| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
crypto_sha512crypt.c is a clone of nss_sha512crypt.c with the exception that
all usage of NSS and related libraries has been switched to libcrypto.
I renamed nss_sha512crypt.h to sha512crypt.h since it is common to both
crypto_sha512crypt.c and nss_sha512crypt.c. Note that the random number
generator is not seeded manually and thus relies on seeding done
automatically by libcrypto. On some systems without /dev/urandom
seeding may not be performed.
See http://www.openssl.org/docs/crypto/RAND_add.html.
Signed-off-by: George McCollister <georgem@novatech-llc.com>
|
|
|
|
It can be overridden in the sssd.conf or on the commandline with
--debug-timestamps=0
|
|
|
|
Function definition was missing "void" to denote that it took no
arguments.
|
|
This is necessary so that any process managing our startup and
shutdown (e.g. authconfig) does not block and stall waiting for
stderr to terminate.
Fixes bug https://fedorahosted.org/sssd/ticket/324
|
|
There were two functions for parsing strings by a separator. This patch
consolidates on the one previously used in confdb. This also allows
stripping the tokens of whitespace.
Fixes: #319
|
|
This task allows us to rebuild memberuid and memberof attributes throughout the
database. This way we can upgrade from version 0.4 databases that didn't
generate and store memberuid.
The task can be invoked by adding a speaicl named entry to the ldb file.
The entry dn to use is: @MEMBEROF-REBUILD, the entry has no attributes and any
attribute is ignored at present.
The entry will not be stored in the database but will just trigger the task to
execute a rebuild of the memberof and memberuid attributes
|
|
Also pass a flag to the delete callback to tell it if this is a normal
entry removal or we are cleaning up the tbale definitively.
|
|
|
|
|
|
|
|
|
|
Level 3 was far too low for mostly-useless messages
|
|
|
|
The retun values are still not directly used with ldap libraries that still do
their own name resolution, but this patch introduces a very basic framework to
have a multiple providers in one domain use and share a single failover
service if they want to.
|
|
This way we do not need to check for id ranges on every search.
|
|
- save current ccache file to sysdb
- use the saved ccache file if the user has running processes
- create an empty ccache if offline
- return enviroment variables if offline
|
|
|
|
When possible using a macro that correctly deals with tstate
|
|
|
|
|
|
|
|
Move files.c into tools directory
|
|
|
|
We don't need to be allocating an output string here. This was
also causing a runtime bug when the output string contained
characters that would be interpreted by fprintf as specifiers.
|
|
|
|
Create and populate user directories on useradd, delete them on userdel
Fixes: #212
|
|
Also include talloc.h, tevent.h and ldb.h as system headers in util.h.
|
|
|
|
|
|
|
|
We have converted to using dhash in place of btreemap everywhere
in the code.
|
|
Use this new utility call to ensure that the config file is safe
to read from.
|
|
Introduces a new option --debug-to-files which makes SSSD output its
debug information to a file instead of stderr, which is still the
default.
Also introduces a new confdb option debug_to_files which does the same,
but can be specified per-service in the config file.
The logfiles are stored in /var/log/sssd by default.
Changes the initscript to log to files by default.
|
|
This converts a great many configuration options to the new
standard format.
|
|
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d.
Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made
use of the SYSLOG_ERROR() macro, so those portions of that code
also needed to be reverted.
|
|
This is just a band-aid until ELAPI is fully functional and ready to
use.
|
|
Implement a set of python bindings for the sysdb with feature set
similar to what is available in the tools. The primary
consumers would be applications like system-config-users.
Resolves: Ticket #102
|
|
Fixes: #138
|
|
Because the confdb always operates synchronously, it maintains its
own private event context internally. The event context argument
passed to it is never used, so we'll remove it to avoid confusion.
|
|
|
|
- older version of libpcre only support the Python syntax (?P<name>)
for named subpatterns
|
|
The special persistent local database retains the original name.
All other backends now have their own cache-NAME.ldb file.
|
|
PCRE_DUPNAMES is a new feature of libpcre 7. It is used in sssd to
make the splitting of fully qualified user names more flexible.
|
|
|
|
The child processes call prctl() and when their parent process is
killed, they are sent SIGTERM using prctl. This is currently
Linux-specific, for non-Linuxes, a similar effect is achieved by
catching a set of common termination signals and sending SIGTERM to the
process group.
|
|
ifndef doesn't work for those functions that aren't already macro definitions in
tevent.h like tevent_req_data. However if tevent_req_data is defined in
tevent.h, all other functions are available as well. So just check for
tevent_req_data and define all of them if it is not available.
This should fix compiling on distros with the latsest tevent.
|
|
|
|
|
