summaryrefslogtreecommitdiff
path: root/server/providers/data_provider.h
AgeCommit message (Collapse)AuthorFilesLines
2009-11-23Speed up user requests while offlineStephen Gallagher1-0/+1
This adds a new boolean option to sss_dp_send_acct_req() called fast_reply. If we make a request to the backends and we are currently offline, this option will determine whether we should immediately return from the cache (acceptable for NSS requests) or potentially wait for an online check to complete (required for PAM requests).
2009-11-23Make backend request type a bitfieldStephen Gallagher1-3/+3
2009-10-22Add support for offline auth cache timeoutStephen Gallagher1-0/+1
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-10-20Start implementing ipa specific options.Simo Sorce1-0/+18
First step generate ldap options from ipa options. Add sssd-ipa man page too.
2009-10-14Make options parser available to all providersSimo Sorce1-0/+58
2009-10-09Remove DP processSimo Sorce1-20/+12
Turn the backend process into data provider servers Make Frontends (pam, nss) directly attach to the backends
2009-09-25Upgrade confdb to version 2Stephen Gallagher1-2/+1
This converts a great many configuration options to the new standard format.
2009-09-14Let the PAM client send its PIDSumit Bose1-0/+1
- the client sends the PID as uint32_t and sssd will use uint32_t too - fix a possible type issue where a uint32_t is sent as int32 in internal dbus communication
2009-09-11use fork+exec for kerberos helperSumit Bose1-0/+2
2009-08-17Fix reconnection codeSimo Sorce1-4/+12
Remove redundant reconnection code that was interfeering with the sbus reconnection code. Consolidate include files for sbus relates operations. Make pamsrv code similar to nsssrv code.
2009-08-11Change the why DP clients identifySimo Sorce1-1/+6
Mirrors what we have done with the monitor.
2009-07-02added kerberos backend with tevent_req event handlingSumit Bose1-0/+2
2009-05-04Fixes for porting SSSD to Debian-based platformsStephen Gallagher1-0/+1
2009-04-27fix for pam proxy chauthtokSumit Bose1-0/+1
When a user from a domain served by the proxy backend changes his password with passwd the passwd command asks for the old password, but it is not validated by the pam_chauthtok call in the proxy backend, because it is running as root. If the request is coming the unpriviledged socket we now call pam_authenticate explicitly before pam_chauthtok.
2009-04-13Implement credentials caching in pam responder.Simo Sorce1-0/+47
Implement credentials caching in pam responder. Currently works only for the proxy backend. Also cleanup pam responder code and mode common code in data provider. (the data provider should never include responder private headers)
2009-03-19Remove references to FreeIPA from D-BUS interfacesStephen Gallagher1-2/+2
Per discussion with the desktop team, using the org.freedesktop interface name will simplify adoption, as potential users won't feel like they're pulling in a FreeIPA dependency.
2009-02-24Add PAM responderSumit Bose1-0/+6
Also move responders under server/responder with shared code in server/responder/common Signed-off-by: Simo Sorce <ssorce@redhat.com>
2009-02-20Completely rework the nss interface to be able to use 2Simo Sorce1-0/+1
types of domains: modern and legacy modern uses member/meberof, legacy uses memberUid for group memberships. Rework the proxy backend to use the legacy style as that's the format the data comes in (trying to convert would require too many transformations and increased the number of queries). Add support for fetching groups in nss. Add support for enumerating users and groups (requires to enable enumeration in config) both in nss and in the proxy provider. Remove confdb_get_domain_basedn() and substitute with generic calls in the nss init function. Store a domain structure in the btree not the basedn so that we can add enumeration flags. Also make sure NSS understand how to make multiple calls on enumerations, also make passing the domian parameter always mandatory, passing in domain=* is not valid anymore. This work fixes also a few memory, degfault, and logic bugs found while testing all nss functions (there are still some to fix that are less critical and much harder to find yet).
2009-02-12Remove dp_cli_sbus_initSimo Sorce1-8/+0
2009-01-27Refactoring the monitor code and SBUS utility functions.Stephen Gallagher1-2/+2
2009-01-14Add code to make it easier to reconnect in case the serverSimo Sorce1-0/+2
is not available immediately or drops the dbus connection. First step is the nss connection to the data provider.
2009-01-06Add more infrastructure to data provider to dispatch requests (still untested).Simo Sorce1-4/+30
Add helper functions to connect to the data provider. Add some plumbing to the ldap provider (still untested).
2008-12-22libevents renamed upstream to libteventSimo Sorce1-1/+1
events.h -> tevent.h
2008-12-10Initial work on a test provider using the gross hack of dlopen()ing nss_ldapSimo Sorce1-0/+4
:-)
2008-12-08Change data provider into a hub, where backends (ldap, nis, ipa providers)Simo Sorce1-25/+8
and frontends (pam, nss, ... modules) can connect to.
2008-11-24point PIPE_PATH at /var/lib/sss/pipes, not just the private path so that theSimo Sorce1-1/+1
same config option can be used for the nss service
2008-11-24Replacing hard-coded paths with configure script substitutions.Stephen Gallagher1-4/+2
Changing the default SBUS locations to be configure script parameters
2008-11-24change structure nameSimo Sorce1-3/+8
2008-11-20Created a helper function sssd_service_sbus_init() to simplify creating the ↵Stephen Gallagher1-7/+1
initial connection to the monitor service within the child services. It will create the D-BUS connection to the monitor and configure the service to handle the mandatory getIdentity and ping methods.
2008-11-20Make it possible to use an arbitrary command to start servicesSimo Sorce1-1/+1
2008-11-20Start conversion from a fork() and live to a fork()/exec() model.Simo Sorce1-1/+0
To start the dameon now you need to pass the option -s monitor Still have some problems communicating with children.
2008-11-19Add some infrastructure code to add data providers.Simo Sorce1-0/+73
This currently breacks the dameon because of a problem with destroying the monitor dbus server in the children after fork()