summaryrefslogtreecommitdiff
path: root/server/db
AgeCommit message (Collapse)AuthorFilesLines
2009-10-27Move responsibility for entry expiration timeoutSimo Sorce2-13/+43
The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
2009-10-26Zero pointers on freeSimo Sorce1-4/+4
If the pointer stays around, zero it when it is freed, so we do not risk access to released memory in case of bugs.
2009-10-26Read the right buffer, avoids potential segfaultsSimo Sorce1-5/+5
Also fix some debug message levels
2009-10-22Add support for offline auth cache timeoutStephen Gallagher1-0/+1
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-10-22add store/search/delete interface for custom sysdb objectsSumit Bose3-0/+566
2009-10-09Remove magicPrivateGroups optionSimo Sorce4-10/+17
In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided.
2009-09-23Revert "Use syslog for logging error conditions in SSSD"Stephen Gallagher2-38/+38
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d. Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made use of the SYSLOG_ERROR() macro, so those portions of that code also needed to be reverted.
2009-09-21Use syslog for logging error conditions in SSSDJakub Hrozek2-38/+38
This is just a band-aid until ELAPI is fully functional and ready to use.
2009-09-11Complete the removal of "legacy" option.Simo Sorce3-39/+44
The code was still dependent on it for the ldap driver. Changed the driver code to depend on the schema type. Fix defaults for user and groups trees. ATM if you use the rfc2307bis schema you have to put users and groups in 2 separate trees (what people does by default anyway. If this limitation will turn to be too hard, we will change this later.
2009-09-08Split database in multiple filesSimo Sorce3-176/+663
The special persistent local database retains the original name. All other backends now have their own cache-NAME.ldb file.
2009-08-28Speed-up enumerations.Simo Sorce2-2/+167
This patch reduces the time needed to enumerate groups of a midsized domain from 12 seconds to 4.4 Optimizes enumerations by doing only 2 ldb searches and some ordering instead of a number of searches proportional to the number of groups
2009-08-27Remove redunant function and always pass attrs.Simo Sorce2-44/+15
2009-08-27Upgrade database to 0.2Simo Sorce2-5/+172
Provides also an upgrade function.
2009-08-27Always save using member/memberOfSimo Sorce4-216/+146
First pass to remove the legacy option and make it just a property of the provider
2009-08-24Add debug statements to sysdb_opsSimo Sorce1-10/+111
2009-08-21store additional LDAP attributesSumit Bose2-1/+35
If available the original DN and the user principle will be stored in sysdb.
2009-08-20Ensure nextID doesn't reuse an existing local UID or GIDStephen Gallagher1-9/+21
If there was no maxID set for a domain, the search filter to check whether the UID was available would always return empty (because no UIDs can be <= 0) This patch changes the search filter if the maxID is unset so that it has no upper limit
2009-08-10Do not fail enumerations because of range checksSimo Sorce1-3/+3
2009-08-05Consolidate tevent helpersJakub Hrozek1-26/+0
2009-07-31Add ignore_not_found parameter to sysdb delete functionsJakub Hrozek2-11/+21
Also add tests
2009-07-20Fix saving new nextIDJakub Hrozek1-1/+1
2009-07-09fixed typos and a potential memory leakSumit Bose1-2/+3
2009-07-08Implement the ldap identity module.Simo Sorce2-78/+235
This uses and exapands the async helpers.
2009-07-08Unify password caching ops in sysdbSimo Sorce3-31/+129
2009-07-08Add async helper functionsSimo Sorce2-24/+20
These functions use the tevent_req async model, where a pair of _send/_recv functions pilot requests, with additional helpers like _done functions, and where needed multiple stage helpers.
2009-07-08Expose sysdb function to parse sysdb_attrsSimo Sorce2-2/+4
2009-07-03Rework transaction code to use tevent_reqSimo Sorce6-1630/+3137
This is part of a set of patches to rewrite sysdb to a hopefully better API, that will also let use use tevent_req async style calls to manipulate our cache.
2009-07-03Rename sysdb_req to sysdb_handle.Simo Sorce5-208/+208
This sysdb_req has always really been a transaction handle and not a request. This is part of a set of patches to rewrite transaction support in sysdb to a hopefully better API, that will also let use use tevent_req async style to manipulate our cache.
2009-05-28Suppress "rootdse" error messages.Stephen Gallagher1-0/+6
We will trap all LDB debug messages and pipe them into our internal DEBUG() function. LDB FATAL messages will still be printed by default, WARNING and TRACE functions will be at debug level 3 and 9, respectively.
2009-05-26Silence warningsSimo Sorce1-3/+2
2009-05-26Fix manual UID assignment in sysdbJakub Hrozek1-11/+15
If it's an MPG domain, set them equal. If it's a non-MPG domain, get the next available GID and use that.
2009-05-19added prototype for sysdb_set_cached_passwordSumit Bose1-0/+6
2009-05-18Move actual password caching into sysdbSimo Sorce2-2/+49
Convert auth modules to do the caching themselves
2009-05-04Fixes for porting SSSD to Debian-based platformsStephen Gallagher1-1/+0
2009-04-27Use different attribute for cached passwordsSimo Sorce1-0/+2
This fixes a bug with legacy backends where the cached password would be cleared on a user update. Using a different attribute we make sure a userPassword coming from the remote backend does not interfere with a cachedPassword (and vice versa).
2009-04-27enable uid/gid generation againSumit Bose1-3/+6
2009-04-23fixes for user and group creation in LOCAL domainSumit Bose1-0/+19
- added range check for supplied UIDs and GIDs - initialize pc_gid to 0 to trigger gid generation
2009-04-13Always pass full domain infoSimo Sorce2-25/+32
Change sysdb to always passwd sss_domain_info, not just the domain name. This way domain specific options can always be honored at the db level.
2009-04-07Clean up warnings in SSSDStephen Gallagher1-1/+0
2009-04-01Add way to use files as a proxy backend fro LOCALSimo Sorce2-3/+4
Makes LOCAL a normal backend removing some special handling. Fix/Add id range filtering and name filtering Filters uid=0 and gid=0 in the proxy backend as 0 is invalid within sysdb and was causing getxxent calls to fail completely. Fix nss_ncache_check_xxx calls to avoid dirtying the 'ret' variable and causing some unwanted failures. Change sysdb to always return the uid number when searching member entries so that id range filtering can be perfomed also in group searhes (does not work with legacy backends)
2009-03-18Fix segfault error caused by a double freeSimo Sorce1-178/+118
In delete_callback we were freeing rep after having called return_done() This caused a double free becuse rep is already freed as child of the request when return_done calles the callback. To avoid future errors like this convert return_error and return_done into functions and make them always be the last call of the function and call them as part of the function return.
2009-03-10Fix returning user with missing optional attributes.Simo Sorce2-9/+15
Gecos, homedir and shell are optional, fix the responder not to refuse to return the user completely if they are missing, replace an empty homedir with "/". Also fix fullname vs gecos, and always return gecos for NSS data. On user creation set gecos to the same value as the user Full Name, to help populate the gecos field with data that makes sense.
2009-03-10If a domain is MPG enabled return users a groupsSimo Sorce2-15/+73
Turn user entries to Magic Private Groups when groups are quesried.
2009-03-10Fix bugs in functions dealing with groupsSimo Sorce1-0/+6
Fix infinite loop within initgr functions. Fix min length check copy&paste error, was filtering valid groups if the name was short enough and the group had no members.
2009-03-09Always pass sss_domain_info to sysdb functions.Simo Sorce2-57/+35
2009-03-09Move MPG checks within sysdb.Simo Sorce2-22/+199
This allows to perform checks and modifications in one transaction. Uses configuration stored in confdb to determins if a domain uses MPGs.
2009-03-09Do not duplicate attribute names macros.Simo Sorce1-21/+18
Also shorten names oh other user attributes.
2009-03-09Implement SetGroupGID in the InfoPipeStephen Gallagher2-0/+72
2009-03-06Implement CreateUser in InfoPipeStephen Gallagher2-2/+2
Changed the order of the arguments to CreateUser in the Introspection XML to match the other functions (domain belongs second on the list) A few other minor fixes as well: Fixed a typo in SYSDB_GETCACHED_FILTER and sysdb_transaction_end(). Added missing error handling in infp_do_user_set_uid().
2009-03-06Remove obsolete commentSimo Sorce1-3/+0