summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-02-29Handle cases where UID is -1Stephen Gallagher1-6/+1
Also removes an unnecessary range check (since it's already handled by strtoint32() https://fedorahosted.org/sssd/ticket/1216
2012-02-29Remove sysdb_get_ctx_from_list()Sumit Bose10-91/+53
2012-02-29Keep sysdb context in domain info structSumit Bose9-51/+105
2012-02-29Fix the script pathJan Zeleny1-1/+1
2012-02-29Fix typo in script nameStephen Gallagher1-1/+1
2012-02-28Include new manpages in translationsStephen Gallagher1-0/+6
2012-02-28Include the debug_level upgrade tool in the tarballStephen Gallagher1-0/+1
2012-02-28Fix typo in autofs option descriptionStephen Gallagher1-1/+1
2012-02-27PAM: Don't send PAM_SYSTEM_INFO message if module unsetStephen Gallagher1-7/+3
We now have a session module that is only available for the IPA provider. We should not be logging noisily that other providers do not have the session provider configured. https://fedorahosted.org/sssd/ticket/1211
2012-02-27Include missing source files to the list of source files which contain ↵Jan Cholasta1-0/+4
translatable strings
2012-02-27SSH: Update sss_ssh_knownhostsproxy manual pageJan Cholasta1-15/+4
2012-02-27SSH: Remove unused --file option of sss_ssh_knownhostsproxyJan Cholasta1-5/+0
2012-02-27SSH: Replace blocking getaddrinfo call in the responder with asynchronous ↵Jan Cholasta4-27/+59
resolver code
2012-02-27SSH: Use fchmod instead of chmod on known_hosts fileJan Cholasta1-8/+4
2012-02-27SSH: Add missing break statements to sss_ssh_format_pubkeyJan Cholasta1-0/+2
2012-02-27SSH: Add more debugging messagesJan Cholasta5-8/+38
2012-02-27SSH: Don't abort known_hosts update when host search failsJan Cholasta1-1/+1
2012-02-27AUTOFS: speed up the client by requesting multiple entries at onceJakub Hrozek3-78/+239
https://fedorahosted.org/sssd/ticket/1166
2012-02-27Eliminate build-time requirement for nscdStephen Gallagher3-12/+12
We will now use the autodetected location if available, or else fall back to a value provided by --with-nscd in configure and finally resort to a hard-coded default of /usr/sbin/nscd.
2012-02-26LDAP: Remove unnecessary filter sanitizeStephen Gallagher1-11/+5
The orig_dn here isn't being passed to a filter and therefore must not be santized, as the sanitization process would break DNs that contain (among other things) parentheses.
2012-02-26SSH: Manage global known_hosts file in the responderJan Cholasta3-78/+136
https://fedorahosted.org/sssd/ticket/1193
2012-02-26SSH: Continue connecting to SSH server even when SSSD is not running in ↵Jan Cholasta1-112/+85
sss_ssh_knownhostsproxy Additionally, don't drop the connection when the sss_ssh_knownhostsproxy process receives a signal. https://fedorahosted.org/sssd/ticket/1179 https://fedorahosted.org/sssd/ticket/1184
2012-02-26UTIL: Add function for atomic I/OJan Cholasta2-0/+44
2012-02-26SSH: Refactor responder and client common codeJan Cholasta7-170/+301
2012-02-26SSH: Save SSH host name aliasesJan Cholasta6-42/+120
2012-02-24Modifications to simplify list_missing_attrsJan Zeleny8-44/+21
2012-02-24Delete missing attributes from netgroups to be storedJan Zeleny6-4/+45
https://fedorahosted.org/sssd/ticket/1136
2012-02-24SELinux related attributes added to config APIJan Zeleny2-1/+11
2012-02-24IPA hosts refactoringJan Zeleny18-154/+156
2012-02-24LDAP: Only use paging control on requests for multiple entriesStephen Gallagher16-40/+100
The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-23AUTOFS: Search all search bases for automounter map entriesJakub Hrozek1-18/+86
https://fedorahosted.org/sssd/ticket/1168
2012-02-23AUTOFS: Invoke implicit setautomntent if neededJakub Hrozek2-45/+156
https://fedorahosted.org/sssd/ticket/1167
2012-02-23libnl: fix the path to phy80211 subdirectoryJakub Hrozek1-4/+20
2012-02-23Move sudo_dom_ctx.user to local variablePavel Březina2-8/+8
2012-02-23Honor case_sensitive option in sudo responderPavel Březina4-21/+100
https://fedorahosted.org/sssd/ticket/1205
2012-02-23LDAP: Properly assign orig_dnStephen Gallagher1-0/+1
This was only used for properly identifying debug messages.
2012-02-23Save errno value before calling DEBUGJakub Hrozek1-2/+4
2012-02-23pam_sss: keep selinux optionalSimo Sorce3-4/+7
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2012-02-23nss_group: Cache the result from sssd when the glibc provided buffer is too ↵Simo Sorce1-8/+145
small.
2012-02-23IPA: Add ipa_parse_search_base()Stephen Gallagher3-19/+72
Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151
2012-02-22Add tool to convert debug levelsStephen Gallagher1-0/+100
Older versions of SSSD (1.5 and earlier) would take a debug_level value set in the [sssd] section as authoritative for all other sections where not explicitly overridden. We changed this so that all sections need to set it if they want debug logs set. This script can be run to make the new version continue to produce the same logs as the old versions did, by explicitly adding debug_level to all domains and services that did not have it set already. Bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=753763
2012-02-21Don't give memory context in confdb where not neededJan Zeleny17-55/+75
2012-02-21remove unused functionJakub Hrozek1-20/+0
2012-02-21End request if ldap_parse_result failsJakub Hrozek1-0/+3
2012-02-18Include the fd_limit configuration optionJakub Hrozek1-0/+1
2012-02-17RESPONDERS: Make the fd_limit setting configurableStephen Gallagher7-4/+63
This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197
2012-02-17RESPONDERS: Allow increasing the file-descriptor limitStephen Gallagher4-0/+48
This patch will increase the file descriptor limit to 8k or the limits.conf maximum, whichever is lesser. https://fedorahosted.org/sssd/ticket/1197
2012-02-17Fix case insensitive service lookupsJakub Hrozek1-6/+6
2012-02-17LDAP: Ignore group member users that do not have name attributesStephen Gallagher1-2/+2
Instead of failing the group lookup, just skip them. This was impacting some users of ActiveDirectory where not all users had the appropriate attributes. https://fedorahosted.org/sssd/ticket/1169
2012-02-17NSS: Always return the same protocol that was requestedStephen Gallagher2-9/+26
https://fedorahosted.org/sssd/ticket/1160