summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-08-28check if gid attribute is emptySumit Bose1-0/+6
2009-08-28send SSSD_REALM and SSSD_KDCIP environment to the clientSumit Bose1-2/+31
Currently the kerberos locator plugin needs these two variables to be set to find a KDC which is configured in sssd but not in /etc/krb5.conf.
2009-08-28add configure check for errno_tSumit Bose4-0/+14
2009-08-28fix internal order of ldap user mapping optionsSumit Bose1-4/+4
2009-08-28Speed-up enumerations.Simo Sorce2-2/+167
This patch reduces the time needed to enumerate groups of a midsized domain from 12 seconds to 4.4 Optimizes enumerations by doing only 2 ldb searches and some ordering instead of a number of searches proportional to the number of groups
2009-08-27Make enumeration an independent taskSimo Sorce5-68/+693
Always immediately return to DP, and update users/groups in the background. Also implements an optimization to retrieve only changed/new users/groups by filtering using the modifyTimestamp after the first query.
2009-08-27Remove redunant function and always pass attrs.Simo Sorce4-54/+30
2009-08-27Upgrade database to 0.2Simo Sorce2-5/+172
Provides also an upgrade function.
2009-08-27Fix group replies when using member/memberofSimo Sorce3-197/+180
Also remove legacy memberuid support
2009-08-27Always save using member/memberOfSimo Sorce5-216/+151
First pass to remove the legacy option and make it just a property of the provider
2009-08-27Initial support for multiple schema typesSimo Sorce1-7/+39
2009-08-27do not show server messages to userSumit Bose1-5/+0
2009-08-27removed unused header fileSumit Bose1-18/+0
2009-08-27Use the correct structure.Simo Sorce1-2/+2
2009-08-24Update version to 0.5.0Stephen Gallagher5-13/+507
Update gettext strings
2009-08-24Do not fail enumerations if a single store failsSimo Sorce1-40/+45
Try as hard as possible to store as much data as we can.
2009-08-24Relax memberof constraints a bitSimo Sorce1-85/+226
Allow to try to set members that do not actually exist. In that case simply remove them when we find out they are not real entries.
2009-08-24Add debug statements to sysdb_opsSimo Sorce1-10/+111
2009-08-24Catch possible bad input passed in by glibcSimo Sorce2-0/+20
Seen in tests and was leading to a segfault
2009-08-24some UPN handling fixesSumit Bose7-28/+79
- making the realm part upper case is now optional and done in the LDAP backend - using a username@realm UPN is now optional
2009-08-21Fix accidentally forcing MPGs on for all domainsStephen Gallagher1-1/+1
2009-08-21extended the documentation of LDAP backendSumit Bose2-4/+211
Added man pages sections about user and group attribute mapping. Added an example configuration to access an AD server.
2009-08-21store additional LDAP attributesSumit Bose3-5/+80
If available the original DN and the user principle will be stored in sysdb.
2009-08-21fix handling of filtersUsers in groupsSumit Bose4-31/+56
- with the boolean option filterUsersInGroups it can be controlled wether filtered users appear in groups or not. - fixed an error which prevented the display of groups with filtered members - removed some tab indents
2009-08-21Fix sysdb testsJakub Hrozek1-17/+62
2009-08-21Disallow all operations outside domains, fix deleting cache for filesJakub Hrozek4-11/+41
One of the previous patches disallowed adding users and groups outside known domains but it was missing disallowing modifying, deleting, etc. Also don't error if there's no sysdb cache to delete after deleting legacy user/domain. Fixes: tickets #113,#114
2009-08-21use stored upn if availableSumit Bose1-20/+101
If a user principle name (upn) can be found in sysdb the krb5 backend will use this otherwise is build as username@realm. It is checked that the realm is upper case only.
2009-08-21ELAPI Shortening namesDmitri Pal4-154/+152
Per ticket #118 shortened naimes of some functions and structs I added into ELAPI during last big functional patch . There is no plan to do a global shortening of all names but miving forward I will try to make them shorter than I used to.
2009-08-20COMMON Fixes to return values, errno, leaksDmitri Pal7-62/+69
Started looking at the ticket #107 related to traverse functions. Realized that the return values are not consistent. That ovelapped with the work that I wanted to do for ticket #103 - errno cleanup. So I (across collection, INI and ELAPI): * Made the return codes consistent (where found) * Removed errno where it is not needed While was testing used valgrind and found a nasty problem when the value was added to collection with overwriting duplicates the count was decreased improperly. Fixing collection.c to not decrease count made valgrind happy. While I was debugging this I also spotted several build warnings in trace statements when the " exp ? v1 : v2 " was used. Fixed those. In ini_config.c there was a trace stament that used variable after it was freed. Removed trace stament.
2009-08-20ELAPI: Adding concept of targetsDmitri Pal15-162/+899
The targets are the destinations which caller wants to send the events to. The sinks are now on the second level under targets and constitute a so called fail over chain for a target. Such approach eliminates the need for complex routing function. The dispatcher keeps the list of targets in a collection. The element in the collection is the target context. Also gispatcher keeps the list of the sinks in a separate collection. Each target context has a list of the sinks associated with this target. But those are just pointers (at least for now) to the sinks form the list kept by dispatcher. I had to add some internal debug callbacks to be able to see that all the internals of the dispatcher are actually in order. See the conttent of config file for more comments. Also see information posted on SSSD wiki. https://fedorahosted.org/sssd/wiki/WikiPage/ELAPIInterface
2009-08-20Ensure nextID doesn't reuse an existing local UID or GIDStephen Gallagher1-9/+21
If there was no maxID set for a domain, the search filter to check whether the UID was available would always return empty (because no UIDs can be <= 0) This patch changes the search filter if the maxID is unset so that it has no upper limit
2009-08-20Support Docbook 4.4Stephen Gallagher10-20/+20
RHEL5 did not support Docbook 4.5, and we are not using any 4.5 features.
2009-08-20Support gettext >= 0.14 instead of 0.17Stephen Gallagher4-4/+6
This is needed for support of RHEL5 Adding the assignment of $(localedir) was necessary, as gettext 0.14 does not include automatically assign it.
2009-08-20Remove 'color-tests' from AM_INIT_AUTOMAKEStephen Gallagher1-1/+1
This was breaking the build on RHEL5
2009-08-20Fix usage of $(builddir) in SSSDStephen Gallagher2-0/+7
There are some old versions of automake that do not define $(builddir) correctly. Since $(builddir) is "Rigorously equal to ‘.’', we'll set it at the top of the Makefile.am files.
2009-08-20Add m4 directory at rootStephen Gallagher1-0/+0
Needed for builds on RHEL5
2009-08-20Make the LOCAL provider always use MagicPrivateGroupsStephen Gallagher2-2/+9
Also updates the manpage for sssd.conf to denote this
2009-08-19enable usage of defaultBindDnSumit Bose6-9/+69
2009-08-19Eliminate the --with-tests configure flagStephen Gallagher3-32/+22
--with-tests was confusing. Since we now build our tests only with 'make check', it doesn't make sense for this to be a configure- time option. We will detect during configure whether the 'check' package is available and we will use them if so. Otherwise, we will only build and execute any test suites that do not rely on the 'check' framework. We will print warning during 'configure' if CHECK is not installed
2009-08-18added missing hash_create which was remove by a previous patchSumit Bose1-5/+14
2009-08-18fix return value of confdb_get_domainsSumit Bose1-0/+1
If the last configured domain is broken confdb_get_domains returns the return value of confdb_get_domain even if there are valid domains available.
2009-08-18Remove unneeded binary objects from the replace directoryStephen Gallagher3-0/+0
These were unintentionally committed binary files. They were used by the Samba project during cross-compilation, but they serve no purpose for us.
2009-08-18Ensure that only one local domain is configuredStephen Gallagher1-1/+32
2009-08-17Fix broken buildStephen Gallagher1-1/+0
Build broken in c0f3393d4ab923e2eedab0fad88a864e2aae9fc9
2009-08-17Fix reconnection codeSimo Sorce17-282/+141
Remove redundant reconnection code that was interfeering with the sbus reconnection code. Consolidate include files for sbus relates operations. Make pamsrv code similar to nsssrv code.
2009-08-17TRACE: Making sure trace is safe to output NULL stringsDmitri Pal2-99/+6
Patch adds checks for NULL to the trace macros. It also eliminates the unused trace.h in the collection directory.
2009-08-14Refactor responder_dp.cStephen Gallagher4-117/+117
Many of the functions in responder_dp.c were originally NSS- specific and were moved there from the NSS responder code. Since they are now generic to any responder, rename them to sss_dp_*
2009-08-14Don't go to the backend for identical cache entry requestsStephen Gallagher3-55/+303
Currently, if an additional request comes in for a cache entry while that same entry is already in the process of being refreshed, we start a duplicate cache update request. This patch adds allows the cache to maintain a hash table of all in-progress requests and queue up multiple callbacks for updates in progress. Once the data is returned, all of these callbacks will fire.
2009-08-13Make "files" a reserved word for legacy local domainJakub Hrozek4-4/+57
This patch introduces provider=files as a valid provider. Upon loading the backend, its properties in confdb are overwritten to those that represent legacy local domain. Also document this in sssd.conf(5) and example config
2009-08-13Tools ID range fixesJakub Hrozek3-4/+16
The tools did not take the special case where id_max = 0 (no limit) into account. Also disallow adding users when ID is specified outside any domain. Resolves trac tickets #86 and #89