| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The code for authentication against a cached password is moved from the
pam responder to a generic sysdb tevent request. The new code can be
used by other components of sssd to verify passwords on their own.
Tests for the sysdb_cache_password and sysdb_cache_auth request are
added and some unneeded or unused code and variables are removed.
|
|
This patch adds a utility called sss_groupshow that allows user to
print properties of a group in the local domain.
Fixes: #306
|
|
|
|
|
|
This requires increasing the required autoconf version to 2.59 for
use of $(abs_builddir).
Fix uninstallation of python files as well
|
|
|
|
|
|
Update tests to include IPA options
|
|
This task allows us to rebuild memberuid and memberof attributes throughout the
database. This way we can upgrade from version 0.4 databases that didn't
generate and store memberuid.
The task can be invoked by adding a speaicl named entry to the ldb file.
The entry dn to use is: @MEMBEROF-REBUILD, the entry has no attributes and any
attribute is ignored at present.
The entry will not be stored in the database but will just trigger the task to
execute a rebuild of the memberof and memberuid attributes
|
|
|
|
|
|
|
|
Detect if the OS is Fedora, RHEL or SUSE and install the SUSE
start-script on SUSE systems.
|
|
To avoid blocking in a synchronous call, the TGT is saved in a separate
process
Fixes: #277
|
|
Moves several functions out of providers/krb5 hierarchy into a separate
module so it can be shared by the ldap child.
|
|
|
|
|
|
Then name or IP adress of the KDC is written into the pubconf directory
into a file named kdcinfo.REALM. The locator plugin will then read this
file and pass the data to the kerberos libraries.
|
|
The retun values are still not directly used with ldap libraries that still do
their own name resolution, but this patch introduces a very basic framework to
have a multiple providers in one domain use and share a single failover
service if they want to.
|
|
To support IPA DS to Kerberos password migration a seperate
authentication target is added. It calls the Kerberos authentication
target and in the case of a 'Preauthentication Error' the LDAP
authentication target. On success the Kerberos target is called again to
request the TGT.
|
|
- save current ccache file to sysdb
- use the saved ccache file if the user has running processes
- create an empty ccache if offline
- return enviroment variables if offline
|
|
|
|
With this patch, the upgrade script we use for changing the config files
is able to keep ordering and comments.
Fixes: #249
|
|
|
|
|
|
|
|
|
|
|
|
|
|
These functions should be used by providers to centrally manage lists of
servers. Servers are grouped into services and each service has it's own
list of servers. If, however, you will try to add a same server into two
different services, they will share a common structure. This means that
a host will only be resolved once.
|
|
|
|
|
|
The size of sdap_async.c was unmanageable.
This patch splits it into a generic file with common infrastructure calls,
a file that handles connection calls and a file for id related calls.
|
|
Split enum task in a separate file.
|
|
Move files.c into tools directory
|
|
|
|
|
|
Create and populate user directories on useradd, delete them on userdel
Fixes: #212
|
|
|
|
|
|
Also include talloc.h, tevent.h and ldb.h as system headers in util.h.
|
|
* The resolv test case can now test for TXT and SRV resolving by
specifying -t host and -s host respectively. The -n flag must still be
passed in to enable network tests.
* Added test for the little complicated resolv_copy_hostent() function.
* Leak checking using the new tests common functions.
* Fix indentation for test_internet, since the whole function was
modified to be able to handle SRV and TXT replies.
* Initialize the debug variable in main().
Also removed one unused variable in krb5_utils-tests.c
|
|
The leak_check_setup() and leak_check_teardown() functions can be added
to a test case with tcase_add_checked_fixture(). They will make sure
that all tests are checked for memory leaks. However, since talloc is
hierarchical and automatically frees the children, this will not catch
all cases, but might still be helpful.
The check_leaks(ctx, bytes) function takes a talloc context as an
argument and the number of bytes it should be using up (children
included). The total byte size used up by the context is determined by
the talloc_total_size() function. If the size doesn't agree,
check_leaks() will print out a talloc report on the context and makes
the current test fail.
The check_leaks_push() and check_leaks_pop() both take a talloc context
as an argument. Every time push is called, the context is "pushed" onto
an internal stack and it's current size is noted. When the context is
later "poped", the pop function will make sure that the size is the same
as when it was pushed. It will also check that it's not called
out-of-order or if the stack isn't empty.
|
|
First step generate ldap options from ipa options.
Add sssd-ipa man page too.
|
|
With this missing, RPM builds were broken.
|
|
|
|
Put all init functions in their own file so that the other files can be
reused in other providers w/o having them in the way.
|
|
Put all init functions in their own file so that the other files can be reused in
other providers w/o having them in the way.
|
|
|
|
|
