summaryrefslogtreecommitdiff
path: root/src/db
AgeCommit message (Collapse)AuthorFilesLines
2013-07-19Use functionm ldb_dn_get_linearized to format struct ldb_dnLukas Slebodnik1-3/+6
2013-07-09DB: sysdb_search_user_by_name: search by both name and aliasJakub Hrozek1-2/+17
2013-06-28Read mpg state for subdomains from cacheSumit Bose1-5/+19
The mpg flag will be read from the cache for subdomains and the domain object will be created accordingly.
2013-06-28Save mpg state for subdomainsSumit Bose2-4/+33
The information of a subdomain will use magic private groups (mpg) or not will be stored together with other information about the domain in the cache.
2013-06-28Add support for new ipaRangeType attributeSumit Bose2-0/+18
Recent versions of FreeIPA support a range type attribute to allow different type of ranges for sub/trusted-domains. If the attribute is available it will be used, if not the right value is determined with the help of the other idrange attributes. Fixes https://fedorahosted.org/sssd/ticket/1961
2013-06-09DB: Don't add invalid rangesOndrej Kos1-7/+10
https://fedorahosted.org/sssd/ticket/1816 When saving or updating ranges, skip those which are invalid (not provided ipaNTTrustedDomainSID or ipaSecondaryBaseRID, or both provided at the same time)
2013-06-07New utility function sss_get_domain_nameJakub Hrozek1-14/+4
Instead of copying a block of code that checks whether domain is a subdomain and uses only name of FQDN as appropriate, wrap the logic into a function.
2013-06-06Read SIDs of groups with sysdb_initgroups() as wellSumit Bose1-0/+1
2013-05-30Add utility functions for formatting fully-qualified namesJakub Hrozek1-4/+2
Instead of using printf-like functions directly, provide two wrappers that would encapsulate formatting the fully-qualified names. No functional change is present in this patch.
2013-05-20Fixing critical format string issues.Lukas Slebodnik1-1/+2
--missing arguments. --format '%s', but argument is integer. --wrong format string, examle: '%\n'
2013-05-02sysdb: add sysdb_search_object_by_sid()Sumit Bose2-0/+62
The patch add a new sysdb to find objects based on their SID. Currently only the basic attributes needed to map SIDs to POSIX IDs and names are requested, but this list can be extended for future use cases.
2013-04-29Only try to relink ghost users if we're not enumeratingJakub Hrozek1-4/+9
https://fedorahosted.org/sssd/ticket/1893 When SSSD is not enumerating (which is the default), we are trying to link any "ghost" entries with a newly created user entry. However, when enumeration is on, this means a spurious search on adding any user.
2013-03-19Move SELinux processing to provider.Michal Zidek1-107/+0
The SELinux processing was distributed between provider and pam responder which resulted in hard to maintain code. This patch moves the logic to provider. IT ALSO REQUIRES CHANGE IN THE SELINUX POLICY, because the provider also writes the content of selinux login file to disk (which was done by responder before). https://fedorahosted.org/sssd/ticket/1743
2013-03-13Fix initialization of multiple variablesOndrej Kos1-1/+1
2013-03-05Remove the alt_db_path parameter of sysdb_initMichal Zidek2-11/+2
This parameter was never used. https://fedorahosted.org/sssd/ticket/1765
2013-03-04Use SSSD specific errors for offline authSimo Sorce1-8/+9
This prevents reportin false errors when internal functions return a generic EINVAL or EACCES that should just be treated as internal errors.
2013-02-26sysdb: try dealing with binary-content attributesJan Engelhardt2-0/+12
https://fedorahosted.org/sssd/ticket/1818 I have here a LDAP user entry which has this attribute loginAllowedTimeMap:: AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA In the function sysdb_attrs_add_string(), called from sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is the wrong thing to do. The result of strlen is then used to populate the .v_length member of a struct ldb_val - and this will set it to zero in this case. (There is also the problem that there may not be a '\0' at all in the blob.) Subsequently, .v_length being 0 makes ldb_modify(), called from sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End result is that users do not get stored in the sysdb, and programs like `id` or `getent ...` show incomplete information. The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave fine, but that may not mean that is the absolute lower boundary of introduction of the problem.
2013-02-10Introduce IS_SUBDOMAIN() macroSimo Sorce1-2/+2
Fixes https://fedorahosted.org/sssd/ticket/1766
2013-02-10Change the way domains are linked.Simo Sorce2-106/+68
- Use a double-linked list for domains and subdomains. - Never remove a subdomain, simply mark it as disabled if it becomes unused. - Rework the way subdomains are refreshed. Now sysdb_update_subdomains() actually updates the current subdomains and marks as disabled the ones not found in the sysdb or add new ones found. It never removes them. Removal of missing domains from sysdb is deferred to the providers, which will perform it at refresh time, for the ipa provider that is done by ipa_subdomains_write_mappings() now. sysdb_update_subdomains() is then used to update the memory hierarchy of the subdomains. - Removes sysdb_get_subdomains() - Removes copy_subdomain() - Add sysdb_subdomain_delete()
2013-02-10Remove sysdb_subdom completelySimo Sorce2-30/+6
struct sss_domain_info is always used to represent domains now. Adjust tests accordingly.
2013-02-10Add sysdb_subdomain_store() functionSimo Sorce2-37/+103
Replaces sysdb_add_subdomain_attributes and is a public sysdb interface.
2013-02-10Refactor sysdb_master_domain_add_info()Simo Sorce2-27/+22
2013-02-10Update main domain info in placeSimo Sorce2-36/+30
2013-02-10Avoid sysdb_subdom in sysdb_get_subdomains()Simo Sorce2-58/+38
2013-01-23SYSDB: Expire group if adding ghost users fails with EEXISTJakub Hrozek1-2/+36
2013-01-23SYSDB: make the sss_ldb_modify_permissive function publicJakub Hrozek2-2/+11
2013-01-22sudo responder: change num_rules type from size_t to uint32_tPavel Březina2-5/+5
https://fedorahosted.org/sssd/ticket/1779 2^32 should be enough to store sudo rules. size_t type was causing troubles on big endian architectures, because it wasn't used correctly in combination with D-Bus.
2013-01-21LDAP: Compare lists of DNs when saving autofs entriesJakub Hrozek2-9/+31
https://fedorahosted.org/sssd/ticket/1758 The autofs entries do not have the key as an unique identifier, but rather the full (key, value) tuple as some keys have a special meaning, such as the direct mount key (/-) and may be present in a single map multiple times. Comparing the full DN that contains both the key and the value will allow for working updates if either key or value changes.
2013-01-16Tidy up BASE dn macrosSimo Sorce1-4/+4
2013-01-15Stop creating fake sysdb contextsSimo Sorce2-25/+0
Now that the sysdb context does not contain anymore domain related data we can simply stop creating faxe sysdb context and just reference the parent context.
2013-01-15Kill sysdb->domainSimo Sorce3-5/+0
Finally remove this upside-down dependency.
2013-01-15Move mpg flag to the domain where it belongsSimo Sorce5-16/+8
A sysdb contains now multiple domains, but the mpg property is a property of a specific domain not of the underlying database.
2013-01-15Pass the domain to upgrade functionsSimo Sorce3-13/+17
2013-01-15Add domain to some subdomain functionsSimo Sorce2-5/+8
2013-01-15Add domain arguments to sysdb sudo functionsSimo Sorce2-26/+42
2013-01-15Add domain arguments to sysdb ssh functionsSimo Sorce2-8/+20
2013-01-15Add domain arguments to sysdb services functionsSimo Sorce2-20/+34
also fix sysdb_svc_add declarations
2013-01-15Add domain argument to sysdb selinux functionsSimo Sorce2-15/+27
2013-01-15Add domain argument to sysdb autofs functionsSimo Sorce3-16/+34
2013-01-15Add domain arguemnt to sysdb_get_real_name()Simo Sorce2-1/+3
2013-01-15Add domain argument to sysdb_idmap_ funcitonsSimo Sorce2-13/+11
2013-01-15Add domain argument to sysdb_remove_attrs()Simo Sorce4-7/+11
2013-01-15Add domain argument to sysdb_has/set_enumerated()Simo Sorce2-7/+7
2013-01-15Add domain arg to sysdb_search/delete_netgroup()Simo Sorce2-2/+6
2013-01-15Add domain argument to sysdb_delete_group()Simo Sorce3-21/+5
Also remove sysdb_delete_domgroup()
2013-01-15Add domain argument to sysdb_search_groups()Simo Sorce2-2/+5
2013-01-15Add domain argument to sysdb_delete_user()Simo Sorce3-16/+5
Also remove sysdb_delete_domuser()
2013-01-15Add domain arg to sysdb_search_users()Simo Sorce2-1/+3
2013-01-15Add domain to sysdb_delete_customSimo Sorce5-4/+6
2013-01-15Add domain argument to sysdb_search_custom()Simo Sorce5-8/+12
Also changes sysdb_search_custom_by_name()