sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2012-11-22	Fix errors reported by rpmlint	Jan Cholasta	2	-3/+1

2012-11-15	Add ignore_group_members option.	Paul B. Henson	3	-0/+4
	https://fedorahosted.org/sssd/ticket/1376
2012-11-08	SSSDConfig: Locate the force_timeout option in the correct sections	Stephen Gallagher	2	-1/+4

2012-10-30	authconfig: allow chpass_provider = proxy	Pavel Březina	2	-1/+4
	https://fedorahosted.org/sssd/ticket/1611
2012-10-18	Allow setting the default_shell option per-domain as well	Jakub Hrozek	2	-0/+3
	https://fedorahosted.org/sssd/ticket/1583
2012-10-16	Make TTL configurable for dynamic dns updates	James Hogarth	2	-0/+2

2012-10-05	SSH: Expire hosts in known_hosts	Jan Cholasta	2	-0/+2

2012-10-01	Document ldap_chpass_update_last_change	Jakub Hrozek	2	-0/+2
	Add the option to the manual page and the configAPI https://fedorahosted.org/sssd/ticket/1494
2012-10-01	Add new option default_domain_suffix	Sumit Bose	3	-0/+6

2012-08-13	Add autofs-related options to configAPI	Jakub Hrozek	2	-1/+12
	https://fedorahosted.org/sssd/ticket/1478
2012-08-05	SSSDConfig: Fix nonfunctional SSSDDomain.remove_provider()	Stephen Gallagher	2	-0/+10
	Also adds a regression test to the unit test suite. https://fedorahosted.org/sssd/ticket/1388
2012-08-01	Primary server support: new option in AD provider	Jan Zeleny	2	-0/+2
	This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
2012-08-01	Primary server support: new option in IPA provider	Jan Zeleny	2	-0/+2
	This patch adds support for new config option ipa_backup_server. The description of this option's functionality is included in man page in one of previous patches.
2012-08-01	Primary server support: new options in krb5 provider	Jan Zeleny	5	-0/+14
	This patch adds support for new config options krb5_backup_server and krb5_backup_kpasswd. The description of this option's functionality is included in man page in one of previous patches.
2012-08-01	Primary server support: new option in ldap provider	Jan Zeleny	4	-0/+6
	This patch adds support for new config option ldap_backup_uri. The description of this option's functionality is included in man page in previous patch.
2012-07-24	Fix SSSDConfigTest	Jakub Hrozek	1	-1/+2

2012-07-23	add hostid and subdomains sections in sssd-ipa.conf	Pavel Březina	1	-1/+5
	https://fedorahosted.org/sssd/ticket/1368
2012-07-20	NSS: Add override_shell option	Stephen Gallagher	3	-0/+5
	If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087
2012-07-10	pac responder: limit access by checking UIDs	Sumit Bose	3	-2/+11
	A check for allowed UIDs is added in the common responder code directly after accept(). If the platform does not support reading the UID of the peer but allowed UIDs are configured, access is denied. Currently only the PAC responder sets the allowed UIDs for a socket. The default is that only root is allowed to access the socket of the PAC responder. Fixes: https://fedorahosted.org/sssd/ticket/1382
2012-07-06	AD: Add manpages and SSSDConfig entries	Stephen Gallagher	3	-1/+128

2012-07-06	Fix SSSDConfigTest for separate build directories	Sumit Bose	1	-8/+9

2012-06-29	sudo: add host info options	Pavel Březina	2	-0/+10
	Adds some option that allows to manually configure a host filter. ldap_sudo_use_host_filter - if false, we will download all rules regardless their sudoHost attribute ldap_sudo_hostnames - list hostnames and/or fqdn that should be downloaded, separated with spaces ldap_sudo_ip - list of IPv4/6 address and/or network that should be downloaded, separated with spaces ldap_sudo_include_netgroups - include rules that contains netgroup in sudoHost ldap_sudo_include_regexp - include rules that contains regular expression in sudoHost
2012-06-29	sudo: clean up	Pavel Březina	2	-2/+0

2012-06-29	sudo provider: add ldap_sudo_smart_refresh_interval	Pavel Březina	2	-0/+2

2012-06-29	sudo provider: remove old timer	Pavel Březina	2	-4/+0

2012-06-29	sudo provider: add ldap_sudo_full_refresh_interval	Pavel Březina	2	-0/+2

2012-06-29	confdb: add entry_cache_sudo_timeout option	Pavel Březina	3	-0/+4

2012-06-21	Add support for ID ranges	Sumit Bose	2	-0/+2

2012-06-18	Make the client idle timeout configurable	Stephen Gallagher	3	-1/+4

2012-06-13	LDAP: Add ldap_*_use_matching_rule_in_chain options	Stephen Gallagher	3	-0/+7

2012-06-10	Allow fast memcache timeout to be configurable	Jan Zeleny	2	-0/+2
	https://fedorahosted.org/sssd/ticket/1318
2012-06-10	IPA subdomains - ask for information about master domain	Jan Zeleny	2	-0/+2
	The query is performed only if there is missing information in the cache. That means this should be done only once after restart when cache doesn't exist. All subsequent requests for subdomains won't include the request for master domain.
2012-06-05	Fix the default sssd.conf path	Jakub Hrozek	1	-1/+1

2012-05-31	SSSDConfig: Make default config and schema file locations configurable	Stephen Gallagher	2	-7/+7
	https://fedorahosted.org/sssd/ticket/1008
2012-05-31	SSSDConfig: Make SSSDConfig a package	Stephen Gallagher	4	-5/+1
	We were polluting the primary Python space with several dependencies. We will now install them their own directory/module.
2012-05-14	Fix typos in message and man pages.	Yuri Chornoivan	1	-1/+1

2012-05-09	NSS: Add default_shell option	Stephen Gallagher	2	-0/+2
	This option will allow administrators to set a default shell to be used if a user does not have one set in the identity provider. https://fedorahosted.org/sssd/ticket/1289
2012-05-09	NSS: Add fallback_homedir option	Stephen Gallagher	3	-0/+5
	This option is similar to override_homedir, except that it will take effect only for users that do not have an explicit home directory specified in LDAP. https://fedorahosted.org/sssd/ticket/1250
2012-05-04	SSSDConfigAPI: Fix missing option in tests	Stephen Gallagher	1	-0/+2

2012-05-04	Modify behavior of pam_pwd_expiration_warning	Jan Zeleny	1	-0/+1
	New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider.
2012-05-03	LDAP: Map the user's primaryGroupID	Stephen Gallagher	3	-0/+3

2012-05-03	LDAP: Allow setting a default domain for id-mapping slice 0	Stephen Gallagher	3	-0/+6

2012-05-03	LDAP: Add autorid compatibility mode	Stephen Gallagher	3	-0/+3

2012-05-03	LDAP: Add ID mapping range settings	Stephen Gallagher	3	-0/+10

2012-05-03	LDAP: Add id-mapping option	Stephen Gallagher	3	-0/+3

2012-05-03	LDAP: Add objectSID config option	Stephen Gallagher	3	-0/+6

2012-04-24	SSH: Add support for hashed known_hosts	Jan Cholasta	2	-0/+4
	https://fedorahosted.org/sssd/ticket/1203
2012-04-24	IPA: Add get-domains target	Sumit Bose	1	-0/+1

2012-04-24	data provider: added subdomains	Sumit Bose	2	-2/+5

2012-04-24	Responder part of the subdomain retrieval work	Jan Zeleny	1	-0/+2