sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2012-07-20	SYSDB: Add log message for unexpected LDB errors	Stephen Gallagher	1	-0/+3

2012-07-20	Fix sysdb_search_selinux_usermap_by_username return value	Jakub Hrozek	1	-0/+1
	There was a logic bug in sysdb_search_selinux_usermap_by_username that resulted in returning the value the variable "ret" had after the last call to sysdb_attrs_get_uint32_t, which in cases the last rule processed did not have the requested attributes led to using the default user context.
2012-07-18	Fix uninitialized values	Nick Guay	2	-3/+3
	https://fedorahosted.org/sssd/ticket/1379
2012-07-18	SYSDB: Delete SELinux mappings	Jakub Hrozek	2	-0/+19

2012-07-18	Modify priority evaluation in SELinux user maps	Jan Zeleny	2	-1/+34
	The functionality now is following: When rule is being matched, its priority is determined as a combination of user and host specificity (host taking preference). After the rule is matched in provider, only its host priority is stored in sysdb for later usage. When rules are matched in the responder, their user priority is determined. After that their host priority is retrieved directly from sysdb and sum of both priorities is user to determine whether to use that rule or not. If more rules have the same priority, the order given in IPA config is used. https://fedorahosted.org/sssd/ticket/1360 https://fedorahosted.org/sssd/ticket/1395
2012-07-18	Add function sysdb_attrs_copy_values()	Jan Zeleny	2	-0/+27
	This function copies all values from one sysdb_attrs structure to another
2012-07-10	Cast uid_t to unsigned long long in DEBUG messages	Jakub Hrozek	1	-2/+2

2012-06-29	sudo: clean up	Pavel Březina	2	-212/+0

2012-06-29	sudo sysdb: add expiration time to the filter	Pavel Březina	2	-0/+9

2012-06-29	sysdb: remove sudo_set/get_refreshed	Pavel Březina	2	-63/+0

2012-06-29	sysdb: add getter/setter for last sudo full refresh time	Pavel Březina	2	-0/+147

2012-06-29	sudo sysdb: make sysdb_get_sudo_user_info more configurable	Pavel Březina	1	-25/+35

2012-06-21	Add support for ID ranges	Sumit Bose	2	-0/+384

2012-06-12	SYSDB: Reduce noise level of debug messages in lookups	Stephen Gallagher	1	-6/+8

2012-06-10	IPA subdomains - ask for information about master domain	Jan Zeleny	2	-0/+173
	The query is performed only if there is missing information in the cache. That means this should be done only once after restart when cache doesn't exist. All subsequent requests for subdomains won't include the request for master domain.
2012-06-05	Fix the 0.11 sysdb upgrade	Jakub Hrozek	1	-26/+26
	The block that upgraded the version was at a wrong indentation level, so it never ran if there were no fake users to convert
2012-05-31	Ghost members - sysdb upgrade routine	Jan Zeleny	3	-1/+157
	It is remotely possible to have sysdb in an inconsistent state that might need upgrade. Consider scenario when user asks for group information. Some fake users are added as a part of this operation. Before users can be fully resolved and stored properly, SSSD is shut down and upgrade is performed. In this case we need to go over all fake user records (uidNumber=0) and replace each of them with ghost record in all group objects that are stated in its memberof attribute.
2012-05-31	Ghost members - modifications in sysdb	Jan Zeleny	2	-80/+153
	Deleted sysdb_add_fake_user(): This function is no longer used. Modified sysdb_add_user(): When user object is added to sysdb, it is important to iterate over all groups that might have its name or any of its aliases as ghost member and replace this ghost membership by a real one. This will eliminate duplicite memberships.
2012-05-31	Ghost members - add the ghost attribute to sysdb	Jan Zeleny	1	-0/+2

2012-05-11	SYSDB: Handle user and group renames better	Jakub Hrozek	1	-7/+39
	Fixes a regression in the local domain tools where sss_groupadd no longer detected a GID duplicate. The check for EEXIST is moved one level up into more high level function. The patch also adds the same rename support for users. I found it odd that we allowed a rename of groups but not users. There is a catch when storing a user -- his cached password would be gone. I think that renaming a user is such a rare operation that it's not severe, plus there is a warning in the logs.
2012-05-10	sysdb: return proper error code from sysdb_sudo_purge_all	Jakub Hrozek	1	-1/+1

2012-05-10	SYSDB: Add better error logging to sysdb_set_entry_attr()	Stephen Gallagher	1	-2/+8

2012-05-07	Fix typo in debug message	Pavel Březina	1	-1/+1

2012-05-03	LDAP: Map the user's primaryGroupID	Stephen Gallagher	1	-0/+1

2012-05-03	LDAP: Enable looking up ID-mapped users by name	Stephen Gallagher	1	-0/+1

2012-05-03	SYSDB: Add sysdb routines for ID-mapping	Stephen Gallagher	2	-0/+346

2012-05-03	LDAP: Add objectSID config option	Stephen Gallagher	1	-0/+1

2012-05-03	SYSDB: Handle upgrade script failures better	Stephen Gallagher	1	-4/+13
	There was a bug in finish_upgrade() where it would return EOK if it succeeded in canceling the transaction due to an error. We should instead be returning the original error.
2012-05-02	SYSDB: check return value	Jakub Hrozek	1	-2/+2
	In addition to testing the number of elements, also check the return value of sysdb_attrs_get_el.
2012-05-02	SYSDB: return EOK if empty message is passed into get_rm_msg	Jakub Hrozek	1	-0/+1
	If the code never entered the loop in get_rm_message, we would return arbitrary return value.
2012-05-02	SUDO: Return ret, not EOK	Jakub Hrozek	1	-1/+1
	This patch fixes bad refactoring - the function used to return value directly on error and EOK as the last statement. If was then converted into using goto label, but the last statement was still returning EOK instead of the value it should.
2012-04-24	Sysdb routines for subdomains	Jan Zeleny	3	-81/+617

2012-04-18	Removed unused function sysdb_attrs_users_from_ldb_vals()	Jan Zeleny	2	-51/+0

2012-04-18	Add sysdb_set_service_attr and sysdb_set_autofsmap_attr	Jakub Hrozek	4	-0/+68

2012-03-21	Save alias of the primary name, too	Jakub Hrozek	1	-3/+9

2012-03-16	SYSDB: Save only lowercased aliases in case-insensitive domains	Stephen Gallagher	1	-19/+28
	https://fedorahosted.org/sssd/ticket/1253
2012-03-06	Search netgroups by alias, too	Jakub Hrozek	2	-3/+5
	https://fedorahosted.org/sssd/ticket/1228
2012-02-29	Remove sysdb_get_ctx_from_list()	Sumit Bose	2	-33/+0

2012-02-29	Keep sysdb context in domain info struct	Sumit Bose	2	-0/+89

2012-02-27	SSH: Add more debugging messages	Jan Cholasta	1	-4/+11

2012-02-26	SSH: Save SSH host name aliases	Jan Cholasta	2	-11/+83

2012-02-24	Delete missing attributes from netgroups to be stored	Jan Zeleny	2	-0/+16
	https://fedorahosted.org/sssd/ticket/1136
2012-02-24	IPA hosts refactoring	Jan Zeleny	1	-0/+4

2012-02-21	Don't give memory context in confdb where not needed	Jan Zeleny	1	-3/+3

2012-02-17	Redesign purging of the sudo cache	Pavel Březina	2	-75/+315
	https://fedorahosted.org/sssd/ticket/1173
2012-02-13	Fix uninitialized in_transaction	Stephen Gallagher	1	-1/+1
	Coverity #12521 and #12491
2012-02-10	Improve debug messages in sysdb_sudo_check_time()	Pavel Březina	1	-4/+16

2012-02-07	IPA: Add host info handler	Jan Cholasta	2	-0/+159

2012-02-07	LDAP: Add support for SSH user public keys	Jan Cholasta	1	-0/+2

2012-02-06	SUDO Integration - sysdb_sudo_check_time() fix	Pavel Březina	1	-6/+8