Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2013-01-21 | Introduce be_req_terminate() helper | Simo Sorce | 19 | -130/+84 | |
Call it everywhere instead of directly dereferencing be_req->fn This is in preparation of making be_req opaque. | |||||
2013-01-21 | Remove domain from be_req structure | Simo Sorce | 7 | -64/+46 | |
2013-01-21 | Pass domain not be_req to access check functions | Simo Sorce | 5 | -22/+33 | |
2013-01-21 | Split simple_access_check function out | Simo Sorce | 4 | -207/+227 | |
Need to split out the function or new additions to the handler funtion will not allow simple access tests to compile anymore. | |||||
2013-01-21 | Do not pass NULL to ipa_subdomain_retrieve() | Simo Sorce | 1 | -18/+20 | |
2013-01-21 | Move hbac_ctx_is_offline() | Simo Sorce | 2 | -7/+6 | |
2013-01-21 | Remove hbac_ctx_sdap_id_[ctx|op]() | Simo Sorce | 2 | -18/+6 | |
2013-01-21 | Remove hbac_ctx_ev() | Simo Sorce | 2 | -10/+3 | |
2013-01-21 | Remove hbac_ctx_be() | Simo Sorce | 3 | -12/+4 | |
2013-01-21 | Remove hbac_ctx_sysdb() | Simo Sorce | 2 | -12/+4 | |
2013-01-21 | Remove sysdb argument from hbac_get_cached_rules() | Simo Sorce | 3 | -9/+6 | |
2013-01-21 | Remove sysdb arg from [ipa_]hbac_sysdb_save() | Simo Sorce | 3 | -36/+25 | |
Also make ipa_hbac_save_list() static | |||||
2013-01-21 | Remove sysdb arg from ipa_hbac_service_info_send() | Simo Sorce | 3 | -5/+0 | |
2013-01-21 | Remove sysdb arg from hbac_*host_attrs_to_rule() | Simo Sorce | 3 | -11/+4 | |
2013-01-21 | Remove sysdb arg from hbac_service_attrs_to_rule() | Simo Sorce | 3 | -5/+2 | |
2013-01-21 | Remove sysdb argument from hbac_user_attrs_to_rule() | Simo Sorce | 3 | -6/+4 | |
2013-01-21 | Remove unused structure | Simo Sorce | 1 | -6/+0 | |
2013-01-21 | Remove sysdb argument from ipa_host_info_send() | Simo Sorce | 5 | -9/+3 | |
2013-01-21 | Remove sysdb as a be request structure member | Simo Sorce | 7 | -12/+9 | |
The sysdb context is already available through the 'domain' context. | |||||
2013-01-21 | Remove sysdb as a be context structure member | Simo Sorce | 27 | -56/+52 | |
The sysdb context is already available through the 'domain' structure. | |||||
2013-01-21 | Move ldap provider access functions | Simo Sorce | 3 | -59/+87 | |
It was confusing to see the ldap provider own handler mixed with the generic ldap access code used also by the ipa and ad providers. So move the ldap provider handler code in its own file. | |||||
2013-01-21 | TOOLS: invalidate parent groups in memory cache, too | Jakub Hrozek | 4 | -8/+71 | |
https://fedorahosted.org/sssd/ticket/1775 In addition to invalidating the group being added to when adding a member group/user, we also need to invalidate all its parent groups, otherwise this getgrnam("parent") wouldn't report the members newly added to its child groups. | |||||
2013-01-21 | LDAP: Compare lists of DNs when saving autofs entries | Jakub Hrozek | 3 | -143/+178 | |
https://fedorahosted.org/sssd/ticket/1758 The autofs entries do not have the key as an unique identifier, but rather the full (key, value) tuple as some keys have a special meaning, such as the direct mount key (/-) and may be present in a single map multiple times. Comparing the full DN that contains both the key and the value will allow for working updates if either key or value changes. | |||||
2013-01-19 | set struct bet_info->bet_type | Pavel Březina | 1 | -0/+1 | |
2013-01-16 | Invalidate user entry even if there are no groups | Jakub Hrozek | 2 | -11/+8 | |
Related to https://fedorahosted.org/sssd/ticket/1757 Previously we would optimize the mc invalidate code for cases where the user was a member of some groups. But if the user was removed from the server while being in memory cache, we would only invalidate the mc record if he was a member of at least one supplementary group. | |||||
2013-01-16 | NSS: invalidate memcache user entry on initgr, too | Jakub Hrozek | 1 | -0/+11 | |
https://fedorahosted.org/sssd/ticket/1757 When the user entry was missing completely after initgroups, we would never invalidate the user entry from cache. This led to dangling cache entried in memory cache if the user was removed from the server while still being in memory cache. | |||||
2013-01-16 | Remove outdated code. | Simo Sorce | 1 | -10/+0 | |
This code should not be necessary anymore since June 2010 with commit: 90acbcf20b5f896ca8f631923afe946c90d90de7 | |||||
2013-01-16 | Tidy up BASE dn macros | Simo Sorce | 1 | -4/+4 | |
2013-01-16 | tools: Respect use_fully_qualified_names | Michal Zidek | 1 | -0/+9 | |
Tools for LOCAL domain should require FQDN if option 'use_fuly_quallified_names = TRUE' was configured. https://fedorahosted.org/sssd/ticket/1746 | |||||
2013-01-16 | sss_cache: Call DEBUG_INIT sooner | Michal Zidek | 1 | -2/+3 | |
If bad parameteres were passed to sss_cache, the init function returned without calling DEBUG_INIT macro and unnecessary level 1 debug message was printed. https://fedorahosted.org/sssd/ticket/1745 | |||||
2013-01-16 | autofs: Use SAFEALIGN_SET_UINT32 instead of SAFEALIGN_COPY_UINT32 | Jakub Hrozek | 1 | -10/+5 | |
2013-01-16 | Correct format security for talloc_named of auth tokens | Stephen Gallagher | 1 | -1/+1 | |
2013-01-15 | LDAP: avoid complex realloc logic in save_rfc2307bis_group_memberships | Jakub Hrozek | 1 | -12/+4 | |
https://fedorahosted.org/sssd/ticket/1761 The function tried to be smart and realloc only when needed, but that only lead to hard-to find bugs where the logic would not allocate the proper space. Remove the reallocation and prefer readability over speed in this case. | |||||
2013-01-15 | TOOLS: Refresh memcache after changes to local users and groups | Jakub Hrozek | 3 | -2/+50 | |
2013-01-15 | TOOLS: Provide a convenience function to refresh a list of groups | Jakub Hrozek | 2 | -0/+22 | |
2013-01-15 | TOOLS: Split querying nss responder into a separate function | Jakub Hrozek | 5 | -38/+79 | |
The tools query the responder in order to sync the memcache after performing changes to the local database. The functions will be reused by other tools so I split them into a separate functions. | |||||
2013-01-15 | TOOLS: move memcache related functions to tools_mc_utils.c | Jakub Hrozek | 4 | -161/+189 | |
The upcoming patches will link only users of this file with client libs, so it's better to have it separate. There is no functional change in this patch | |||||
2013-01-15 | TOOLS: set domain in check_group_names | Jakub Hrozek | 1 | -0/+1 | |
2013-01-15 | tests: unit test for sysdb_remove_attrs | Jakub Hrozek | 1 | -0/+45 | |
2013-01-15 | tests: add unit test for sysdb_get_new_id | Jakub Hrozek | 1 | -1/+20 | |
2013-01-15 | tests: test sysdb_initgroups | Jakub Hrozek | 1 | -0/+48 | |
2013-01-15 | tests: adda a unit test for test_sysdb_search_groups | Jakub Hrozek | 1 | -0/+29 | |
2013-01-15 | tests: unit test for test_sysdb_search_users | Jakub Hrozek | 1 | -0/+31 | |
2013-01-15 | tests: add a unit test for sysdb_netgroup_base_dn | Jakub Hrozek | 1 | -0/+23 | |
2013-01-15 | Stop creating fake sysdb contexts | Simo Sorce | 3 | -32/+2 | |
Now that the sysdb context does not contain anymore domain related data we can simply stop creating faxe sysdb context and just reference the parent context. | |||||
2013-01-15 | Kill sysdb->domain | Simo Sorce | 3 | -5/+0 | |
Finally remove this upside-down dependency. | |||||
2013-01-15 | Move mpg flag to the domain where it belongs | Simo Sorce | 8 | -16/+13 | |
A sysdb contains now multiple domains, but the mpg property is a property of a specific domain not of the underlying database. | |||||
2013-01-15 | Pass the domain to upgrade functions | Simo Sorce | 3 | -13/+17 | |
2013-01-15 | Add domain to some subdomain functions | Simo Sorce | 4 | -8/+17 | |
2013-01-15 | Add domain arguments to sysdb sudo functions | Simo Sorce | 7 | -39/+69 | |