summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-08-15Added sysdb_ctx_get_domain functionJan Zeleny2-0/+7
2011-08-15sysdb refactoring: renamed ctx variable to sysdbJan Zeleny4-348/+348
2011-08-11Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher1-3/+3
2011-08-11Allow the O_NONBLOCK flag to be reset correctlyRalf Haferkamp1-14/+0
sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952
2011-08-11Fix broken RHEL5 buildStephen Gallagher1-0/+1
RPM in RHEL 5 requires %ghost entries to be present in the build root.
2011-08-10Fix potential double-free issueStephen Gallagher1-1/+1
tmp_ctx is a child of ctx.
2011-08-10Cancel sysdb upgrade transaction if commit failsStephen Gallagher1-60/+30
2011-08-10Remove private shared object Provides: for pysss.so and pyhbac.soStephen Gallagher1-0/+6
2011-08-10Include the configuration file as a %ghost entryStephen Gallagher1-0/+1
The recent change to cease installing the sample configuration file caused existing config files to be removed on upgrade. This will prevent that from happening.
2011-08-08Remove unused temporary contextJakub Hrozek1-5/+0
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954
2011-08-08Fixed implicit declaration of function 'time' in src/sss_client/common.c.Pavel Březina1-0/+1
2011-08-08debug_timestamps fixesPavel Březina4-14/+24
Fixed: could not overwrite debug_timestamps when set in sssd.conf Fixed: invalid description of debug_timestamps in sssd man page
2011-08-08Rename sssd.conf to sssd-example.confStephen Gallagher3-6/+5
This file should not be installed by default. It leads to user confusion. We will instead install it as documentation. Fix incorrect example of entry_cache_nowait_percentage
2011-08-04Revert "Allow LDAP to decide when an expiration warning is warranted"Stephen Gallagher1-4/+3
This reverts commit b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.
2011-08-04Fix returning groups when gidNumber attribute is not orderedJakub Hrozek3-4/+10
https://fedorahosted.org/sssd/ticket/951
2011-08-04pyhbac: Do not convert int to boolJakub Hrozek1-2/+11
2011-08-03Fix two man page typosYuri Chornoivan2-2/+2
2011-08-02Bumping version to 1.7.0Stephen Gallagher1-1/+1
2011-08-02Updating translations for 1.6.0 releaseStephen Gallagher20-4822/+7254
2011-08-01Allow LDAP to decide when an expiration warning is warrantedStephen Gallagher1-3/+4
Previously, we were only displaying expiration warnings if the password was going to expire within a day. We'll allow LDAP to make this decision (by whether it passes us the expiration time). In the future, we can add an option to clamp this down to a shorter period if the local admin prefers it.
2011-08-01Request password control unconditionally during bindJakub Hrozek1-6/+6
https://fedorahosted.org/sssd/ticket/940
2011-08-01HBAC rule validation Python bindingsJakub Hrozek2-0/+129
https://fedorahosted.org/sssd/ticket/943
2011-08-01Change the default value of ldap_tls_cacert in IPA providerJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/944
2011-08-01Add rule validator to libipa_hbacStephen Gallagher4-1/+190
https://fedorahosted.org/sssd/ticket/943
2011-08-01Remove incorrect private variableStephen Gallagher1-1/+1
This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback)
2011-08-01Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek1-1/+1
2011-08-01Require matched version and release for libipa_hbacStephen Gallagher1-0/+1
2011-07-29Converge accept_fd_handler and accept_priv_fd_handlerStephen Gallagher1-85/+50
These two functions were almost identical. Better to maintain them as a single function.
2011-07-29Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/936
2011-07-29Fix memory leak in ipa_hbac_evaluate_rulesStephen Gallagher1-0/+1
https://fedorahosted.org/sssd/ticket/933
2011-07-29Add vetoed_shells optionJohn Hodrien6-1/+27
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-07-29sss_client: avoid leaking file descriptorsSimo Sorce2-0/+15
If a pam or nss module is dlcolse()d and unloaded we were leaking the file descriptor used to communicate to sssd in the process. Make sure the fucntion used to close the socket file descriptor is called on dlclose() Silence autoconf 2.28 warnings (Patch by Jakub Hrozek)
2011-07-29UTF8 HBAC testJakub Hrozek1-0/+117
2011-07-29libipa_hbac: Support case-insensitive comparisons with UTF8Stephen Gallagher5-17/+111
2011-07-27Handle allocation error in python HBAC bindingsJakub Hrozek1-0/+3
https://fedorahosted.org/sssd/ticket/934
2011-07-27Remove dead code from python HBAC bindingsJakub Hrozek1-4/+0
https://fedorahosted.org/sssd/ticket/935
2011-07-27Explicitly ignore groups with gidNumber=0Jakub Hrozek2-11/+18
https://fedorahosted.org/sssd/ticket/916
2011-07-27Set gidNumber of non-posix groups to 0 even on updatesJakub Hrozek1-8/+44
2011-07-27silence compilation warnings on RHEL5pbrezina1-12/+13
https://fedorahosted.org/sssd/ticket/930
2011-07-21Fix indexing of skipped groupsJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/928
2011-07-21fo_get_server_name() getter for a server nameJakub Hrozek6-4/+32
Allows to be more concise in tests and more defensive in resolve callbacks
2011-07-21Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek7-11/+11
2011-07-21Only print server address if one is availableJakub Hrozek1-0/+7
2011-07-21Do not add a NULL host parsed from LDAP URIJakub Hrozek1-1/+8
https://fedorahosted.org/sssd/ticket/911
2011-07-13Fix python HBAC bindings for python <= 2.4Jakub Hrozek7-85/+315
Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
2011-07-13Fixes for python HBAC bindingsJakub Hrozek2-12/+105
These changes were proposed during a review: * Change the signature of str_concat_sequence() to const char * * use a getsetter for HbacRule.enabled to allow string true/false and integer 1/0 in addition to bool * fix a minor memory leak (HbacRequest.rule_name) * remove overzealous discard consts
2011-07-13Use ares_search instead of ares_query for hostname resolutionJakub Hrozek1-1/+1
ares_query does not take search or domain directives from /etc/resolv.conf into account https://fedorahosted.org/sssd/ticket/922
2011-07-13Remove unused krb5_service structure memberJakub Hrozek3-7/+1
2011-07-11Check DNS records before updatingJakub Hrozek4-25/+470
https://fedorahosted.org/sssd/ticket/802