Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Introduces a new option --debug-to-files which makes SSSD output its
debug information to a file instead of stderr, which is still the
default.
Also introduces a new confdb option debug_to_files which does the same,
but can be specified per-service in the config file.
The logfiles are stored in /var/log/sssd by default.
Changes the initscript to log to files by default.
|
|
|
|
|
|
- make the build of the locator plugin optional
- added a man page for the locator plugin
- use krb5.h if krb5/krb5.h cannot be found
- added alternatives for missing functions
- set -DDBUS_API_SUBJECT_TO_CHANGE if libdbus version
is lesser than 1.0.0
|
|
|
|
Remove this provider type, as well as any references in the docs and
examples to the "LEGACYLOCAL" migration domain.
Fixes: #165
|
|
|
|
|
|
|
|
The configuration options krb5ccache_dir and krb5ccname_template
are added to the Kerberos provider to create the user's credential
caches the same way as pam_krb5 does. Due to the design of the sssd
and the supported ccache types of MIT Kerberos only files are
allowed.
|
|
|
|
Remove the "legacy" option from examples and man pages.
Legacy is is finally R.I.P
Add docs for ldapSchema in sssd-ldap man page.
|
|
Remove magicPrivateGroups since it's set automatically, use bool values
for enumerate.
Also add a notice about krb5 auth-module with a link to specialized
manpage to sssd.conf(5) similar to what we have for ldap auth-module.
Move both outside proxy domain description.
|
|
|
|
This timeout specifies the lifetime of a cache entry before it is
updated out-of-band. When this timeout is hit, the request will
still complete from cache, but the SSSD will also go and update
the cached entry in the background to extend the life of the
cache entry and reduce the wait time of a future request.
|
|
- older version of libpcre only support the Python syntax (?P<name>)
for named subpatterns
|
|
PCRE_DUPNAMES is a new feature of libpcre 7. It is used in sssd to
make the splitting of fully qualified user names more flexible.
|
|
- making the realm part upper case is now optional and done in the
LDAP backend
- using a username@realm UPN is now optional
|
|
Added man pages sections about user and group attribute mapping.
Added an example configuration to access an AD server.
|
|
- with the boolean option filterUsersInGroups it can be controlled
wether filtered users appear in groups or not.
- fixed an error which prevented the display of groups with filtered
members
- removed some tab indents
|
|
RHEL5 did not support Docbook 4.5, and we are not using
any 4.5 features.
|
|
Also updates the manpage for sssd.conf to denote this
|
|
|
|
This patch introduces provider=files as a valid provider.
Upon loading the backend, its properties in confdb are overwritten to
those that represent legacy local domain.
Also document this in sssd.conf(5) and example config
|
|
|
|
The libPath should be constructed from the libName. There is no
benefit to specifying it separately.
|
|
|
|
|
|
|
|
Provides a set of make rules for generating UNIX manual pages from
DocBook 4.5 source as well as sample manpage for sss_useradd.
Automatic generation of manual pages during "make" process is
tunable with config parameter "--with-manpages". To rebuild the man
pages separately, use the "make doc" target. Before building, the
manpages are validated using a DTD schema.
|