Age | Commit message (Collapse) | Author | Files | Lines |
|
types of domains: modern and legacy
modern uses member/meberof, legacy uses memberUid for group
memberships.
Rework the proxy backend to use the legacy style as that's the
format the data comes in (trying to convert would require too
many transformations and increased the number of queries).
Add support for fetching groups in nss.
Add support for enumerating users and groups (requires to enable enumeration
in config) both in nss and in the proxy provider.
Remove confdb_get_domain_basedn() and substitute with generic calls in
the nss init function.
Store a domain structure in the btree not the basedn so that we can add
enumeration flags.
Also make sure NSS understand how to make multiple calls on
enumerations, also make passing the domian parameter always
mandatory, passing in domain=* is not valid anymore.
This work fixes also a few memory, degfault, and logic bugs
found while testing all nss functions (there are still some to
fix that are less critical and much harder to find yet).
|
|
|
|
throw away databases
Check version and init main db if empty
|
|
|
|
use the same namespace (sysdb_posix_)
- no need to explicitly start a transaction if only one
operation is performed using a synchronous interface
- split _add_remove_ functions into separate functions,
don't let ldap madness creep into out interfaces
|
|
|
|
is not available immediately or drops the dbus connection.
First step is the nss connection to the data provider.
|
|
not pointers to values.
Check domain is never null (or dbus will abort).
|
|
able to call the reloadConfig DBUS method on any or all of its children to force them to reread their configuration from the confdb.
|
|
rename everything with the sysdb suffix.
|
|
It makes no sense to have internal attribute names user configurable,
remove that option and use macros internally.
Also now always pass the domain name to all nss_ldb_* calls.
|
|
|
|
libnss library through config directives on the domain object
|
|
I was finally able to get a getpwnam() request go through sssd,
hit the remote ldap server and get the answer back with
'getent passwd foo'
Yupiee!
|
|
and caches the result in LDAP.
Still chasing a bug that does not let NSS known that the BE was successful.
This makes NSS timeout the client and not return any results yet.
|
|
Add helper functions to connect to the data provider.
Add some plumbing to the ldap provider (still untested).
|
|
|
|
events.h -> tevent.h
|
|
as a parent for the new server context object.
|
|
in an sbus_conn_destructor_fn to the sbus_new_connection() function. Fixing minor warning about the usage of talloc_reference.
|
|
sbus_method_ctx entries, meaning that the next connection to attempt to disconnect would receive a segmentation fault also trying to delete them. They are now talloc_reference()-ed to their connection context and talloc_unlink()-ed upon deletion.
I have also modified the sbus_new_server() call to take a reference
to an sbus_srv_ctx object as a return argument, so that the calling
function can keep track of the SBUS server context if it so chooses.
|
|
:-)
|
|
|
|
and frontends (pam, nss, ... modules) can connect to.
|
|
using the same binary to fork off all services.
|
|
the forl/exec model
|
|
same config option can be used for the nss service
|
|
Changing the default SBUS locations to be configure script parameters
|
|
|
|
initial connection to the monitor service within the child services. It will create the D-BUS connection to the monitor and configure the service to handle the mandatory getIdentity and ping methods.
|
|
|
|
|
|
To start the dameon now you need to pass the option -s monitor
Still have some problems communicating with children.
|
|
This currently breacks the dameon because of a problem with
destroying the monitor dbus server in the children after
fork()
|