summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-04-16Use SO_PEERCRED on the PAM socketSumit Bose6-3/+162
This is the second attempt to let the PAM client and the PAM responder exchange their credentials, i.e. uid, gid and pid. Because this approach does not require any message interchange between the client and the server the protocol version number is not changed. On the client side the connection is terminated it the responder is not run by root. On the server side the effective uid and gid and the pid of the client are available for future use. The following additional changes are made by this patch: - the checks of the ownership and the permissions on the PAM sockets are enhanced - internal error codes are introduced on the client side to generate more specific log messages if an error occurs
2010-04-16Revert "Add better checks on PAM socket"Sumit Bose4-274/+5
This reverts commit 5a88e963744e5da453e88b5c36499f04712df097.
2010-04-15Updating ES translationHéctor Daniel Cabrera1-144/+129
2010-04-14Fixing buildDmitri Pal3-5/+6
2010-04-14Fixing spec file to match version.Dmitri Pal1-3/+3
2010-04-14Fix ini_config unit testStephen Gallagher1-1/+4
When running 'make distcheck', the entire source directory is set to read-only, to ensure that the build process only has write access to $builddir. As a result, this was causing the unit test for file mode to fail, since the file it was testing resides in the $srcdir. This patch guarantees that the test file has the correct permissions prior to running the access test.
2010-04-14Fix warning in sysdb-tests.cStephen Gallagher1-8/+0
When we converted to the synchronous sysdb interface, the synchronous-simulating function test_loop() became unnecessary, but we forgot to remove it.
2010-04-14Remove unused configure macroStephen Gallagher1-1/+0
2010-04-14Add ability to trace 64bit numbersDmitri Pal2-2/+58
[TRACE] Adding macros for signed numbers
2010-04-14Acess control and config change checksDmitri Pal4-38/+684
1) Fixed the issue that metadata was saved as numbers. Was supposed to be saved as strings. 2) Added two functions. One is to check permissions on the config file. Another to check if the file has changed and thus the cinfiguration needs to be reread. 3) Added unit test will sample code and comments how to use the functions. 4) Added doxygen description in the comments. 5) Fixed couple typos and ommisions here and there. [INI] Fixing crash detected on 64-bit system This patch corrects original code to be more on the safe side and check parameters before using. Instead of dereferencing metadata it is now passed as reference to the next level. It is not used there yet so no other new changes needed so far. [INI] Addressing review comments [INI] Addressing comments.
2010-04-14Resolve paths for reporting purposesDmitri Pal2-4/+21
2010-04-14Adding content to the metadataDmitri Pal4-13/+140
This patch implements function that collects stats and saves them in the ACCESS section inside metadata.
2010-04-14Adding metadata interfaceDmitri Pal7-277/+915
This patch: 1) Adds the definition of the metadata interface to the header file. The functions that were exposed for no good reason are now hidden. 2) Previously exposed functions and their descriptions are removed from the public header and placed into the source code for now. 3) The function that reads the config file no longer tries to close file in case of error. 4) Lines collection is still passed in into the reading function but as a collection itself not as a pointer to it. 5) All the parts related to processing lines are currently ifdefed using HAVE_VALIDATION that is currently is not defined. This is done to disable creation of the lines collection utill it is actually needed. I did not want to blindly remove it though and loose already done work that will be useful in future. 6) Version of the library and interface is updated 7) New header and source modules are introduced to hold functions related to the meta data. They are mostly stubbed out. This is incomplete patch. It builds and make check runs. It is created just to simplify the review a bit.
2010-04-12Update Polish translationPiotr Drąg1-20/+16
2010-04-12Update Ukrainian translationYuri Chornoivan1-18/+19
2010-04-12Fix merge error for sss_userdel.cStephen Gallagher1-21/+1
2010-04-12Update translations for master branchStephen Gallagher14-1996/+2694
2010-04-12Bumping version on master to 1.2.90Stephen Gallagher1-1/+1
2010-04-12tools: remove creation of event_contextSimo Sorce10-47/+3
Since the sysdb is now synchronous and creates its own event context we don't need an explicit event context anymore in the tools.
2010-04-12Make groupshow synchronous.Simo Sorce1-310/+105
I tried to convert this code as mechanically as possible from the previously existing code. I am not sure it works right, and it will probably recurse infinetly as circular group memberships are admitted in sysdb. The original code had the same issues. This code should be probably discarded and redone from scratch.
2010-04-12sysydb: Finally stop using a common event contextSimo Sorce10-30/+14
This commit completes the migration to a synchronous sysdb
2010-04-12sysdb: remove remaining traces of sysdb_handleSimo Sorce11-237/+1
2010-04-12sysdb: remove obsolete helpers from sysdbSimo Sorce2-158/+0
2010-04-12sysdb: convert sysdb_initgroupsSimo Sorce3-318/+166
2010-04-12Adjust fill_pwent and fill_grentSimo Sorce1-13/+13
fill_pwent should return the number of users actually processed. Otherwise in case of a recoverable error we may end up skipping a large chunk of users. fill_grent doesn't need to distinguish between number of entries and number of groups to process since we started adding memberuid. Remove remnants that are not useful anymore.
2010-04-12sysdb: convert sysdb_enumgrentSimo Sorce4-249/+147
2010-04-12sysdb: convert sysdb_enumpwentSimo Sorce4-259/+144
2010-04-12sysdb: convert sysdb_get_user_attrSimo Sorce6-293/+160
2010-04-12sysdb: convert sysdb_getgrgidSimo Sorce4-263/+160
2010-04-12sysdb: convert sysdb_getgrnamSimo Sorce10-394/+253
2010-04-12sysdb: convert sysdb_getpwuidSimo Sorce4-265/+146
2010-04-12sysdb: convert sysdb_getpwnamSimo Sorce12-623/+415
2010-04-12sysdb: add automatic transactions where neededSimo Sorce1-7/+47
Only functions that do multiple operations need explicit transactions as ldb_add/ldb_modify/ldb_delete already start transactions automatically intenrally.
2010-04-12sysdb: remove async transactionsSimo Sorce2-157/+0
not used anymore
2010-04-12Remove remaining use of sysdb_transaction_sendSimo Sorce5-723/+205
2010-04-12Use the sysdb synchronous transaction functionsSimo Sorce7-424/+104
2010-04-12proxy: complete conversion to synchronous sysdbSimo Sorce1-1113/+428
This makes proxy use only synchronous functions again.
2010-04-12sysdb: add synchronous transaction functionsSimo Sorce2-14/+37
2010-04-12tests: remove use of asynchronus transactionsSimo Sorce1-502/+86
now all calls are synchronous
2010-04-12sysdb: remove sysdb_check_handleSimo Sorce1-90/+0
not used anymore
2010-04-12sysdb: convert sysdb_cache_authSimo Sorce4-264/+136
2010-04-12sysdb: convert sysdb_search_groupsSimo Sorce4-410/+151
2010-04-12sysdb: delete sysdb_delete_groupSimo Sorce6-321/+109
2010-04-12sysdb: convert sysdb_delete_userSimo Sorce6-356/+115
2010-04-12sysdb: convert sysdb_search_usersSimo Sorce3-169/+72
2010-04-12sysdb remove sldb_request_send, not used anymoreSimo Sorce1-125/+0
2010-04-12sysdb: convert sysdb_asq_searchSimo Sorce4-358/+140
2010-04-12sysdb: convert sysdb_store_customSimo Sorce4-258/+93
2010-04-12sysdb: convert sysdb_search_customSimo Sorce4-371/+229
2010-04-12sysdb: convert sysdb_cache_passwordSimo Sorce6-209/+62