| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Adds a new option -Z to sss_useradd and sss_usermod. This option allows
user to specify the SELinux login context for the user. On deleting the
user with sss_userdel, the login mapping is deleted, so subsequent
adding of the same user would result in the default login context unless
-Z is specified again.
MLS security is not supported as of this patch.
|
|
Fix whitespace errors
|
|
sss_userdel now warns if the deleted user was logged in at the time of
deletion.
Also adds a new parameter --kick to userdel that kills all user
processes before actually deleting ther user.
Fixes: #229
|
|
- use domain_to_basedn() to construct LDAP search paths for IPA HBAC
- move domain_to_basedn() to a separate file to simplify the build of
a test
|
|
Fixes: #221
|
|
tests/common.c is now required by all tests (check-based and not),
so we need to properly ifdef it
|
|
|
|
|
|
All 'make check' tests will chdir() into this directory before
running the suite. This provides the option of having temporary
files generated in a tmpfs or ramdisk
|
|
Implements a different mechanism for cleanup task. Instead of just
deleting expired entries, this patch adds a new option
account_cache_expiration for domains. If an entry is expired and the last
login was more days in the past that account_cache_expiration, the entry is
deleted.
Groups are deleted if they are expired and and no user references them
(no user has memberof: attribute pointing at that group).
The parameter account_cache_expiration is not LDAP-specific, so that other
future backends might use the same timeout setting.
Fixes: #391
|
|
|
|
Merging ba8937d83675c7d69808d1d3df8f823afdc5ce2a left the COPYING
and COPYING.LESSER files in the now-defunct sss_client directory.
This patch moves them into the right location and fixes the spec
file to look for them correctly.
|
|
|
|
Also update BUILD.txt
|
