| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
There were two functions for parsing strings by a separator. This patch
consolidates on the one previously used in confdb. This also allows
stripping the tokens of whitespace.
Fixes: #319
|
|
|
|
The LOCAL provider does not have a mechanism to load alternate
auth, access or chpass backends, nor does it make sense to do so.
This will throw a configuration error if these values are
specified (unless they are explicitly also set to 'local')
|
|
In sssd only local is a native mpg domain, and it is forced.
All other providers will have to unroll mpg users into a user/group pair of
entries in the db. This allows the provider to automatically establish if
the remote server provides mpg users w/o possibily conflicting manual
configurations on the client trying to force an mpg behavior where none
is provided.
|
|
We have converted to using dhash in place of btreemap everywhere
in the code.
|
|
This converts a great many configuration options to the new
standard format.
|
|
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d.
Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made
use of the SYSLOG_ERROR() macro, so those portions of that code
also needed to be reverted.
|
|
1) Add get_entry_as_bool function
2) Make all parameters in confdb_get_domain_internal() use macro
names for the attributes. This will make it easer to convert
them to the version 2 config file.
|
|
This is just a band-aid until ELAPI is fully functional and ready to
use.
|
|
|
|
The code was still dependent on it for the ldap driver.
Changed the driver code to depend on the schema type.
Fix defaults for user and groups trees.
ATM if you use the rfc2307bis schema you have to put users and groups
in 2 separate trees (what people does by default anyway.
If this limitation will turn to be too hard, we will change this later.
|
|
Because the confdb always operates synchronously, it maintains its
own private event context internally. The event context argument
passed to it is never used, so we'll remove it to avoid confusion.
|
|
|
|
|
|
The special persistent local database retains the original name.
All other backends now have their own cache-NAME.ldb file.
|
|
|
|
|
|
|
|
Also updates the manpage for sssd.conf to denote this
|
|
If the last configured domain is broken confdb_get_domains returns
the return value of confdb_get_domain even if there are valid domains
available.
|
|
We were stealing the memory context of only the first value in
the linked-list of domains (and also services). This patch adds a
memory context to hold the lists so that can be stolen along with
all of the entries.
|
|
|
|
|
|
We will trap all LDB debug messages and pipe them into our
internal DEBUG() function. LDB FATAL messages will still be
printed by default, WARNING and TRACE functions will be at debug
level 3 and 9, respectively.
|
|
|
|
|
|
Refactoring the confdb so that the setup code can be linked
separately from the access API. This is being done so that our
plugins do not need to link against the collection and ini_config
libraries.
|
|
|
|
Add code to check if the file has changed since the last update was performed.
Avoid dumping and reloading the config ldb if the modification time of the
configuration file has not changed at all.
|
|
Also convert all places where we were using custom code to parse
config arguments.
And fix a copy&paste error in nss_get_config
|
|
Change sysdb to always passwd sss_domain_info, not just the domain name.
This way domain specific options can always be honored at the db level.
|
|
The SSSD now links with the ini_config and collection libraries
in the common directory.
The monitor will track changes to the /etc/sssd/sssd.conf file
using inotify on platforms that support it, or polled every 5
seconds on platforms that do not.
At startup or modification of the conf file, the monitor will
purge the existing confdb and reread it completely from the conf
file, to ensure that there are no lingering entries. It does this
in a transaction, so there should be no race condition with the
client services.
A new option has been added to the startup options for the SSSD.
It is now possible to specify an alternate config file with the
-c <file> at the command line.
|
|
To be able to correctly filter out duplicate names when multiple non-fully
qualified domains are in use we need to be able to specify the domains order.
This is now accomplished by the configuration paramets 'domains' in the
config/domains entry. 'domains' is a comma separated list of domain names.
This paramter allows also to have disbaled domains in the configuration without
requiring to completely delete them.
The domains list is now kept in a linked list of sss_domain_info objects.
The first domain is also the "default" domain.
|
|
- value array is not terminated properly
- infopipe service is added dynamically
|
|
Make confdb load a base ldif like sysdb to initialize the db,
makes it simpler to understand at first sight what is the default
configuration.
Make the parameter "command" optional. Derive the default command
from available information.
Make the debug level a global by default so that enabling debug for
all components is as easy as passing just -d X to the sssd binary.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
set default value of enumerate in LOCAL domain to 1
added checks to talloc_asprintf return values
fixed InfoPipe defaults
|
|
Retrieve minID and maxID from domain configuration so that lower
and upper bounds can be set per domain.
Add function that keeps track of the next available id, increments
and returns it on requests, avoiding collisions with existing ids.
|
|
This patch adds support for requesting user data in the sysdb via
the InfoPipe. It currently has support for reading defined entries
of integral, floating-point or string types.
Tasks remaining:
1) Implement call to the provider when cache is out of date
2) Support byte arrays for userpic and similar
I modified sysdb_search_ctx in sysdb_search.c to accept an array of
attributes to pass into the LDB search.
I also made one additional related fix: the btreemap now sorts in the
correct order. Previously I had accidentally transposed the two
values for sorting, so the map would always have been in exact
reverse order.
|
|
Avoid uninitialized memory messages in valgrind (in _btreemap_get_keys).
Do not free memory we just stored in the btree (in confdb_get_domains_list).
Streamline confdb_get_domains() and remove extra calls when we already have
all the information handy.
Do not store basedn in domain info, the base dn is always calculated out of
the domain name.
Remove the "provider" attribute, it was really used only to distinguish between
LOCAL and other domains, directly check for LOCAL as a special case instead.
|
|
The NSS provider, the Data Provider backends and the InfoPipe all
need access to the domain map provided by the confdb. Instead of
reimplimenting it in multiple places, it is now provided in a pair
of helper functions from the confdb.
confdb_get_domains() returns a domain map by reference. Always
returns the most up-to-date set of domains from the confdb.
confdb_get_domains_list() returns an array of strings of all the
domain names. Always returns the most up-to-date set of domains
from the confdb.
This patch also modifies the btreemap_get_keys() function to
better handle memory and report allocation failures.
|
|
dependencies based on the latest samba code.
Convert all references to the old events library to use the
renamed tevent library.
|
|
Adding support for generating RPMS for sssd.
Fixing TDB autoconf macros to require version 1.1.3
and support for the tdb_repack symbol (required by LDB)
Updating tdb.h to #include <sys/stat.h> for proper autoconf
Build system modifications to simplify RPM generation
Fixing RPM build system as recommended during code review
Minor tweaks to Makefile and sssd.spec
Make policykit and infopipe configurable
Soname and symlinks
|
|
|
