Age | Commit message (Collapse) | Author | Files | Lines |
|
Introduces a new option --debug-to-files which makes SSSD output its
debug information to a file instead of stderr, which is still the
default.
Also introduces a new confdb option debug_to_files which does the same,
but can be specified per-service in the config file.
The logfiles are stored in /var/log/sssd by default.
Changes the initscript to log to files by default.
|
|
This converts a great many configuration options to the new
standard format.
|
|
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d.
Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made
use of the SYSLOG_ERROR() macro, so those portions of that code
also needed to be reverted.
|
|
This is just a band-aid until ELAPI is fully functional and ready to
use.
|
|
Implement a set of python bindings for the sysdb with feature set
similar to what is available in the tools. The primary
consumers would be applications like system-config-users.
Resolves: Ticket #102
|
|
Fixes: #138
|
|
Because the confdb always operates synchronously, it maintains its
own private event context internally. The event context argument
passed to it is never used, so we'll remove it to avoid confusion.
|
|
|
|
- older version of libpcre only support the Python syntax (?P<name>)
for named subpatterns
|
|
The special persistent local database retains the original name.
All other backends now have their own cache-NAME.ldb file.
|
|
PCRE_DUPNAMES is a new feature of libpcre 7. It is used in sssd to
make the splitting of fully qualified user names more flexible.
|
|
|
|
The child processes call prctl() and when their parent process is
killed, they are sent SIGTERM using prctl. This is currently
Linux-specific, for non-Linuxes, a similar effect is achieved by
catching a set of common termination signals and sending SIGTERM to the
process group.
|
|
ifndef doesn't work for those functions that aren't already macro definitions in
tevent.h like tevent_req_data. However if tevent_req_data is defined in
tevent.h, all other functions are available as well. So just check for
tevent_req_data and define all of them if it is not available.
This should fix compiling on distros with the latsest tevent.
|
|
|
|
|
|
use '--debug-timestamps' at the command line
or set 'debug-timestamps = TRUE' in the configuration file.
|
|
Fix ldb debug to avoid printing the debug function name, it's useless.
|
|
|
|
|
|
Setting CFLAGS explicitly in configure.ac means that they would be
overwritten when using e.g. make CFLAGS="-O0 -g"
This replaces the explicit setting of CFLAGS with an
AM_CONDITIONAL to have Makefile.am set these instead.
Also fixes a missing #include that was coincidentally obscured
because gcc's -O2 happened to be able to locate it. Setting -O0
revealed the problem.
|
|
|
|
|
|
The old function was not used anywhere, and this function uses better
semantics, including not using void ** which gives strict aliasing problems.
Also add a generic password destroy function
|
|
|
|
|
|
We will trap all LDB debug messages and pipe them into our
internal DEBUG() function. LDB FATAL messages will still be
printed by default, WARNING and TRACE functions will be at debug
level 3 and 9, respectively.
|
|
This version should be pointer size agnostic.
Should make this code safe on both 32bit and 64bit.
|
|
|
|
Also fix style, clarify, and simplify some logic.
|
|
|
|
Use tevent signal handling facilities for handlong SIGTERM and SIGINT in the monitor.
Remove pidfile on SIGTERM and SIGINT.
Make sssd single-instance by checking if we suceeded in signaling the process in the pidfile.
|
|
|
|
Now it can load from scratch default configuration that is valid for all
daemons.
First thing, make it possible for each daemon/provider to set its own debug
level in its configuration entry.
|
|
This should help understanding what's going on if the server fails to create a
pid file.
|
|
For some reason we were not testing for HAVE_SETSID in configure therefore the
setsid() function was never called. This failed to set the process group after
the first fork.
Remove ifdef because we depend on setsid() anyway, so if it is not available on
some platform it is better to fail rather then silently succeed but not have the
right process group set up.
|
|
Just make sure that the memory passed in is either static or allocated on the
same memory context that is parent of the btreemap.
|
|
This patch adds support for requesting user data in the sysdb via
the InfoPipe. It currently has support for reading defined entries
of integral, floating-point or string types.
Tasks remaining:
1) Implement call to the provider when cache is out of date
2) Support byte arrays for userpic and similar
I modified sysdb_search_ctx in sysdb_search.c to accept an array of
attributes to pass into the LDB search.
I also made one additional related fix: the btreemap now sorts in the
correct order. Previously I had accidentally transposed the two
values for sorting, so the map would always have been in exact
reverse order.
|
|
|
|
Avoid uninitialized memory messages in valgrind (in _btreemap_get_keys).
Do not free memory we just stored in the btree (in confdb_get_domains_list).
Streamline confdb_get_domains() and remove extra calls when we already have
all the information handy.
Do not store basedn in domain info, the base dn is always calculated out of
the domain name.
Remove the "provider" attribute, it was really used only to distinguish between
LOCAL and other domains, directly check for LOCAL as a special case instead.
|
|
The NSS provider, the Data Provider backends and the InfoPipe all
need access to the domain map provided by the confdb. Instead of
reimplimenting it in multiple places, it is now provided in a pair
of helper functions from the confdb.
confdb_get_domains() returns a domain map by reference. Always
returns the most up-to-date set of domains from the confdb.
confdb_get_domains_list() returns an array of strings of all the
domain names. Always returns the most up-to-date set of domains
from the confdb.
This patch also modifies the btreemap_get_keys() function to
better handle memory and report allocation failures.
|
|
dependencies based on the latest samba code.
Convert all references to the old events library to use the
renamed tevent library.
|
|
CheckPermissions will currently return unrestricted access to the
root user, and no access to any other user. Once we decide on an
ACL mechanism, this will be easy to change.
I have also added very basic tests for the Introspect and
CheckPermissions methods.
|
|
btreemap_new() 2) Fix potentially serious memory allocation error. btreemap now requires a TALLOC_CTX to be passed in for assignment to the top node of the tree. Previously it was creating a new root TALLOC_CTX 3) Add new function btreemap_get_keys that will return a sorted array (newly allocated using talloc_realloc()) of keys (const void *) 4) Change the btreemap to use (const void *) keys instead of (void *)
|
|
throw away databases
Check version and init main db if empty
|
|
|
|
|
|
|
|
btreemap_search_key.
|
|
and caches the result in LDAP.
Still chasing a bug that does not let NSS known that the BE was successful.
This makes NSS timeout the client and not return any results yet.
|