summaryrefslogtreecommitdiff
path: root/server/db
AgeCommit message (Collapse)AuthorFilesLines
2010-01-20Add sysdb request to authenticate against a cached passwordSumit Bose2-0/+184
The code for authentication against a cached password is moved from the pam responder to a generic sysdb tevent request. The new code can be used by other components of sssd to verify passwords on their own. Tests for the sysdb_cache_password and sysdb_cache_auth request are added and some unneeded or unused code and variables are removed.
2009-12-15Fix upgrade bug #323Simo Sorce1-180/+186
Move the upgrade function first and check explicitly for the old ldb name. Perform upgrades up to v02 first if necessary. Then proceed as normal letting the normal init functions perform further upgrades if necessary. This now works also if there is no "local" provider in the current configuration.
2009-12-10Fix DEBUG message for sysdb_initSumit Bose1-2/+2
2009-12-10Fix for #322, update from old database versions.Simo Sorce1-1/+14
2009-12-10Fix for #316Simo Sorce1-3/+3
We were never filling the group attrs because of an inverse return check. Plus fix a crash bug for using a pointer that is not a memory context.
2009-12-10Handle the special 02 upgrade case for 04->05Simo Sorce1-0/+7
2009-12-10Add rebuild task to memberof pluginSimo Sorce2-3/+129
This task allows us to rebuild memberuid and memberof attributes throughout the database. This way we can upgrade from version 0.4 databases that didn't generate and store memberuid. The task can be invoked by adding a speaicl named entry to the ldb file. The entry dn to use is: @MEMBEROF-REBUILD, the entry has no attributes and any attribute is ignored at present. The entry will not be stored in the database but will just trigger the task to execute a rebuild of the memberof and memberuid attributes
2009-12-10Always update sysdb to the latest versionSumit Bose1-3/+11
2009-12-07Fix nested group membershipsSimo Sorce3-66/+109
Search the local db to find the local DN using the original DN as search key. This way we do not have to rely on weak and faulty heuristicts based on DN names. Add a few helper functions in the process and change the way we pass members to sysdb_store_group_send(), instead of passing users and groups list, just add member DNs to the other sysdb attrs.
2009-12-07Make strdn build functions more availableSimo Sorce3-42/+58
2009-12-07Add sysdb_search_custom requestSumit Bose2-12/+96
2009-12-03Use memberuid and not member in group enumerationsSimo Sorce1-1/+1
This allows for correctly reporting nested group members, while at the same time not paying a too high price for caluclating nested groups at runtime e very time a search is made.
2009-11-25Use ldb modules from build root for testsSumit Bose1-0/+4
2009-11-20Optimize sysdb_enumgrentSimo Sorce2-332/+25
This brings down the time needed to enumerate my group database from 2.4 seconds to 0.15 seconds.
2009-11-20Improve handling of ccache filesSumit Bose1-0/+1
- save current ccache file to sysdb - use the saved ccache file if the user has running processes - create an empty ccache if offline - return enviroment variables if offline
2009-11-20Correctly escape DN value.Simo Sorce1-6/+42
In building the DN string we weren't correctly escaping the value of the RDN component. This patches fixes that.
2009-11-19Fix sysdb upgrade bugStephen Gallagher1-1/+1
After completing an upgrade successfully, we were still falling into the "version not found" case. We should be exiting the function after performing the upgrade.
2009-11-18Change initgroups code to use and check the cacheSimo Sorce1-22/+11
We were previously always ending up contacting the backend because we had no way to know if an initgroups call for the same user had ever been called. Add attribute to hold this information and rely on backends to update it. If they don't we fallback to the previous behvior of asking the backend.
2009-11-18Fix crash due to uninitialized timeout variableSimo Sorce1-0/+1
This slipped through in previous patches. Fixes #283
2009-11-18Upgrade cache and local databases to case-sensitive namesStephen Gallagher2-2/+96
2009-11-18Make the sysdb user and group names case-sensitiveStephen Gallagher1-1/+0
2009-11-10Refactor delete functions and add a fewSimo Sorce2-195/+609
Refactor user/group delete functions so that they can be used without a transaction (they autostart an operation). Add user and group search function where a subfilter can be specified.
2009-11-09Fix tevent_req error checking.Simo Sorce2-76/+22
When possible using a macro that correctly deals with tstate
2009-11-07added access module of IPA providerSumit Bose2-0/+12
2009-11-06Always set last update and expire timeSimo Sorce2-110/+106
modifications to existing users/groups were setting metadata, but creation was not. Fixes #259
2009-11-06Make available method to quickly retrive stringSimo Sorce2-3/+35
sysdb_attrs has a lot of methods to add them but very little to get information out. Start adding a way to retrieve a single valued attribute as a string.
2009-11-04Fix for a seg fault during recursive deleteSumit Bose1-1/+7
2009-11-04Add sysdb_attrs_replace_name to sysdb API.Sumit Bose2-0/+35
2009-11-03Rename sdap_id_map to sdap_attr_mapSimo Sorce1-0/+3
Also start adding some infrastructure to use the USN counter when available. In particular add a place to add generic attrs mapping, ie attributes that are neither user nor group specific.
2009-11-02add sysdb_delete_recursive request to sysdb APISumit Bose3-0/+175
2009-10-29Allow sysdb_search_entry request to return more than one resultSumit Bose2-27/+66
2009-10-29added a ASQ search API for sysdbSumit Bose2-0/+230
2009-10-27Move responsibility for entry expiration timeoutSimo Sorce2-13/+43
The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
2009-10-26Zero pointers on freeSimo Sorce1-4/+4
If the pointer stays around, zero it when it is freed, so we do not risk access to released memory in case of bugs.
2009-10-26Read the right buffer, avoids potential segfaultsSimo Sorce1-5/+5
Also fix some debug message levels
2009-10-22Add support for offline auth cache timeoutStephen Gallagher1-0/+1
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-10-22add store/search/delete interface for custom sysdb objectsSumit Bose3-0/+566
2009-10-09Remove magicPrivateGroups optionSimo Sorce4-10/+17
In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided.
2009-09-23Revert "Use syslog for logging error conditions in SSSD"Stephen Gallagher2-38/+38
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d. Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made use of the SYSLOG_ERROR() macro, so those portions of that code also needed to be reverted.
2009-09-21Use syslog for logging error conditions in SSSDJakub Hrozek2-38/+38
This is just a band-aid until ELAPI is fully functional and ready to use.
2009-09-11Complete the removal of "legacy" option.Simo Sorce3-39/+44
The code was still dependent on it for the ldap driver. Changed the driver code to depend on the schema type. Fix defaults for user and groups trees. ATM if you use the rfc2307bis schema you have to put users and groups in 2 separate trees (what people does by default anyway. If this limitation will turn to be too hard, we will change this later.
2009-09-08Split database in multiple filesSimo Sorce3-176/+663
The special persistent local database retains the original name. All other backends now have their own cache-NAME.ldb file.
2009-08-28Speed-up enumerations.Simo Sorce2-2/+167
This patch reduces the time needed to enumerate groups of a midsized domain from 12 seconds to 4.4 Optimizes enumerations by doing only 2 ldb searches and some ordering instead of a number of searches proportional to the number of groups
2009-08-27Remove redunant function and always pass attrs.Simo Sorce2-44/+15
2009-08-27Upgrade database to 0.2Simo Sorce2-5/+172
Provides also an upgrade function.
2009-08-27Always save using member/memberOfSimo Sorce4-216/+146
First pass to remove the legacy option and make it just a property of the provider
2009-08-24Add debug statements to sysdb_opsSimo Sorce1-10/+111
2009-08-21store additional LDAP attributesSumit Bose2-1/+35
If available the original DN and the user principle will be stored in sysdb.
2009-08-20Ensure nextID doesn't reuse an existing local UID or GIDStephen Gallagher1-9/+21
If there was no maxID set for a domain, the search filter to check whether the UID was available would always return empty (because no UIDs can be <= 0) This patch changes the search filter if the maxID is unset so that it has no upper limit
2009-08-10Do not fail enumerations because of range checksSimo Sorce1-3/+3