Age | Commit message (Collapse) | Author | Files | Lines |
|
The SSSD now links with the ini_config and collection libraries
in the common directory.
The monitor will track changes to the /etc/sssd/sssd.conf file
using inotify on platforms that support it, or polled every 5
seconds on platforms that do not.
At startup or modification of the conf file, the monitor will
purge the existing confdb and reread it completely from the conf
file, to ensure that there are no lingering entries. It does this
in a transaction, so there should be no race condition with the
client services.
A new option has been added to the startup options for the SSSD.
It is now possible to specify an alternate config file with the
-c <file> at the command line.
|
|
A new nss_parse_name function uses pcre to parse names, this makes
it possible, in future, to make the filter user configurable.
Add a new filter mechanism to filter out users that uses the negative cache by
setting a permanet negative entry.
Rework the entry points where the negative cache is checked for.
|
|
Per discussion with the desktop team, using the org.freedesktop
interface name will simplify adoption, as potential users won't
feel like they're pulling in a FreeIPA dependency.
|
|
|
|
Make so that definitions in the code and install paths actually match
|
|
|
|
|
|
|
|
Move parse_groups into tools_utils
|
|
Don't convert username->uid in userdel, use DN
|
|
|
|
|
|
Also install tools into /sbin, own them in specfile
|
|
The first functional command is sss_useradd
(Name is temporary, while looking for a better one)
|
|
|
|
Own everything in /usr/libexec/sssd in specfile, no nss_client subdir
Place memberof.so in /usr/lib/ldb
|
|
|
|
|
|
dependencies based on the latest samba code.
Convert all references to the old events library to use the
renamed tevent library.
|
|
|
|
Also move responders under server/responder with shared code
in server/responder/common
Signed-off-by: Simo Sorce <ssorce@redhat.com>
|
|
CheckPermissions will currently return unrestricted access to the
root user, and no access to any other user. Once we decide on an
ACL mechanism, this will be easy to change.
I have also added very basic tests for the Introspect and
CheckPermissions methods.
|
|
Fixing TDB autoconf macros to require version 1.1.3
and support for the tdb_repack symbol (required by LDB)
Updating tdb.h to #include <sys/stat.h> for proper autoconf
Build system modifications to simplify RPM generation
Fixing RPM build system as recommended during code review
Minor tweaks to Makefile and sssd.spec
Make policykit and infopipe configurable
Soname and symlinks
|
|
with D-BUS clients built in multiple languages. It will read in the XML file on the first request and store the returned XML as a component of the sbus_message_handler_ctx for the connection. All subsequent requests during the process' lifetime will be returned from the stored memory. This is perfectly safe, as the available methods cannot change during the process lifetime.
|
|
rename _posix_ function into _legacy_
Add support for the posix legacy mode where memberships
are stored in memberUId and not in member/memberof pairs.
Do not build sysdb as a library
|
|
|
|
|
|
as in IPA if necessary.
This patch slightly modifies ldb to split out a modules header file without
exposing the private headers.
|
|
|
|
It will connect and authenticate successfully (using the included D-BUS policy file installed in the correct /etc directory. Does not yet listen for requests.
|
|
|
|
|
|
|
|
|
|
libnss library through config directives on the domain object
|
|
the first attempt to build the SSSD from source. The build process did not create the appropriate output directories for the back-end providers, and therefore could not produce an output library into that directory.
|
|
:-)
|
|
and frontends (pam, nss, ... modules) can connect to.
|
|
using the same binary to fork off all services.
|
|
|
|
handling multiple D-BUS paths in a connection. Added support for per-connection method setup. Added support for per-connection specialized destructors. Added mandatory getIdentity call for all services connecting to the monitor. If they do not present an identity (expose the getIdentity method and respond with name and version), they are dropped immediately. Other minor fixes.
|
|
Integrates DBUS with the event system so that it is asynchronous.
|
|
|
|
them on the command line before calling makefiles
|
|
Includes test monitor task.
|