server is definedPavel Březina4-46/+12
https://fedorahosted.org/sssd/ticket/1521
2012-09-13Updating the version for the RC1 releaseJakub Hrozek1-1/+1
2012-09-13Updating the translations for the 1.9.0 RC1 releaseJakub Hrozek30-214/+284
2012-09-13SELinux: Always use the default if it exists on the serverJakub Hrozek3-33/+39
https://fedorahosted.org/sssd/ticket/1513 This is a counterpart of the FreeIPA ticket https://fedorahosted.org/freeipa/ticket/3045 During an e-mail discussion, it was decided that * if the default is set in the IPA config object, the SSSD would use that default no matter what * if the default is not set (aka empty or missing), the SSSD would just use the system default and skip creating the login file altogether
2012-09-13DB: Always write the SELinux object to sysdbJakub Hrozek1-70/+8
There's no point in checking if the object already exists because we always wipe the whole sysdb subtree. We were also immediatelly cancelling the transaction because we'd jump to goto, even though it was with EOK.
2012-09-13FO: Check server validity before setting statusJakub Hrozek7-33/+49
The list of resolved servers is allocated on the back end context and kept in the fo_service structure. However, a single request often resolves a server and keeps a pointer until the end of a request and only then gives feedback about the server based on the request result. This presents a big race condition in case the SRV resolution is used. When there are requests coming in in parallel, it is possible that an incoming request will invalidate a server until another request that holds a pointer to the original server is able to give a feedback. This patch simply checks if a server is in the list of servers maintained by a service before reading its status. https://fedorahosted.org/sssd/ticket/1364
2012-09-13NSS: Fix off-by-one error in parse_getservbynameJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1438
2012-09-12backend: initialize sudo only when it is enabled in servicesPavel Březina1-3/+63
https://fedorahosted.org/sssd/ticket/1458 When the responder is disabled and sudo_provider is set explicitly, a warning is print and the module will be initialized.
2012-09-12be_process_init(): free ctx on errorPavel Březina1-15/+21
2012-09-12netgroup: resolve hostgroup membership correctlyPavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/1519 IPA host refactoring changed mapping of memberOf attribute which caused SSSD being unable to retrieve membership of hostgroup when being interpreted as netgroup.
2012-09-12Remove obsolete commentSimo Sorce1-5/+0
Made obsolete by commit e2d17ea806d273784b621583dd0490c2f69f237d
2012-09-10KRB5: Add a missing string argumentJakub Hrozek1-1/+2
2012-09-10SYSDB: NULL-terminate the output of sysdb_get_{ranges,subdomains}Jakub Hrozek3-4/+7
2012-09-10RPM: BuildRequire selinux-policy-targetedJakub Hrozek1-0/+1
selinux-policy-targeted contains the /etc/selinux/targeted/logins directory that is checked during build time to determine if the platform supports SELinux user logins.
2012-09-10KRB5: Return PAM_AUTH_ERR on incorrect passwordJakub Hrozek1-19/+32
https://fedorahosted.org/sssd/ticket/1515
2012-09-10KRB5: cancel the sysdb transaction on one place onlyJakub Hrozek1-1/+0
https://fedorahosted.org/sssd/ticket/1516 If sysdb_set_user_attr failed, we would cancel the transaction, then go to the error handler and attempt to close it again.
2012-09-07Out-of-bounds read fix in hmac-sha-1Ondrej Kos1-1/+3
2012-09-07libsss_sudo should have a versioned dependency on SSSDJakub Hrozek1-0/+1
https://fedorahosted.org/sssd/ticket/1509
2012-09-05Bumping version for the 1.9.0 beta 7 releaseJakub Hrozek1-1/+1
2012-09-05Update translations for 1.9.0 beta 7 releaseJakub Hrozek34-8623/+15821
2012-09-05SIGUSR2 should force SSSD to reread resolv.conf as wellAriel Barria1-2/+19
2012-09-05Don't terminate the same connection twiceJakub Hrozek1-6/+0
https://fedorahosted.org/sssd/ticket/1488
2012-09-05Retry the next server if bind during LDAP auth times outJakub Hrozek1-1/+6
2012-09-05SYSDB: Abort unit test if sysdb_getpwnam failsJakub Hrozek1-0/+3
2012-09-05SYSDB: Commit transaction in sysdb_store_userJakub Hrozek1-17/+19
2012-09-04Unify usage of sysdb transactions (part 2).Michal Zidek9-270/+330
2012-09-04Check flat names when searching for sub-domains as wellSumit Bose1-1/+3
2012-09-04SSH: Add support for OpenSSH-style public keysJan Cholasta1-13/+37
2012-09-04SSH: Simplify public key formatting functionJan Cholasta4-46/+12
2012-09-04SSH: Return error code in SSH utility functionsJan Cholasta4-29/+54
2012-09-04Adding -std=gnu99 flag.Michal Zidek1-1/+2
2012-09-04Check if the SELinux login directory existsJakub Hrozek3-3/+13
https://fedorahosted.org/sssd/ticket/1492
2012-08-29RPM: Always include the patch fileJakub Hrozek1-2/+0
2012-08-28RPM: Switch the default ccache locationJakub Hrozek3-1/+29
https://fedorahosted.org/sssd/ticket/1500